hd.lordseriy.christmas Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hd.lordseriy.christmas/
Submission: On December 26 via api (December 26th 2024, 8:47:41 pm UTC) from US — Scanned from NL

Summary HTTP 421 Redirects Behaviour Indicators

Summary

This website contacted 66 IPs in 9 countries across 68 domains to perform 421 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is hd.lordseriy.christmas.
TLS certificate: Issued by WE1 on December 20th 2024. Valid for: 3 months.

This is the only time hd.lordseriy.christmas was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
66	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	95.181.182.182 95.181.182.182	210756 (EdgeCente...) (EdgeCenterLLC EdgeCenter LLC)
1	95.163.41.54 95.163.41.54	47764 (VK-AS LLC VK) (VK-AS LLC VK)
5 26	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX YA...) (YANDEX YANDEX LLC)
2	80.66.90.75 80.66.90.75	50340 (SELECTEL-...) (SELECTEL-MSK JSC Selectel)
2	2a02:6b8::184 2a02:6b8::184	13238 (YANDEX YA...) (YANDEX YANDEX LLC)
1	2a11:27c0:10:... 2a11:27c0:10::182	210756 (EdgeCente...) (EdgeCenterLLC EdgeCenter LLC)
33	78.140.242.74 78.140.242.74	209974 (AS-ITGLOB...) (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC)
1	37.230.131.76 37.230.131.76	200197 (HYBRID-Po...) (HYBRID-Poland HYBRID ADTECH SP.Z.O.O.)
6	2a02:2d9:3:e::30 2a02:2d9:3:e::30	57304 (RETNRU-AS...) (RETNRU-AS JSC "RetnNet")
1	212.41.28.228 212.41.28.228	49505 (SELECTEL ...) (SELECTEL JSC Selectel)
25	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS LLC VK) (VK-AS LLC VK)
11	5.255.255.77 5.255.255.77	13238 (YANDEX YA...) (YANDEX YANDEX LLC)
1 2	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
9 28	159.69.59.100 159.69.59.100	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
3 4	31.172.81.146 31.172.81.146	44066 (DE-FIRSTC...) (DE-FIRSTCOLO firstcolo GmbH)
1 3	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK Citytelecom LLC)
7 9	188.42.189.197 188.42.189.197	7979 (SERVERS-COM) (SERVERS-COM)
5 11	142.132.138.212 142.132.138.212	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
2 4	193.3.184.211 193.3.184.211	50214 (QWARTA QW...) (QWARTA QWARTA LLC)
8 11	142.132.138.214 142.132.138.214	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
9 9	193.232.150.149 193.232.150.149	48061 (UMA-TECH-...) (UMA-TECH-AS Limited Liability Company GPM Digital Technologies)
1 1	178.170.196.9 178.170.196.9	208677 (CLOUDRU-A...) (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru)
5 7	2a00:ab00:110... 2a00:ab00:1103:3a:45:138:161:70	49505 (SELECTEL ...) (SELECTEL JSC Selectel)
16 17	185.175.47.157 185.175.47.157	50340 (SELECTEL-...) (SELECTEL-MSK JSC Selectel)
15 21	217.199.220.43 217.199.220.43	61400 (NETRACK-A...) (NETRACK-AS Start LLC)
6 6	217.66.147.34 217.66.147.34	29209 (SPBMTS-AS...) (SPBMTS-AS MTS PJSC)
12 12	217.66.147.35 217.66.147.35	29209 (SPBMTS-AS...) (SPBMTS-AS MTS PJSC)
9 9	185.65.149.228 185.65.149.228	51115 (HLL-AS HL...) (HLL-AS HLL LLC)
3 6	2606:4700:20:... 2606:4700:20::681a:7bd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
3 3	46.243.143.249 46.243.143.249	208677 (CLOUDRU-A...) (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru)
3 5	45.139.25.118 45.139.25.118	34959 (PROCLOUD ...) (PROCLOUD KVIKTEL LLC)
3 3	23.109.14.96 23.109.14.96	7979 (SERVERS-COM) (SERVERS-COM)
5 9	185.15.175.144 185.15.175.144	43226 (SAFEDATA ...) (SAFEDATA Data Storage Center JSC)
3 8	172.67.161.189 172.67.161.189	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	167.235.14.51 167.235.14.51	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
2	185.149.242.234 185.149.242.234	49505 (SELECTEL ...) (SELECTEL JSC Selectel)
21	46.148.230.54 46.148.230.54	49505 (SELECTEL ...) (SELECTEL JSC Selectel)
1 1	172.67.140.221 172.67.140.221	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	188.72.107.205 188.72.107.205	208677 (CLOUDRU-A...) (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru)
1	158.160.0.94 158.160.0.94	200350 (YandexClo...) (YandexCloud Yandex.Cloud LLC)
1	213.248.44.211 213.248.44.211	12695 (DINET-AS ...) (DINET-AS LLC Digital Network)
4 4	217.199.220.72 217.199.220.72	61400 (NETRACK-A...) (NETRACK-AS Start LLC)
2	167.235.10.90 167.235.10.90	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
3 4	213.180.193.90 213.180.193.90	13238 (YANDEX YA...) (YANDEX YANDEX LLC)
2 2	178.154.231.214 178.154.231.214	200350 (YandexClo...) (YandexCloud Yandex.Cloud LLC)
11 11	89.108.120.76 89.108.120.76	197695 (AS-REGRU ...) (AS-REGRU "Domain names registrar REG.RU")
2 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET...) (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY)
4 4	93.189.58.218 93.189.58.218	56630 (MELBICOM-...) (MELBICOM-EU-AS Melbikomas UAB)
1 1	188.72.107.156 188.72.107.156	208677 (CLOUDRU-A...) (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru)
1 1	138.201.139.144 138.201.139.144	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1 1	34.248.19.126 34.248.19.126	16509 (AMAZON-02) (AMAZON-02)
2	95.163.52.67 95.163.52.67	47764 (VK-AS LLC VK) (VK-AS LLC VK)
3 3	85.198.116.135 85.198.116.135	29182 (RU-JSCIOT...) (RU-JSCIOT JSC IOT)
2 4	195.209.109.27 195.209.109.27	52007 (ADRIVER L...) (ADRIVER LLC AdRiver)
2	37.230.131.16 37.230.131.16	200197 (HYBRID-Po...) (HYBRID-Poland HYBRID ADTECH SP.Z.O.O.)
1 2	23.105.255.196 23.105.255.196	39134 (UNITEDNET...) (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY)
1	2600:1900:400... 2600:1900:4000:ea00:8000:74:8a0:d2d1	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	87.242.127.163 87.242.127.163	208677 (CLOUDRU-A...) (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru)
5	2a02:2d9:3:e::12 2a02:2d9:3:e::12	57304 (RETNRU-AS...) (RETNRU-AS JSC "RetnNet")
5	151.236.71.248 151.236.71.248	204720 (CDNetwork...) (CDNetworks GLOBAL CLOUD NETWORK LLC)
2	167.235.9.235 167.235.9.235	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
5	2a02:2d9:3:e::32 2a02:2d9:3:e::32	57304 (RETNRU-AS...) (RETNRU-AS JSC "RetnNet")
2 12	2001:6d0:4001... 2001:6d0:4001::226	52016 (ADFACT JS...) (ADFACT JSC ADFACT)
29	87.245.192.100 87.245.192.100	57304 (RETNRU-AS...) (RETNRU-AS JSC "RetnNet")
3	2a00:1148:100... 2a00:1148:1000:101:8:3:0:17	47764 (VK-AS LLC VK) (VK-AS LLC VK)
6	81.19.89.16 81.19.89.16	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS Rambler Internet Holding LLC)
1	94.103.9.201 94.103.9.201	200904 (FOXCLOUD ...) (FOXCLOUD FOXCLOUD LLP)
1	193.3.184.47 193.3.184.47	50214 (QWARTA QW...) (QWARTA QWARTA LLC)
1	212.41.29.35 212.41.29.35	49505 (SELECTEL ...) (SELECTEL JSC Selectel)
1	5.227.125.249 5.227.125.249	39001 (MTS MTS PJSC) (MTS MTS PJSC)
1	2a02:2d9:3:e::31 2a02:2d9:3:e::31	57304 (RETNRU-AS...) (RETNRU-AS JSC "RetnNet")
2	2a02:6b8::1be 2a02:6b8::1be	13238 (YANDEX YA...) (YANDEX YANDEX LLC)
1	193.3.184.43 193.3.184.43	50214 (QWARTA QW...) (QWARTA QWARTA LLC)
1	2a02:6b8:a::a 2a02:6b8:a::a	13238 (YANDEX YA...) (YANDEX YANDEX LLC)
3	5.101.37.37 5.101.37.37	201589 (EdgeAmLLC...) (EdgeAmLLC "EDGEAM" LLC)
2	83.222.14.222 83.222.14.222	25532 (MASTERHOS...) (MASTERHOST-AS LLC "MASTERHOST")
2	195.209.109.11 195.209.109.11	52007 (ADRIVER L...) (ADRIVER LLC AdRiver)
1 1	46.243.172.93 46.243.172.93	208677 (CLOUDRU-A...) (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru)
2 2	2606:4700:20:... 2606:4700:20::681a:f1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	193.106.93.124 193.106.93.124	48614 (ITSOFT-AS...) (ITSOFT-AS ITSOFT LLC)
1 1	80.87.192.36 80.87.192.36	29182 (RU-JSCIOT...) (RU-JSCIOT JSC IOT)
1 2	95.163.92.180 95.163.92.180	12695 (DINET-AS ...) (DINET-AS LLC Digital Network)
1 1	95.163.84.7 95.163.84.7	12695 (DINET-AS ...) (DINET-AS LLC Digital Network)
1 1	83.149.14.208 83.149.14.208	13075 (MEGALABS-...) (MEGALABS-AS PJSC MegaFon)
1 1	2a02:2d8:0:c0... 2a02:2d8:0:c00c::6	9002 (RETN-AS R...) (RETN-AS RETN Limited)
1 1	209.192.201.68 209.192.201.68	7979 (SERVERS-COM) (SERVERS-COM)
8	95.163.41.56 95.163.41.56	47764 (VK-AS LLC VK) (VK-AS LLC VK)
1	65.109.111.89 65.109.111.89	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
2	83.222.105.230 83.222.105.230	42632 (MNOGOBYTE...) (MNOGOBYTE-AS MnogoByte LLC)
18	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX YA...) (YANDEX YANDEX LLC)
421	66

66 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

hd.lordseriy.christmas	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.alfasense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 95.181.182.182 (Perm, Russian Federation)

ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU)

cdn.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.41.54 (Russian Federation)

ASN47764 (VK-AS LLC VK, RU)
PTR: otvet-stor-vip.vk.team

otvet.imgsmail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN13238 (YANDEX YANDEX LLC, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.66.90.75 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK JSC Selectel, RU)

www.vokrug.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::184 (Moscow, Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a11:27c0:10::182 (Russian Federation)

ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU)

cdn.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 78.140.242.74 (Moscow, Russian Federation)

ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stat.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.230.131.76 (Amsterdam, Netherlands)

ASN200197 (HYBRID-Poland HYBRID ADTECH SP.Z.O.O., PL)

ssp.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2d9:3:e::30 (United Kingdom)

ASN57304 (RETNRU-AS JSC "RetnNet", RU)

instreamvideo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.41.28.228 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL JSC Selectel, RU)

nyfeljad.moe.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS LLC VK, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 5.255.255.77 (Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: yandex.ru

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.196.115 (Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 159.69.59.100 (Nuremberg, Germany) 9 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.100.59.69.159.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.172.81.146 (Germany) 3 redirects

ASN44066 (DE-FIRSTCOLO firstcolo GmbH, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.65.2.150 (Moscow, Russian Federation) 1 redirects

ASN3175 (CITYTELECOM-MSK Citytelecom LLC, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 188.42.189.197 (Luxembourg) 7 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.132.138.212 (Falkenstein, Germany) 5 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.212.138.132.142.clients.your-server.de

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.3.184.211 (Russian Federation) 2 redirects

ASN50214 (QWARTA QWARTA LLC, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.132.138.214 (Falkenstein, Germany) 8 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.214.138.132.142.clients.your-server.de

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pxl.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 193.232.150.149 (Russian Federation) 9 redirects

ASN48061 (UMA-TECH-AS Limited Liability Company GPM Digital Technologies, RU)
PTR: smtp4.senders.yappy.one

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.170.196.9 (Russian Federation) 1 redirects

ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU)
PTR: fr14.segmento.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:ab00:1103:3a:45:138:161:70 (Russian Federation) 5 redirects

ASN49505 (SELECTEL JSC Selectel, RU)

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.175.47.157 (Moscow, Russian Federation) 16 redirects

ASN50340 (SELECTEL-MSK JSC Selectel, RU)

sync.opendsp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 217.199.220.43 (Russian Federation) 15 redirects

ASN61400 (NETRACK-AS Start LLC, RU)
PTR: s3.kimberlite.io

kimberlite.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 217.66.147.34 (Russian Federation) 6 redirects

ASN29209 (SPBMTS-AS MTS PJSC, RU)
PTR: host-34-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 217.66.147.35 (Russian Federation) 12 redirects

ASN29209 (SPBMTS-AS MTS PJSC, RU)
PTR: host-35-147-66-217.spbmts.ru

vma.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.65.149.228 (Russian Federation) 9 redirects

ASN51115 (HLL-AS HLL LLC, RU)

cm.a.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5266145921735246031421.cm.a.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8504670341735246031434.cm.a.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9633794231735246031422.cm.a.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:7bd (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.24.218 (Kansas City, United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.243.143.249 (Russian Federation) 3 redirects

ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU)
PTR: fr02.segmento.ru

mts-dsp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
moevideo-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.139.25.118 (Moscow, Russian Federation) 3 redirects

ASN34959 (PROCLOUD KVIKTEL LLC, RU)

ssp.al-adtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.109.14.96 (Netherlands) 3 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.15.175.144 (Russian Federation) 5 redirects

ASN43226 (SAFEDATA Data Storage Center JSC, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.161.189 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

a.adspector.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sdk.adspector.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 167.235.14.51 (Bühl, Germany) 2 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.51.14.235.167.clients.your-server.de

match.ohmy.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.149.242.234 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL JSC Selectel, RU)

cmr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 46.148.230.54 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL JSC Selectel, RU)

rtb.moe.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.140.221 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.lotus-dsp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.72.107.205 (Russian Federation) 1 redirects

ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU)
PTR: fr05.segmento.ru

videotarget-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.160.0.94 (Moscow, Russian Federation)

ASN200350 (YandexCloud Yandex.Cloud LLC, RU)

sync.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.248.44.211 (Reutov, Russian Federation)

ASN12695 (DINET-AS LLC Digital Network, RU)

s.suprion.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.199.220.72 (Russian Federation) 4 redirects

ASN61400 (NETRACK-AS Start LLC, RU)

sync.dsp.solta.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.235.10.90 (Bühl, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.90.10.235.167.clients.your-server.de

sp.ohmy.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.180.193.90 (Russian Federation) 3 redirects

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: bs.yandex.ru

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.154.231.214 (Russian Federation) 2 redirects

ASN200350 (YandexCloud Yandex.Cloud LLC, RU)

redirect-frontend.weborama-tech.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 89.108.120.76 (Russian Federation) 11 redirects

ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.189.58.218 (Moscow, Russian Federation) 4 redirects

ASN56630 (MELBICOM-EU-AS Melbikomas UAB, LT)

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.72.107.156 (Russian Federation) 1 redirects

ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU)
PTR: fr09.segmento.ru

aidata-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.139.144 (Mannheim, Germany) 1 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.144.139.201.138.clients.your-server.de

cm.p.altergeo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.19.126 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-19-126.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS LLC VK, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.198.116.135 (Russian Federation) 3 redirects

ASN29182 (RU-JSCIOT JSC IOT, RU)
PTR: k8s-ingress-2.programmatica.com

sync.programmatica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.209.109.27 (Russian Federation) 2 redirects

ASN52007 (ADRIVER LLC AdRiver, RU)

ev.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.230.131.16 (Amsterdam, Netherlands)

ASN200197 (HYBRID-Poland HYBRID ADTECH SP.Z.O.O., PL)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.105.255.196 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU)

cs.agency2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1900:4000:ea00:8000:74:8a0:d2d1 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

partnerabc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.242.127.163 (Russian Federation)

ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU)

sync.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2d9:3:e::12 (United Kingdom)

ASN57304 (RETNRU-AS JSC "RetnNet", RU)

cdn.instreamvideo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.236.71.248 (Moscow, Russian Federation)

ASN204720 (CDNetworks GLOBAL CLOUD NETWORK LLC, RU)

st.top100.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.235.9.235 (Bühl, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.235.9.235.167.clients.your-server.de

sp.ohmy.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2d9:3:e::32 (United Kingdom)

ASN57304 (RETNRU-AS JSC "RetnNet", RU)

inplayer.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2001:6d0:4001::226 (Russian Federation) 2 redirects

ASN52016 (ADFACT JSC ADFACT, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 87.245.192.100 (Russian Federation)

ASN57304 (RETNRU-AS JSC "RetnNet", RU)
PTR: serv30.mt.viaprog.eu

instreamvideo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mediatoday.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1148:1000:101:8:3:0:17 (Russian Federation)

ASN47764 (VK-AS LLC VK, RU)

privacy-cs.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 81.19.89.16 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS Rambler Internet Holding LLC, RU)
PTR: kraken.rambler.ru

kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.103.9.201 (Amsterdam, Netherlands)

ASN200904 (FOXCLOUD FOXCLOUD LLP, GB)
PTR: h201-nl9.fcsrv.net

vast.ufouxbwn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.3.184.47 (Russian Federation)

ASN50214 (QWARTA QWARTA LLC, RU)

cdn-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.41.29.35 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL JSC Selectel, RU)

ad.moe.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.227.125.249 (Russian Federation)

ASN39001 (MTS MTS PJSC, RU)

dsp.tigra.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2d9:3:e::31 (United Kingdom)

ASN57304 (RETNRU-AS JSC "RetnNet", RU)

catsnetwork.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::1be (Moscow, Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.3.184.43 (Russian Federation)

ASN50214 (QWARTA QWARTA LLC, RU)

cdnrtbsape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.101.37.37 (Armenia)

ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM)

cdn1.moe.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.moe.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 83.222.14.222 (Russian Federation)

ASN25532 (MASTERHOST-AS LLC "MASTERHOST", RU)

content.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.109.11 (Russian Federation)

ASN52007 (ADRIVER LLC AdRiver, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.243.172.93 (Russian Federation) 1 redirects

ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU)
PTR: fr17.segmento.ru

solta-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:f1c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

sync.adspend.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.106.93.124 (Russian Federation) 1 redirects

ASN48614 (ITSOFT-AS ITSOFT LLC, RU)

prodmp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.87.192.36 (Russian Federation) 1 redirects

ASN29182 (RU-JSCIOT JSC IOT, RU)
PTR: sync12.stbid.ru

1010--ce62c442-7970-477b-b74e-9fa906abdf48.stbid.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.163.92.180 (Russian Federation) 1 redirects

ASN12695 (DINET-AS LLC Digital Network, RU)

match.qtarget.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.84.7 (Russian Federation) 1 redirects

ASN12695 (DINET-AS LLC Digital Network, RU)

const.uno	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 83.149.14.208 (Russian Federation) 1 redirects

ASN13075 (MEGALABS-AS PJSC MegaFon, RU)

matching.mobilebanner.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2d8:0:c00c::6 (United Kingdom) 1 redirects

ASN9002 (RETN-AS RETN Limited, GB)

otclick-adv.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.192.201.68 (United States) 1 redirects

ASN7979 (SERVERS-COM, US)

sync.techdsp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.163.41.56 (Russian Federation)

ASN47764 (VK-AS LLC VK, RU)
PTR: r.mail.ru

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.109.111.89 (Helsinki, Finland)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.89.111.109.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 83.222.105.230 (Russian Federation)

ASN42632 (MNOGOBYTE-AS MnogoByte LLC, RU)

bid.adx.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	lordseriy.christmas hd.lordseriy.christmas	4 MB
49	adlook.me cdn.adlook.me — Cisco Umbrella Rank: 155897 ads.adlook.me — Cisco Umbrella Rank: 14635 stat.adlook.me — Cisco Umbrella Rank: 167292	182 KB
38	mail.ru ad.mail.ru — Cisco Umbrella Rank: 13983 top-fwz1.mail.ru — Cisco Umbrella Rank: 12299 privacy-cs.mail.ru — Cisco Umbrella Rank: 19161	117 KB
37	instreamvideo.ru instreamvideo.ru — Cisco Umbrella Rank: 114176 cdn.instreamvideo.ru — Cisco Umbrella Rank: 229807	84 KB
29	otm-r.com 9 redirects sync.dmp.otm-r.com — Cisco Umbrella Rank: 32479 sync.otm-r.com — Cisco Umbrella Rank: 125858	11 KB
27	mts.ru 27 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 37631 vma.mts.ru — Cisco Umbrella Rank: 40779 cm.a.mts.ru — Cisco Umbrella Rank: 35327 5266145921735246031421.cm.a.mts.ru 8504670341735246031434.cm.a.mts.ru 9633794231735246031422.cm.a.mts.ru	16 KB
26	moe.video nyfeljad.moe.video — Cisco Umbrella Rank: 545489 rtb.moe.video — Cisco Umbrella Rank: 130299 ad.moe.video — Cisco Umbrella Rank: 166058 cdn1.moe.video — Cisco Umbrella Rank: 134585 cdn3.moe.video	98 KB
22	acint.net 13 redirects www.acint.net — Cisco Umbrella Rank: 34249 acint.net — Cisco Umbrella Rank: 25938 mc.acint.net — Cisco Umbrella Rank: 51277 pxl.acint.net — Cisco Umbrella Rank: 128656	30 KB
21	kimberlite.io 15 redirects kimberlite.io — Cisco Umbrella Rank: 36572	12 KB
21	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9443	5 KB
21	yandex.ru 5 redirects mc.yandex.ru — Cisco Umbrella Rank: 4577 yandex.ru — Cisco Umbrella Rank: 1488 an.yandex.ru — Cisco Umbrella Rank: 2611	190 KB
18	yastatic.net yastatic.net — Cisco Umbrella Rank: 7444 Failed	197 KB
17	opendsp.ru 16 redirects sync.opendsp.ru — Cisco Umbrella Rank: 55170	4 KB
12	tns-counter.ru 2 redirects www.tns-counter.ru — Cisco Umbrella Rank: 10978	5 KB
11	aidata.io 11 redirects x01.aidata.io — Cisco Umbrella Rank: 10687	6 KB
11	betweendigital.com 8 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2167	5 KB
9	digitaltarget.ru 5 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 27825	5 KB
9	adhigh.net 9 redirects px.adhigh.net — Cisco Umbrella Rank: 14137	4 KB
8	rambler.ru sync.rambler.ru — Cisco Umbrella Rank: 43310 kraken.rambler.ru — Cisco Umbrella Rank: 50537	4 KB
8	adriver.ru 2 redirects ev.adriver.ru — Cisco Umbrella Rank: 39203 content.adriver.ru — Cisco Umbrella Rank: 40751 ad.adriver.ru — Cisco Umbrella Rank: 26126	50 KB
8	ohmy.bid 2 redirects match.ohmy.bid — Cisco Umbrella Rank: 64370 sp.ohmy.bid — Cisco Umbrella Rank: 106901	1 KB
8	adspector.io 3 redirects a.adspector.io — Cisco Umbrella Rank: 76035 sdk.adspector.io — Cisco Umbrella Rank: 239870	52 KB
7	buzzoola.com 5 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 22890	2 KB
7	rutarget.ru 7 redirects sape-sync.rutarget.ru — Cisco Umbrella Rank: 91693 mts-dsp-sync.rutarget.ru — Cisco Umbrella Rank: 95314 videotarget-sync.rutarget.ru — Cisco Umbrella Rank: 138598 aidata-sync.rutarget.ru — Cisco Umbrella Rank: 559038 moevideo-sync.rutarget.ru — Cisco Umbrella Rank: 820357 solta-sync.rutarget.ru — Cisco Umbrella Rank: 128762	3 KB
6	utraff.com 3 redirects a.utraff.com — Cisco Umbrella Rank: 47708	4 KB
5	inplayer.ru inplayer.ru — Cisco Umbrella Rank: 255771	2 KB
5	top100.ru st.top100.ru — Cisco Umbrella Rank: 63217	40 KB
5	al-adtech.com 3 redirects ssp.al-adtech.com — Cisco Umbrella Rank: 38424	1 KB
5	weborama.fr 5 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 11312	648 B
5	sape.ru 2 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 29813 cdn-rtb.sape.ru — Cisco Umbrella Rank: 99602	3 KB
4	upravel.com 4 redirects sync.upravel.com — Cisco Umbrella Rank: 45467	2 KB
4	solta.io 4 redirects sync.dsp.solta.io — Cisco Umbrella Rank: 66612	966 B
4	bumlam.com 3 redirects sync.bumlam.com — Cisco Umbrella Rank: 4687	3 KB
3	mediatoday.ru mediatoday.ru — Cisco Umbrella Rank: 96969	2 KB
3	programmatica.com 3 redirects sync.programmatica.com — Cisco Umbrella Rank: 70653	678 B
3	gonet-ads.com 3 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 47107	950 B
3	new-programmatic.com 1 redirects match.new-programmatic.com — Cisco Umbrella Rank: 44162	684 B
3	hybrid.ai ssp.hybrid.ai — Cisco Umbrella Rank: 14643 dm-eu.hybrid.ai — Cisco Umbrella Rank: 9774	503 B
2	qtarget.tech 1 redirects match.qtarget.tech — Cisco Umbrella Rank: 102427	311 B
2	adspend.space 2 redirects sync.adspend.space — Cisco Umbrella Rank: 61847	3 KB
2	adfox.ru ads.adfox.ru — Cisco Umbrella Rank: 12453	248 B
2	agency2.ru 1 redirects cs.agency2.ru — Cisco Umbrella Rank: 138017	1 KB
2	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 15372	925 B
2	weborama-tech.ru 2 redirects redirect-frontend.weborama-tech.ru — Cisco Umbrella Rank: 83644	899 B
2	com.ru rtb.com.ru Failed bid.adx.com.ru — Cisco Umbrella Rank: 63252	235 B
2	bidderstack.com cmr.bidderstack.com — Cisco Umbrella Rank: 49291	548 B
2	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 8731	891 KB
2	vokrug.tv www.vokrug.tv	40 KB
1	bidvol.com ssp.bidvol.com — Cisco Umbrella Rank: 48458	503 B
1	techdsp.ru 1 redirects sync.techdsp.ru — Cisco Umbrella Rank: 812111	284 B
1	otclick-adv.ru 1 redirects otclick-adv.ru — Cisco Umbrella Rank: 70920	590 B
1	mobilebanner.ru 1 redirects matching.mobilebanner.ru — Cisco Umbrella Rank: 259768	253 B
1	const.uno 1 redirects const.uno — Cisco Umbrella Rank: 96932	303 B
1	stbid.ru 1 redirects 1010--ce62c442-7970-477b-b74e-9fa906abdf48.stbid.ru	218 B
1	prodmp.ru 1 redirects prodmp.ru — Cisco Umbrella Rank: 82263	641 B
1	cdnrtbsape.ru cdnrtbsape.ru — Cisco Umbrella Rank: 157907	46 KB
1	catsnetwork.ru catsnetwork.ru — Cisco Umbrella Rank: 163906	493 B
1	tigra.dev dsp.tigra.dev — Cisco Umbrella Rank: 291127	804 B
1	ufouxbwn.com vast.ufouxbwn.com — Cisco Umbrella Rank: 141938	552 B
1	partnerabc.com partnerabc.com — Cisco Umbrella Rank: 462269	38 B
1	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 961	185 B
1	altergeo.ru 1 redirects cm.p.altergeo.ru — Cisco Umbrella Rank: 132297	549 B
1	suprion.ru s.suprion.ru — Cisco Umbrella Rank: 121852	252 B
1	lotus-dsp.ru 1 redirects a.lotus-dsp.ru — Cisco Umbrella Rank: 112183	847 B
1	alfasense.com cs.alfasense.com — Cisco Umbrella Rank: 112932	968 B
1	imgsmail.ru otvet.imgsmail.ru — Cisco Umbrella Rank: 305735	732 KB
0	beeline.ru Failed 7452824949490489945-otm.ops.beeline.ru Failed
0	Failed function sub() { [native code] }. Failed
421	68

	Domain	Requested by
65	hd.lordseriy.christmas	hd.lordseriy.christmas
33	ad.mail.ru	cdn.adlook.me cdn.instreamvideo.ru cdn1.moe.video hd.lordseriy.christmas ad.mail.ru
32	instreamvideo.ru	cdn.adlook.me cdn.instreamvideo.ru
28	sync.dmp.otm-r.com	9 redirects
27	stat.adlook.me
21	rtb.moe.video	hd.lordseriy.christmas
21	kimberlite.io	15 redirects hd.lordseriy.christmas cdn1.moe.video
21	mc.yandex.com	3 redirects hd.lordseriy.christmas mc.yandex.ru
18	yastatic.net	yandex.ru
17	sync.opendsp.ru	16 redirects
16	cdn.adlook.me	hd.lordseriy.christmas cdn.adlook.me
12	www.tns-counter.ru	2 redirects cdn.instreamvideo.ru
12	vma.mts.ru	12 redirects
12	www.acint.net	5 redirects cdnrtbsape.ru www.acint.net hd.lordseriy.christmas
12	yandex.ru	cdn.adlook.me cdn.instreamvideo.ru ad.mail.ru yandex.ru
11	x01.aidata.io	11 redirects
11	ads.betweendigital.com	8 redirects cdn.adlook.me hd.lordseriy.christmas
9	dmg.digitaltarget.ru	5 redirects
9	px.adhigh.net	9 redirects
7	exchange.buzzoola.com	5 redirects
6	kraken.rambler.ru
6	a.adspector.io	3 redirects sdk.adspector.io
6	a.utraff.com	3 redirects
6	cm.a.mts.ru	6 redirects
6	sm.rtb.mts.ru	6 redirects
6	ads.adlook.me	cdn.adlook.me
5	inplayer.ru	cdn.instreamvideo.ru
5	st.top100.ru	cdn.instreamvideo.ru
5	cdn.instreamvideo.ru	cdn.adlook.me
5	ssp.al-adtech.com	3 redirects cdn1.moe.video
5	redirect.frontend.weborama.fr	5 redirects
5	mc.acint.net	4 redirects cdnrtbsape.ru
5	mc.yandex.ru	2 redirects hd.lordseriy.christmas yandex.ru
4	ev.adriver.ru	2 redirects hd.lordseriy.christmas
4	sync.upravel.com	4 redirects
4	an.yandex.ru	3 redirects
4	sp.ohmy.bid	cdn.instreamvideo.ru
4	sync.dsp.solta.io	4 redirects
4	match.ohmy.bid	2 redirects
4	acint.net	4 redirects
4	ssp-rtb.sape.ru	2 redirects cdnrtbsape.ru
4	sync.bumlam.com	3 redirects
3	mediatoday.ru	cdn.instreamvideo.ru
3	privacy-cs.mail.ru	ad.mail.ru
3	sync.programmatica.com	3 redirects
3	sync.gonet-ads.com	3 redirects
3	match.new-programmatic.com	1 redirects
2	bid.adx.com.ru	cdn1.moe.video
2	sdk.adspector.io	cdn1.moe.video cdn3.moe.video
2	match.qtarget.tech	1 redirects hd.lordseriy.christmas
2	sync.adspend.space	2 redirects
2	ad.adriver.ru	content.adriver.ru cdn1.moe.video
2	content.adriver.ru	cdn1.moe.video
2	cdn1.moe.video	cdn.instreamvideo.ru cdn.adlook.me
2	ads.adfox.ru
2	sync.rambler.ru	cdn1.moe.video
2	cs.agency2.ru	1 redirects
2	dm-eu.hybrid.ai	cdn1.moe.video
2	top-fwz1.mail.ru	hd.lordseriy.christmas
2	counter.yadro.ru	2 redirects
2	redirect-frontend.weborama-tech.ru	2 redirects
2	cmr.bidderstack.com
2	mts-dsp-sync.rutarget.ru	2 redirects
2	avatars.mds.yandex.net	hd.lordseriy.christmas
2	www.vokrug.tv	hd.lordseriy.christmas
1	cdn3.moe.video	cdn1.moe.video
1	ssp.bidvol.com	cdn1.moe.video
1	sync.techdsp.ru	1 redirects
1	otclick-adv.ru	1 redirects
1	matching.mobilebanner.ru	1 redirects
1	const.uno	1 redirects
1	1010--ce62c442-7970-477b-b74e-9fa906abdf48.stbid.ru	1 redirects
1	prodmp.ru	1 redirects
1	solta-sync.rutarget.ru	1 redirects
1	moevideo-sync.rutarget.ru	1 redirects
1	pxl.acint.net	hd.lordseriy.christmas
1	cdnrtbsape.ru	cdn.instreamvideo.ru
1	catsnetwork.ru	cdn.instreamvideo.ru
1	dsp.tigra.dev	cdn.instreamvideo.ru
1	ad.moe.video	cdn.instreamvideo.ru
1	cdn-rtb.sape.ru	cdn.instreamvideo.ru
1	vast.ufouxbwn.com	cdn.instreamvideo.ru
1	partnerabc.com
1	9633794231735246031422.cm.a.mts.ru	1 redirects
1	sync.crwdcntrl.net	1 redirects
1	cm.p.altergeo.ru	1 redirects
1	aidata-sync.rutarget.ru	1 redirects
1	s.suprion.ru
1	sync.otm-r.com
1	videotarget-sync.rutarget.ru	1 redirects
1	a.lotus-dsp.ru	1 redirects
1	cs.alfasense.com
1	8504670341735246031434.cm.a.mts.ru	1 redirects
1	5266145921735246031421.cm.a.mts.ru	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	nyfeljad.moe.video	cdn.adlook.me
1	ssp.hybrid.ai	cdn.adlook.me
1	otvet.imgsmail.ru	hd.lordseriy.christmas
0	7452824949490489945-otm.ops.beeline.ru Failed
0	rtb.com.ru Failed
0	gomatching.gomatching-54-prod.svc.cluster.local Failed
421	101

This site contains no links.

Subject Issuer	Validity	Valid
lordseriy.christmas WE1	`2024-12-20` - `2025-03-20`	3 months	crt.sh
*.adlook.me GlobalSign GCC R3 DV TLS CA 2020	`2024-06-28` - `2025-07-30`	a year	crt.sh
*.mail.ru GlobalSign RSA OV SSL CA 2018	`2024-03-04` - `2025-04-05`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-10-20` - `2025-04-01`	5 months	crt.sh
www.vokrug.tv R11	`2024-11-17` - `2025-02-15`	3 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2024-09-27` - `2025-04-29`	7 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2024-09-04` - `2025-10-05`	a year	crt.sh
instreamvideo.ru R10	`2024-11-17` - `2025-02-15`	3 months	crt.sh
*.moe.video AlphaSSL CA - SHA256 - G4	`2024-01-17` - `2025-02-17`	a year	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2024-12-04` - `2025-06-03`	6 months	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-07` - `2025-02-12`	a year	crt.sh
ad.ad-blast.ru R10	`2024-09-30` - `2024-12-29`	3 months	crt.sh
adspector.io WE1	`2024-11-22` - `2025-02-20`	3 months	crt.sh
match.ohmy.bid R11	`2024-11-18` - `2025-02-16`	3 months	crt.sh
*.bidderstack.com GlobalSign GCC R6 AlphaSSL CA 2023	`2024-12-13` - `2026-01-14`	a year	crt.sh
alfasense.com WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
utraff.com WE1	`2024-11-28` - `2025-02-26`	3 months	crt.sh
*.otm-r.com GlobalSign GCC R6 AlphaSSL CA 2023	`2024-06-29` - `2025-07-31`	a year	crt.sh
*.suprion.ru GlobalSign GCC R3 DV TLS CA 2020	`2024-05-30` - `2025-07-01`	a year	crt.sh
sp.ohmy.bid R11	`2024-11-18` - `2025-02-16`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-08-27` - `2025-02-25`	6 months	crt.sh
*.opendsp.ru GlobalSign GCC R6 AlphaSSL CA 2023	`2024-07-31` - `2025-09-01`	a year	crt.sh
*.agency2.ru GlobalSign GCC R3 DV TLS CA 2020	`2024-07-25` - `2025-08-26`	a year	crt.sh
*.digitaltarget.ru E6	`2024-12-05` - `2025-03-05`	3 months	crt.sh
*.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2024-05-02` - `2025-06-03`	a year	crt.sh
*.top100.ru GlobalSign GCC R3 DV TLS CA 2020	`2024-02-14` - `2025-03-17`	a year	crt.sh
inplayer.ru R10	`2024-11-17` - `2025-02-15`	3 months	crt.sh
vast.ufouxbwn.com E5	`2024-12-22` - `2025-03-22`	3 months	crt.sh
mediatoday.ru R11	`2024-11-17` - `2025-02-15`	3 months	crt.sh
*.sape.ru R11	`2024-12-12` - `2025-03-12`	3 months	crt.sh
dsp.tigra.dev R11	`2024-11-23` - `2025-02-21`	3 months	crt.sh
catsnetwork.ru R11	`2024-10-26` - `2025-01-24`	3 months	crt.sh
*.adfox.ru GlobalSign RSA OV SSL CA 2018	`2024-11-14` - `2025-04-26`	5 months	crt.sh
*.cdnrtbsape.ru R11	`2024-11-06` - `2025-02-04`	3 months	crt.sh
*.acint.net E6	`2024-11-21` - `2025-02-19`	3 months	crt.sh
cdn1.moe.video E5	`2024-12-21` - `2025-03-21`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2024-03-12` - `2025-04-13`	a year	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2024-12-18` - `2026-01-19`	a year	crt.sh
*.kimberlite.io GlobalSign GCC R6 AlphaSSL CA 2023	`2024-02-29` - `2025-04-01`	a year	crt.sh
ssp.bidvol.com E6	`2024-10-06` - `2025-01-04`	3 months	crt.sh
*.adx.com.ru GlobalSign GCC R6 AlphaSSL CA 2023	`2024-06-05` - `2025-07-07`	a year	crt.sh
*.al-adtech.com E6	`2024-11-21` - `2025-02-19`	3 months	crt.sh
cdn3.moe.video E5	`2024-12-05` - `2025-03-05`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2024-07-09` - `2025-02-08`	7 months	crt.sh

This page contains 29 frames:

Primary Page: https://hd.lordseriy.christmas/
Frame ID: A16276CCCF97A56FF00BFDF4F16F552A
Requests: 206 HTTP requests in this frame

Frame: https://cdn.adlook.me/u/cds.html
Frame ID: 846504FBFC10824B51D767B9B7AC8936
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: E3E2F8335ABD7AD2999BEE947D4E5F59
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe?country=RU&p=42122&crf=1&rts=-6263180332745787803
Frame ID: 37A108D34E7D605ADC24334FFE01197F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Frame ID: B743AA7BD99FB246C3F0AA28EAD43395
Requests: 43 HTTP requests in this frame

Frame: https://sp.ohmy.bid/cmf?0.21565431461084072
Frame ID: 66782832F3A6A4C11FAAB9DC916E10EF
Requests: 1 HTTP requests in this frame

Frame: https://cdnrtbsape.ru/js/vast/vpaid-ssp.min.js
Frame ID: EC3B34F0AA9C75EBBD1305F56F151CB8
Requests: 10 HTTP requests in this frame

Frame: https://mc.acint.net/mc/?dp=131&aid=0400007FCEC06D675305E56C02F09BCD
Frame ID: 9E55BD5D7061009C36EFF62B82911F4A
Requests: 1 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=14&aid=0400007FCEC06D675305E56C02F09BCD
Frame ID: FF7A522CC0955D696DB639AD787A9C38
Requests: 1 HTTP requests in this frame

Frame: https://cdn1.moe.video/player/mvplayer.min.js
Frame ID: 2EE3B04DC34291E22F3EC1D0D1AB4337
Requests: 39 HTTP requests in this frame

Frame: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Frame ID: 8C13915AFFAEFE615DB4177B2C94E4BB
Requests: 8 HTTP requests in this frame

Frame: https://sp.ohmy.bid/cmf?0.027435386337030243
Frame ID: 3ADD8141C3B59BE2038F03BD28214074
Requests: 1 HTTP requests in this frame

Frame: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Frame ID: 69E827C3F9DAB9D7268D3D4F8E5640C8
Requests: 10 HTTP requests in this frame

Frame: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Frame ID: E29EC7EC475540398D9D55B4E434253A
Requests: 10 HTTP requests in this frame

Frame: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Frame ID: C66EF717A918164CCC88255613785436
Requests: 8 HTTP requests in this frame

Frame: https://cdn1.moe.video/player/mvplayer.min.js
Frame ID: 355F3F41C8384A8989F1F82035B3170D
Requests: 16 HTTP requests in this frame

Frame: https://cdn3.moe.video/adspector/wrapper.vpaid.js
Frame ID: FD58AA5FE7056A2283FE9C94D2C69026
Requests: 3 HTTP requests in this frame

Frame: https://cdn.adlook.me/js/vdisp-vk.js
Frame ID: 76DBDA672EE67C8FB0D41236F49470B7
Requests: 1 HTTP requests in this frame

Frame: https://ad.mail.ru/static/sync-loader.js
Frame ID: 3241ABC6FA98083D8845F58A7DDB5B78
Requests: 7 HTTP requests in this frame

Frame: https://cdn.adlook.me/js/vdisp-vk.js
Frame ID: 314419D61F940C51ADAE793EC53CB0C1
Requests: 1 HTTP requests in this frame

Frame: https://ad.mail.ru/static/sync-loader.js
Frame ID: EFD7624005A22839DA9EB4CCEA5D4C10
Requests: 8 HTTP requests in this frame

Frame: https://cdn.adlook.me/js/vdisp.js
Frame ID: BF63E9C98ECC42A9A4DC5662D16AD9F5
Requests: 1 HTTP requests in this frame

Frame: https://yandex.ru/ads/system/context.js
Frame ID: 457DEE4596C14F9C2E61C6D6B883F55B
Requests: 9 HTTP requests in this frame

Frame: https://cdn.adlook.me/js/vdisp.js
Frame ID: 17C10A2FDF3CF654C66C8A61BBF6F405
Requests: 1 HTTP requests in this frame

Frame: https://yandex.ru/ads/system/context.js
Frame ID: 425ECDF9C054ADB8381B9359A66E7454
Requests: 9 HTTP requests in this frame

Frame: https://cdn.adlook.me/js/vdisp.js
Frame ID: 4FFBEB02CC3B547B24C847D94F6956B6
Requests: 1 HTTP requests in this frame

Frame: https://yandex.ru/ads/system/context.js
Frame ID: 716618602B1BAFE0FFECB0366F9E27E1
Requests: 10 HTTP requests in this frame

Frame: https://cdn.adlook.me/js/vdisp.js
Frame ID: 2C3CD98A453710C856C5BC017BABF625
Requests: 1 HTTP requests in this frame

Frame: https://yandex.ru/ads/system/context.js
Frame ID: 6BCFFD6C1E2A765B034D418ABD79427F
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ЛордСериал - сериалы смотреть в хорошем качестве бесплатно, без рекламы

Detected technologies

AdRiver (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

421
Requests

78 %
HTTPS

20 %
IPv6

68
Domains

101
Subdomains

66
IPs

9
Countries

6956 kB
Transfer

14545 kB
Size

163
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10606.6ZHs54mTonVueA3dVGnr5hVTjoCcCLtJF7hdfoCrIL0iapSSFGxD69vAcBe0YBcZ.UcOS2FTiR-r4oH3xhVDoln_cdOs%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10606.S6W7jkxHzWC_n80VjusTeckBgPCXZBdGsOWwI6FpDGYZWD1-rps2clseBSHHevhEh4Jl6zOEZy2nhNyaDVakP-4f0QGs_UaZ8U0Wod-x1gTWLUIR6gNXDsNXiNN8l0R6BMYzRIBtiv1NXQuIrT1XrepkmJhj8eduDYmwJWwUmqb4KQ_CF_Z5voBpz4RjuFqXcewL7S2F5rRFlP94nQMs0qRLIx74ZzwioniLjDce_Es%2C.2mO3kIUQJJLup1B7SyQnqk2SUBA%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10606.nIuuxSBcMBAXqpgg7UzQuSd_KO3n5yM6ZHt2XpFDBt7POKht0Fc-x-qKrvWOs9VeT9vrcm4uNL3LMyy9T-5DutXMd7MraztOWD0GsLQ-6-NGT-R5CyWWjdbnUIgRO0_CtAy7cWT7mBYNazr4n_ZSxcKJ3a5cpbkV5hrkdJ94wtCTSie7uVU9d_NkiqYf20Y11WQ1AiBTYLqon2z6pr3fUQ%2C%2C.qwvXTUsk1ngVqMXS1sT15-X6ZO0%2C

Request Chain 75

https://mc.yandex.com/watch/99270249?wmode=7&page-url=https%3A%2F%2Fhd.lordseriy.christmas%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A794929952921%3Ahid%3A80971784%3Az%3A60%3Ai%3A20241226214710%3Aet%3A1735246030%3Ac%3A1%3Arn%3A189954214%3Arqn%3A1%3Au%3A1735246030519732062%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A630%3Awv%3A2%3Ads%3A36%2C26%2C305%2C18%2C0%2C0%2C%2C171%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1735246029340%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1735246031%3At%3A%D0%9B%D0%BE%D1%80%D0%B4%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20-%20%D1%81%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B2%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B5%D0%BC%20%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009092)ti(1) HTTP 302
https://mc.yandex.com/watch/99270249/1?wmode=7&page-url=https%3A%2F%2Fhd.lordseriy.christmas%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A794929952921%3Ahid%3A80971784%3Az%3A60%3Ai%3A20241226214710%3Aet%3A1735246030%3Ac%3A1%3Arn%3A189954214%3Arqn%3A1%3Au%3A1735246030519732062%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A630%3Awv%3A2%3Ads%3A36%2C26%2C305%2C18%2C0%2C0%2C%2C171%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1735246029340%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1735246031%3At%3A%D0%9B%D0%BE%D1%80%D0%B4%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20-%20%D1%81%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B2%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B5%D0%BC%20%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29

Request Chain 92

https://mc.yandex.ru/watch/85660012 HTTP 302
https://mc.yandex.ru/watch/85660012/1

Request Chain 93

https://ads.betweendigital.com/sspmatch-iframe?country=RU&p=42122 HTTP 302
https://ads.betweendigital.com/sspmatch-iframe?country=RU&p=42122&crf=1&rts=-6263180332745787803

Request Chain 94

https://sync.dmp.otm-r.com/match/aotm.js HTTP 302
https://sync.dmp.otm-r.com/match/aotm.js?otcm_check=1735246030

Request Chain 95

https://sync.bumlam.com/?src=adlook&uid=02858148e65c4fe2b8e1b07dc3891da5 HTTP 302
https://sync.bumlam.com/?src=adlook&s_data=CAIQARjOgbe7BmIgMDI4NTgxNDhlNjVjNGZlMmI4ZTFiMDdkYzM4OTFkYTWiARCUMNgGw8oR74bgACWQwGR8

Request Chain 97

https://ads.betweendigital.com/match?bidder_id=42122&callback_url=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dbtw%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=42122&callback_url=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dbtw%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=5726549479194430119 HTTP 302
https://ads.adlook.me/csync?pid=btw&uid=9165ef9a-67e1-5269-b9cd-53c0dea0930e

Request Chain 98

https://www.acint.net/rmatch?dp=110&r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://www.acint.net/rmatch?r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D$%7BUSER_ID%7D&dp=110&tc=1 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fads.adlook.me%252Fcsync%253Fpid%253Dsape%2526uid%253D$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=2C03420ACFC06D67FC00615B02485006&r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D$%7BUSER_ID%7D HTTP 302
https://ads.adlook.me/csync?pid=sape&uid=0400007FCEC06D675305E56C02F09BCD

Request Chain 99

https://acint.net/cmatch/?dp=14&pi=1612784 HTTP 302
https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D14 HTTP 302
https://acint.net/rmatch?dp=14&euid=2B03420ACFC06D67CA00FA7B02BD4706&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D14 HTTP 302
https://mc.acint.net/cmatch?dp=14 HTTP 302
https://px.adhigh.net/p/cm/sape?u=0400007FCEC06D675305E56C02F09BCD HTTP 302
https://mc.acint.net/rmatch?dp=17&euid=xHjxiGPTgaI.AikABlGUBLkoiQ&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D17 HTTP 302
https://mc.acint.net/cmatch?dp=17 HTTP 302
https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=Z9bPLYGrfC-E

Request Chain 100

https://sync.dmp.otm-r.com/match/adlook?id=02858148e65c4fe2b8e1b07dc3891da5 HTTP 302
https://sync.dmp.otm-r.com/match/adlook?id=02858148e65c4fe2b8e1b07dc3891da5&otcm_check=1735246030

Request Chain 101

https://exchange.buzzoola.com/cookiesync/ssp/adlook/?uid=02858148e65c4fe2b8e1b07dc3891da5 HTTP 307
https://exchange.buzzoola.com/cookiesync/ssp/adlook/?set_buzzoola_cookie=t&uid=02858148e65c4fe2b8e1b07dc3891da5

Request Chain 102

https://px.adhigh.net/p/cm/adlook?u=02858148e65c4fe2b8e1b07dc3891da5 HTTP 302
https://px.adhigh.net/p/cm/adlook?u=02858148e65c4fe2b8e1b07dc3891da5&bounced=1 HTTP 302
https://ads.adlook.me/csync?pid=gi&uid=xHjxiGPTgaI.AikABlGUBLkohA

Request Chain 103

https://sync.opendsp.ru/match/adlook?id=02858148e65c4fe2b8e1b07dc3891da5 HTTP 302
https://sync.opendsp.ru/match/adlook?id=02858148e65c4fe2b8e1b07dc3891da5&chk=1 HTTP 302
https://sync.dmp.otm-r.com/match/open_ssp?id=NzM3MzkwOTcwMTNkOTkyMg HTTP 302
https://sync.opendsp.ru/match/otm_ex?id=Njc2ZGMwY2QwZjcyMWZkNQ%3D%3D HTTP 302
https://sync.dmp.otm-r.com/match/open_ssp?id=MjczYWMyZTMyOTg5ZTM0Nw HTTP 302
https://sync.opendsp.ru/match/otm_ex?id=Njc2ZGMwY2QwZjcyMWZkNQ%3D%3D HTTP 302
https://exchange.buzzoola.com/cookiesync/dsp/opendsp-video-ex?uid=MjczYWMyZTMyOTg5ZTM0Nw

Request Chain 105

https://kimberlite.io/rtb/sync/adlook?u=02858148e65c4fe2b8e1b07dc3891da5 HTTP 307
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=Z23Az4zZNWA HTTP 301
https://vma.mts.ru/match/second?ssp=59&exu=Z23Az4zZNWA HTTP 301
https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=db9e459a-d975-46f1-affd-9c4570d36f7b&redirect_return_url=https%3A%2F%2Fexchange.buzzoola.com%2Fcookiesync%2Fdsp%2Fstream-banner%3Fuid%3Ddb9e459a-d975-46f1-affd-9c4570d36f7b%26url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59%2526em%253D4%2526ssp%253Dbuzzoola%2526id%253D%2524%257BUUID%257D HTTP 302
https://5266145921735246031421.cm.a.mts.ru/cm/match?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=db9e459a-d975-46f1-affd-9c4570d36f7b&redirect_return_url=https://exchange.buzzoola.com/cookiesync/dsp/stream-banner?uid%3Ddb9e459a-d975-46f1-affd-9c4570d36f7b%26url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59%2526em%253D4%2526ssp%253Dbuzzoola%2526id%253D%2524%257BUUID%257D HTTP 302
https://exchange.buzzoola.com/cookiesync/dsp/stream-banner?uid=db9e459a-d975-46f1-affd-9c4570d36f7b&url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D4%26ssp%3Dbuzzoola%26id%3D%24%7BUUID%7D HTTP 302
https://vma.mts.ru/em?next=59&em=4&ssp=buzzoola&id=15b76273-0e5d-4f72-6b22-51f68c73d6b7 HTTP 301
https://kimberlite.io/rtb/sync/mts?u=4e3a013e-68ff-4b12-875a-89173dbfe1f3 HTTP 307
https://a.utraff.com/sync?ssp=3046&id=Z23Az2Dd1cc HTTP 302
https://kimberlite.io/rtb/sync/utraff2?u=0741dfd5-cfb4-4d81-8efb-0bac1010e5c6 HTTP 307
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=Z23Az2Dd1cc HTTP 301
https://vma.mts.ru/match/second?ssp=59&exu=Z23Az2Dd1cc HTTP 301
https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=4e3a013e-68ff-4b12-875a-89173dbfe1f3&redirect_return_url=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59%2526em%253D5%2526ssp%253Dweborama%2526id%253D%257BWEBO_CID%257D HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D5%26ssp%3Dweborama%26id%3D%7BWEBO_CID%7D HTTP 302
https://vma.mts.ru/em?next=59&em=5&ssp=weborama&id=zHNpgJfaVvvQlmMwAQV9Bu HTTP 301
https://kimberlite.io/rtb/sync/mts?u=4e3a013e-68ff-4b12-875a-89173dbfe1f3 HTTP 307
https://sync.dmp.otm-r.com/match/kimberlite?id=Z23Az2Dd1cc HTTP 302
https://kimberlite.io/rtb/sync/beeline?u=Njc2ZGMwY2QwZjcyMWZkNQ%3D%3D

Request Chain 106

https://kimberlite.io/rtb/syncd HTTP 307
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=Z23Az2Dd1cc HTTP 301
https://vma.mts.ru/match/second?ssp=59&exu=Z23Az2Dd1cc HTTP 301
https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=4e3a013e-68ff-4b12-875a-89173dbfe1f3&redirect_return_url=https%3A%2F%2Fmts-dsp-sync.rutarget.ru%2Fsync%3Fcallback_url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59%2526em%253D3%2526ssp%253Dsegmento%2526id%253D%2524%257BRUTARGET_VISITOR_ID%257D HTTP 302
https://8504670341735246031434.cm.a.mts.ru/cm/match?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=4e3a013e-68ff-4b12-875a-89173dbfe1f3&redirect_return_url=https://mts-dsp-sync.rutarget.ru/sync?callback_url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59%2526em%253D3%2526ssp%253Dsegmento%2526id%253D%2524%257BRUTARGET_VISITOR_ID%257D HTTP 302
https://mts-dsp-sync.rutarget.ru/sync?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D3%26ssp%3Dsegmento%26id%3D%24%7BRUTARGET_VISITOR_ID%7D HTTP 302
https://vma.mts.ru/em?next=59&em=3&ssp=segmento&id=5flcP_MzxoWQ HTTP 301
https://kimberlite.io/rtb/sync/mts?u=4e3a013e-68ff-4b12-875a-89173dbfe1f3

Request Chain 107

https://ssp.al-adtech.com/api/sync/adlook HTTP 302
https://ads.adlook.me/csync?pid=alab&uid=bd085086-5b59-450a-801e-4a8ea946b539

Request Chain 108

https://sync.gonet-ads.com/match/Adlook?id=02858148e65c4fe2b8e1b07dc3891da5 HTTP 302
https://sync.gonet-ads.com/match/Adlook?id=02858148e65c4fe2b8e1b07dc3891da5&chk=1 HTTP 302
https://dmg.digitaltarget.ru/1/7526/i/i?a=1044&e=NmQwOWIxYzg5MzZhOTNkNQ&i=1fatjy9avw9me HTTP 307
https://dmg.digitaltarget.ru/awg/custom/7526/i/i?call_source=awg&ts=1735246031206&a=1044&e=NmQwOWIxYzg5MzZhOTNkNQ&i=1fatjy9avw9me

Request Chain 120

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fweborama%3Fid%3D{WEBO_CID} HTTP 307
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fweborama%3Fid%3D%7BWEBO_CID%7D&bounce=1&random=2857787734 HTTP 302
https://sync.dmp.otm-r.com/match/weborama?id=zHNpgJfaVvvQlmMwAQV9Bu

Request Chain 121

https://a.adspector.io/sync?ssp=27&id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D HTTP 302
https://kimberlite.io/rtb/syncd HTTP 307
https://www.acint.net/rmatch?dp=202&r=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fsape%3Fu%3D%24%7BUSER_ID%7D%26f%3D%26n%3D2 HTTP 302
https://kimberlite.io/rtb/sync/sape?u=0400007FCEC06D675305E56C02F09BCD&f=&n=2

Request Chain 125

https://a.lotus-dsp.ru/sync?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D&ssp=BeelineADX HTTP 302
https://dmg.digitaltarget.ru/1/7612/i/i?a=2367&e=4887f1df-d1fe-4ea8-bbd8-918af72363ae&i=9845507015835721876

Request Chain 126

https://sync.opendsp.ru/match/OTM_bannner?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D HTTP 302
https://sync.opendsp.ru/match/OTM_bannner?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D&chk=1 HTTP 302
https://sync.dmp.otm-r.com/match/open_ssp?id=NDliM2U1ZDE1MTljMTg4Mw HTTP 302
https://sync.opendsp.ru/match/otm_ex?id=Njc2ZGMwY2QwZjcyMWZkNQ%3D%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=45814&callback_url=https%3A%2F%2Fsync.opendsp.ru%2Fmatch%2FBetween_ex%3Fid%3D%24%7BUSER_ID%7D HTTP 302
https://sync.opendsp.ru/match/Between_ex?id=9165ef9a-67e1-5269-b9cd-53c0dea0930e HTTP 302
https://a.utraff.com/sync?ssp=3368

Request Chain 127

https://sm.rtb.mts.ru/p?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D&ssp=otmvid HTTP 301
https://vma.mts.ru/match/second?ssp=26&exu=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D HTTP 301
https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=4e3a013e-68ff-4b12-875a-89173dbfe1f3&redirect_return_url=https%3A%2F%2Fmts-dsp-sync.rutarget.ru%2Fsync%3Fcallback_url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D26%2526em%253D3%2526ssp%253Dsegmento%2526id%253D%2524%257BRUTARGET_VISITOR_ID%257D HTTP 302
https://mts-dsp-sync.rutarget.ru/sync?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D26%26em%3D3%26ssp%3Dsegmento%26id%3D%24%7BRUTARGET_VISITOR_ID%7D HTTP 302
https://vma.mts.ru/em?next=26&em=3&ssp=segmento&id=Z9bPLYGrfC-E HTTP 301
https://sync.dmp.otm-r.com/match/stream?id=4e3a013e-68ff-4b12-875a-89173dbfe1f3

Request Chain 128

https://videotarget-sync.rutarget.ru/sync HTTP 302
https://sync.dmp.otm-r.com/match/segmento?id=5flcP_MzxoWQ

Request Chain 131

https://a.adspector.io/sync?ssp=24&id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D HTTP 302
https://sync.dmp.otm-r.com/match/adspector?id=a259530f-6729-4e22-8d0f-4df6394ff7d0

Request Chain 132

https://px.adhigh.net/p/cm/otm_video HTTP 302
https://px.adhigh.net/p/cm/otm_video?bounced=1 HTTP 302
https://sync.dmp.otm-r.com/match/getintent?id=xHjxiGPTgaI.AikABlGUBLkoiQ

Request Chain 135

https://sync.gonet-ads.com/match/OTM?rid=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=4098&external_user_id=NmQwOWIxYzg5MzZhOTNkNQ

Request Chain 136

https://a.utraff.com/sync?ssp=3031&id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D HTTP 302
https://sync.dmp.otm-r.com/match/umg_display?id=0741dfd5-cfb4-4d81-8efb-0bac1010e5c6

Request Chain 140

https://sync.dsp.solta.io/match/OTM_direct_piratka_ssp?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D HTTP 302
https://sync.dsp.solta.io/match/OTM_direct_piratka_ssp?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D&chk=1 HTTP 302
https://kimberlite.io/rtb/sync/iage?u=MmExYTQwY2VlM2UxZDhmYw HTTP 307
https://a.utraff.com/sync?ssp=3046&id=Z23Az2Dd1cc HTTP 302
https://kimberlite.io/rtb/sync/utraff2?u=0741dfd5-cfb4-4d81-8efb-0bac1010e5c6 HTTP 307
https://sync.dmp.otm-r.com/match/solta_banner_video?id=Z23Az2Dd1cc

Request Chain 144

https://redirect-frontend.weborama-tech.ru/rd?url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fweborama_newUrl%3Fid%3D{WEBO_CID} HTTP 307
https://redirect-frontend.weborama-tech.ru/rd?url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fweborama_newUrl%3Fid%3D%7BWEBO_CID%7D&bounce=1&random=3228652405 HTTP 302
https://sync.dmp.otm-r.com/match/weborama_newUrl?id=ahq7pwAUnLxloClwmtdB3u

Request Chain 145

https://x01.aidata.io/0.gif?pid=OTM&id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D HTTP 302
https://x01.aidata.io/0.gif?pid=OTM&id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D&bounce=1 HTTP 302
https://px.adhigh.net/p/cm/aidata?u=3fFichlD25pd8kOpsSRBrA&back=SYNC HTTP 302
https://x01.aidata.io/0.gif?pid=GETINTENT&id=xHjxiGPTgaI.AikABlGUBLkoiQ&back=SYNC HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=SYNC HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=SYNC HTTP 302
https://sync.dmp.otm-r.com/match/aidata?back=SYNC&rp=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DOTM%26id%3D%7Bpid%7D HTTP 302
https://x01.aidata.io/0.gif?pid=OTM&id=Njc2ZGMwY2QwZjcyMWZkNQ%3D%3D&back=SYNC HTTP 302
https://sync.upravel.com/aidata/sync?back=SYNC HTTP 302
https://x01.aidata.io/0.gif?pid=MGCOM&id=fb19b462-1c8f-495b-9393-c17f0bbe89c6&back=SYNC HTTP 302
https://aidata-sync.rutarget.ru/sync?back=SYNC HTTP 302
https://x01.aidata.io/0.gif?pid=SEGMENTO&id=5flcP_MzxoWQ&back=SYNC HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/3fFichlD25pd8kOpsSRBrA?sign=3168579214&location=https%3A//x01.aidata.io/0.gif%3Fpid%3DSYNC HTTP 302
https://x01.aidata.io/0.gif?pid=SYNC HTTP 302
https://cm.p.altergeo.ru/aidata?aid=3fFichlD25pd8kOpsSRBrA&nc=3974&url=https%3A//x01.aidata.io/0.gif%3Fpid%3DALTERGEO%26id%3D%24%7BUSER_ID%7D%26rnd%3D%24%7BRANDOM%7D%26back%3DSYNC HTTP 302
https://x01.aidata.io/0.gif?pid=ALTERGEO&id=CMttwQlld2QReBf3gP4e+dtA==&rnd=bbe94301&back=SYNC HTTP 302
https://sync.crwdcntrl.net/map/c=7645/tp=AIDA/gdpr=0/gdpr_consent=DAISYBIT/?https://x01.aidata.io/0.gif?pid=LOTAME&id=${profile_id}&back=SYNC HTTP 302
https://x01.aidata.io/0.gif?pid=LOTAME&id=&back=SYNC HTTP 302
https://top-fwz1.mail.ru/counter?id=3202981;pid=3fFichlD25pd8kOpsSRBrA

Request Chain 146

https://sync.programmatica.com/match/OTM?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D HTTP 302
https://sync.programmatica.com/match/OTM?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D&chk=1 HTTP 302
https://sync.dmp.otm-r.com/match/programmatica?id=NzNkM2Q4MTVmYjJiYmEyNQ

Request Chain 149

https://kimberlite.io/rtb/sync/otm?u=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D HTTP 307
https://sync.dsp.solta.io/match/kimberlite?id=Z23Az2Dd1cc HTTP 302
https://dmg.digitaltarget.ru/1/7518/i/i?a=1042&e=MmExYTQwY2VlM2UxZDhmYw&i=af7391f7pllz HTTP 307
https://sync.dsp.solta.io/match/dmp_amberdata?fp= HTTP 302
https://kimberlite.io/rtb/sync/iage?u=MmExYTQwY2VlM2UxZDhmYw HTTP 307
https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbuzzoola%3Fu%3D%24%7BUUID%7D%26f%3D%26n%3D2 HTTP 302
https://kimberlite.io/rtb/sync/buzzoola?u=15b76273-0e5d-4f72-6b22-51f68c73d6b7&f=&n=2

Request Chain 150

https://match.ohmy.bid/cm?ssp=otm&redirect_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fohmybids_new%3Fid%3D%7Buid%7D HTTP 302
https://sync.dmp.otm-r.com/match/ohmybids_new?id=575e70ae-4cea-4fdc-8aae-55dbc0a4c1dd

Request Chain 151

https://ads.betweendigital.com/match?bidder_id=42919&callback_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fvihub1%3Fid%3D%24%7BUSER_ID%7D HTTP 302
https://sync.dmp.otm-r.com/match/vihub1?id=9165ef9a-67e1-5269-b9cd-53c0dea0930e

Request Chain 152

https://an.yandex.ru/mapuid/videonowssp/ HTTP 302
https://sync.dmp.otm-r.com/match/yandex_dsp_new?id=92E427D737B3D8F7

Request Chain 153

https://sync.opendsp.ru/match/otm_ex?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D HTTP 302
https://sync.opendsp.ru/match/otm_ex?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D&chk=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=45814&callback_url=https%3A%2F%2Fsync.opendsp.ru%2Fmatch%2FBetween_ex%3Fid%3D%24%7BUSER_ID%7D HTTP 302
https://sync.opendsp.ru/match/Between_ex?id=9165ef9a-67e1-5269-b9cd-53c0dea0930e HTTP 302
https://ads.betweendigital.com/match?bidder_id=45814&callback_url=https%3A%2F%2Fsync.opendsp.ru%2Fmatch%2FBetween_ex%3Fid%3D%24%7BUSER_ID%7D HTTP 302
https://sync.opendsp.ru/match/Between_ex?id=9165ef9a-67e1-5269-b9cd-53c0dea0930e HTTP 302
https://dmg.digitaltarget.ru/1/7601/i/i?a=2121&i=oet5178v3jz4&e=MjczYWMyZTMyOTg5ZTM0Nw

Request Chain 154

https://sync.upravel.com/image?source=otm&id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D&return_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fmgcomm%3Fid%3D%7BUID%7D HTTP 302
https://sync.upravel.com/image?source=otm&id=Njc2ZGMwY2UwNzhjOWE1OQ%253D%253D&return_url=https%253A%252F%252Fsync.dmp.otm-r.com%252Fmatch%252Fmgcomm%253Fid%253D%257BUID%257D&session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9oZC5sb3Jkc2VyaXkuY2hyaXN0bWFzLyJdfX0= HTTP 302
https://sync.upravel.com/https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fmgcomm%3Fid%3D%7BUID%7D

Request Chain 155

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5932509&bn=5932509&rnd=1234567890 HTTP 302
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5932509&bn=5932509&rnd=1234567890&tuid=-6286784521 HTTP 302
https://sync.dmp.otm-r.com/match/adriver.img?id=AWje7oQcXFqJsHfkL7D7gpg

Request Chain 157

https://cs.agency2.ru/p?ssp=ot&uid=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D HTTP 301
https://sync.dmp.otm-r.com/match/adwist_a2?id=b7112153-730b-4fb9-ade6-d858260c75cb

Request Chain 158

https://www.acint.net/rmatch?dp=68&euid=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D&r=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fsape_stable%3Fid%3D%24%7BUSER_ID%7D HTTP 302
https://sync.dmp.otm-r.com/match/sape_stable?id=0400007FCEC06D675305E56C02F09BCD

Request Chain 159

https://ssp.al-adtech.com/api/sync/otm HTTP 302
https://sync.dmp.otm-r.com/match/astralab?id=f07130e7-2901-4aaf-9730-eb2ed2851eac HTTP 302
https://ssp.al-adtech.com/api/openrtb/match/otm?id=Njc2ZGMwY2QwZjcyMWZkNQ%3D%3D

Request Chain 160

https://sync.opendsp.ru/match/otm_wl?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D HTTP 302
https://sync.opendsp.ru/match/otm_wl?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D&chk=1 HTTP 302
https://sm.rtb.mts.ru/p?ssp=tradingdesk&id=MjczYWMyZTMyOTg5ZTM0Nw HTTP 301
https://vma.mts.ru/match/second?ssp=67&exu=MjczYWMyZTMyOTg5ZTM0Nw HTTP 301
https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=2ace4a0d-281c-4c62-9e94-4598214900df&redirect_return_url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F7673%2Fi%2Fi%3Fa%3D3680%26e%3D2ace4a0d-281c-4c62-9e94-4598214900df%26i%3D6136%26redirect%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D67%2526em%253D6%2526ssp%253Damberdata HTTP 302
https://9633794231735246031422.cm.a.mts.ru/cm/match?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=2ace4a0d-281c-4c62-9e94-4598214900df&redirect_return_url=https://dmg.digitaltarget.ru/1/7673/i/i?a%3D3680%26e%3D2ace4a0d-281c-4c62-9e94-4598214900df%26i%3D6136%26redirect%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D67%2526em%253D6%2526ssp%253Damberdata HTTP 302
https://dmg.digitaltarget.ru/1/7673/i/i?a=3680&e=2ace4a0d-281c-4c62-9e94-4598214900df&i=6136&redirect=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D67%26em%3D6%26ssp%3Damberdata HTTP 307
https://vma.mts.ru/em?next=67&em=6&ssp=amberdata HTTP 301
https://sync.opendsp.ru/match/mts_dsp?id=4e3a013e-68ff-4b12-875a-89173dbfe1f3 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2FPartnerABC.com%2Fusersync%20%3Fwebouuid%3DMjczYWMyZTMyOTg5ZTM0Nw HTTP 302
https://partnerabc.com/usersync%20?webouuid=MjczYWMyZTMyOTg5ZTM0Nw

Request Chain 161

https://sync.bumlam.com/?src=otm1&rurl=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fsnp%3Fid%3D%7BUID3%7D&uid=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D HTTP 302
https://sync.dmp.otm-r.com/match/snp?id=9430d806-c3ca-11ef-86e0-002590c0647c

Request Chain 162

https://exchange.buzzoola.com/cookiesync/redirect/videotarget?redirect_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fbazzoola%3Fid%3D%24%7BUUID%7D HTTP 302
https://sync.dmp.otm-r.com/match/bazzoola?id=15b76273-0e5d-4f72-6b22-51f68c73d6b7

Request Chain 174

https://www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100103-posid2155078/ HTTP 302
https://www.tns-counter.ru/V13b****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100103-posid2155078/

Request Chain 175

https://www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100106-posid2155081 HTTP 302
https://www.tns-counter.ru/V13b****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100106-posid2155081

Request Chain 233

https://moevideo-sync.rutarget.ru/sync HTTP 302
https://rtb.moe.video/cs?b=5flcP_MzxoWQ&d=1

Request Chain 235

https://sync.bumlam.com/?src=mvn&uid=0c681268701b0bac356f HTTP 302
https://rtb.moe.video/cs?b=9430d806-c3ca-11ef-86e0-002590c0647c&d=3

Request Chain 236

https://kimberlite.io/rtb/sync/moevideo HTTP 307
https://solta-sync.rutarget.ru/sync HTTP 302
https://kimberlite.io/rtb/sync/segmento?u=5flcP_MzxoWQ HTTP 307
https://rtb.moe.video/cs?d=4&b=Z23Az2Dd1cc

Request Chain 237

https://kimberlite.io/rtb/sync/moevideo HTTP 307
https://px.adhigh.net/p/cm/solta?u=Z23Az2Dd1cc HTTP 302
https://kimberlite.io/rtb/sync/getintent?u=xHjxiGPTgaI.AikABlGUBLkoiQ HTTP 307
https://rtb.moe.video/cs?d=4&b=Z23Az2Dd1cc

Request Chain 238

https://exchange.buzzoola.com/cookiesync/redirect/moevideo?redirect_url=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D6%26b%3D%24%7BUUID%7D HTTP 302
https://rtb.moe.video/cs?d=6&b=15b76273-0e5d-4f72-6b22-51f68c73d6b7

Request Chain 239

https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D7%26b%3D%24%7BUSER_ID%7D HTTP 302
https://rtb.moe.video/cs?d=7&b=9165ef9a-67e1-5269-b9cd-53c0dea0930e

Request Chain 241

https://px.adhigh.net/p/cm/moevideo HTTP 302
https://rtb.moe.video/cs?d=9&b=xHjxiGPTgaI.AikABlGUBLkoiQ

Request Chain 242

https://sync.upravel.com/moevideo/sync HTTP 302
https://rtb.moe.video/cs?d=10&b=fb19b462-1c8f-495b-9393-c17f0bbe89c6

Request Chain 243

https://sm.rtb.mts.ru/p?ssp=moevideo&id=0c681268701b0bac356f HTTP 301
https://vma.mts.ru/match/second?ssp=22&exu=0c681268701b0bac356f HTTP 301
https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=4e3a013e-68ff-4b12-875a-89173dbfe1f3&redirect_return_url=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D22%2526em%253D5%2526ssp%253Dweborama%2526id%253D%257BWEBO_CID%257D HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D22%26em%3D5%26ssp%3Dweborama%26id%3D%7BWEBO_CID%7D HTTP 302
https://vma.mts.ru/em?next=22&em=5&ssp=weborama&id=zHNpgJfaVvvQlmMwAQV9Bu HTTP 301
https://rtb.moe.video/cs?d=11&b=4e3a013e-68ff-4b12-875a-89173dbfe1f3

Request Chain 244

https://sync.dmp.otm-r.com/match/moevideo HTTP 302
https://rtb.moe.video/cs?d=12&b=Njc2ZGMwY2QwZjcyMWZkNQ%3D%3D

Request Chain 245

https://sync.adspend.space/moevideo?uid=0c681268701b0bac356f HTTP 302
https://sync.adspend.space/check?r=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3Dce62c442-7970-477b-b74e-9fa906abdf48%26i%3D64431682377785435%26r%3Dhttps%253A%252F%252Fprodmp.ru%252Fadspend-sync.gif%253Fdsp_provider_id%253D2%2526uid%253Dce62c442-7970-477b-b74e-9fa906abdf48%2526r%253Dhttps%25253A%25252F%25252Frtb.moe.video%25252Fcs%25253Fd%25253D13%252526b%25253Dce62c442-7970-477b-b74e-9fa906abdf48 HTTP 302
https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=ce62c442-7970-477b-b74e-9fa906abdf48&i=64431682377785435&r=https%3A%2F%2Fprodmp.ru%2Fadspend-sync.gif%3Fdsp_provider_id%3D2%26uid%3Dce62c442-7970-477b-b74e-9fa906abdf48%26r%3Dhttps%253A%252F%252Frtb.moe.video%252Fcs%253Fd%253D13%2526b%253Dce62c442-7970-477b-b74e-9fa906abdf48 HTTP 307
https://prodmp.ru/adspend-sync.gif?dsp_provider_id=2&uid=ce62c442-7970-477b-b74e-9fa906abdf48&r=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D13%26b%3Dce62c442-7970-477b-b74e-9fa906abdf48 HTTP 302
https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=ce62c442-7970-477b-b74e-9fa906abdf48&r=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3Dce62c442-7970-477b-b74e-9fa906abdf48%26i%3D1735246034446%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fdmpmediadesk%252Fce62c442-7970-477b-b74e-9fa906abdf48%253Fsign%253D1e1e3d48%2526location%253Dhttps%25253A%25252F%25252F1010--ce62c442-7970-477b-b74e-9fa906abdf48.stbid.ru%25252F%25253Fr%25253Dhttps%252525253A%252525252F%252525252Ftop-fwz1.mail.ru%252525252Fcounter%252525253Fid%252525253D3138228&version=2.0 HTTP 302
https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=ce62c442-7970-477b-b74e-9fa906abdf48&i=1735246034446&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpmediadesk%2Fce62c442-7970-477b-b74e-9fa906abdf48%3Fsign%3D1e1e3d48%26location%3Dhttps%253A%252F%252F1010--ce62c442-7970-477b-b74e-9fa906abdf48.stbid.ru%252F%253Fr%253Dhttps%2525253A%2525252F%2525252Ftop-fwz1.mail.ru%2525252Fcounter%2525253Fid%2525253D3138228 HTTP 307
https://an.yandex.ru/mapuid/dmpmediadesk/ce62c442-7970-477b-b74e-9fa906abdf48?sign=1e1e3d48&location=https%3A%2F%2F1010--ce62c442-7970-477b-b74e-9fa906abdf48.stbid.ru%2F%3Fr%3Dhttps%25253A%25252F%25252Ftop-fwz1.mail.ru%25252Fcounter%25253Fid%25253D3138228 HTTP 302
https://1010--ce62c442-7970-477b-b74e-9fa906abdf48.stbid.ru/?r=https%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228 HTTP 302
https://top-fwz1.mail.ru/counter?id=3138228

Request Chain 246

https://ssp.al-adtech.com/api/sync/myvideo HTTP 302
https://rtb.moe.video/cs?d=14&b=3875a1fc-4f14-4f9b-83fd-de202c192f50

Request Chain 247

https://match.qtarget.tech/userbind?src=moevideo&id=0c681268701b0bac356f HTTP 302
https://const.uno/p.gif?p=35&id=&r=1&url=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D15%26b%3D HTTP 302
https://matching.mobilebanner.ru/p.gif?pid=target-https-qm&euid=&re=1&id=&rt=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D15%26b%3D HTTP 302
https://rtb.moe.video/cs?d=15&b=

Request Chain 248

https://sync.programmatica.com/match/MoeVideo?id=0c681268701b0bac356f HTTP 302
https://kimberlite.io/rtb/sync/programmatica?u=NzNkM2Q4MTVmYjJiYmEyNQ HTTP 307
https://px.adhigh.net/p/cm/solta?u=Z23Az2Dd1cc HTTP 302
https://kimberlite.io/rtb/sync/getintent?u=xHjxiGPTgaI.AikABlGUBLkoiQ

Request Chain 249

https://match.new-programmatic.com/userbind?src=moevideo&id=0c681268701b0bac356f HTTP 302
https://rtb.moe.video/cs?d=19&b=

Request Chain 250

https://www.acint.net/rmatch?dp=115&r=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D20%26b%3D%24%7BUSER_ID%7D HTTP 302
https://rtb.moe.video/cs?d=20&b=0400007FCEC06D675305E56C02F09BCD

Request Chain 251

https://acint.net/cmatch?dp=115 HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0400007FCEC06D675305E56C02F09BCD

Request Chain 253

https://sync.upravel.com/moevideo_outstream/sync HTTP 302
https://rtb.moe.video/cs?d=22&b=fb19b462-1c8f-495b-9393-c17f0bbe89c6

Request Chain 254

https://sync.opendsp.ru/match/Moevideo?id=0c681268701b0bac356f HTTP 302
https://mc.acint.net/cmatch?dp=226&euid=MjczYWMyZTMyOTg5ZTM0Nw HTTP 302
https://match.qtarget.tech/userbind?src=sape&id=0400007FCEC06D675305E56C02F09BCD

Request Chain 255

https://a.adspector.io/sync?ssp=22 HTTP 302
https://rtb.moe.video/cs?d=25&b=a259530f-6729-4e22-8d0f-4df6394ff7d0

Request Chain 256

https://otclick-adv.ru/core/match.gif?s=54&reference=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D26%26b%3D%23%7BUID%7D HTTP 302
https://rtb.moe.video/cs?d=26&b=VUf9hvCPZuAANkV

Request Chain 257

https://sync.techdsp.ru/sync?src=mvn&uid=0c681268701b0bac356f HTTP 302
https://x01.aidata.io/0.gif?pid=0914828&id=PFcosvbaT-qj18vUdp8AVg&dest=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D27%26b%3DPFcosvbaT-qj18vUdp8AVg HTTP 302
https://rtb.moe.video/cs?d=27&b=PFcosvbaT-qj18vUdp8AVg

Request Chain 258

https://sync.upravel.com/moevideo_nord/sync HTTP 302
https://rtb.moe.video/cs?d=28&b=fb19b462-1c8f-495b-9393-c17f0bbe89c6

Request Chain 261

https://match.ohmy.bid/cm?ssp=mvban HTTP 302
https://rtb.moe.video/cs?d=31&b=575e70ae-4cea-4fdc-8aae-55dbc0a4c1dd

421 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
hd.lordseriy.christmas/ 92 KB
14 KB 368ms
306ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0298063828b5c9d2f0f8baf12593ca4c4fbc9b193262f2456fe5a81d5783f6a3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8f83eca3d9989f36-FRA
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Thu, 26 Dec 2024 20:47:09 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Thu, 26 Dec 2024 19:02:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AFnTIUBFvR5iB9YP9L8YZme2NFqW0UL6cGpsOX8FyLi8utiuEFZAhGXUpyVFo%2F1kdjDHiIXRXskYI%2FF2GJrvt5EegzSHDI6C1OxkoiGyl0KtT3wvWwbobWrAPh%2BBEghxA4E%2BlqrVfGG%2F"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=18091&min_rtt=17951&rtt_var=2945&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4244&recv_bytes=4493&delivery_rate=650&cwnd=12000&unsent_bytes=0&cid=7fdac26912339378&ts=312&x=1" cfExtPri cfHdrFlush;dur=0
vary: accept-encoding

GET
H3 200 common.css
hd.lordseriy.christmas/templates/LordFilm/css/ 14 KB
5 KB 93ms
93ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.lordseriy.christmas/templates/LordFilm/css/common.css?v={cache-id}
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa331b82ec7032bae6b10e0f8da001719b7f772dc37cdd3854f68f429bfa3af6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JiBphQQg24Fm4X4nIXTRUYljilz0SBN6osYL52TiBNsHj%2BCwqqQ7CFMjfJnXJvRXT%2F71B9WJMEpZxWHI0dM2zMdwqOTG%2BcxudY7CUjx871v2lweLjzlhbddgdTZr3kYeok6QAdppYl7l"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca5cbc09f36-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18738&min_rtt=17762&rtt_var=1113&sent=56&recv=31&lost=0&retrans=0&sent_bytes=48615&recv_bytes=10344&delivery_rate=214916&cwnd=21600&unsent_bytes=0&cid=7fdac26912339378&ts=409&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 26 Dec 2024 20:47:09 GMT
content-type: text/css
last-modified: Sun, 15 Dec 2024 05:42:34 GMT
vary: Accept-Encoding
priority: u=0,i=?0

GET
H3 200 styles.css
hd.lordseriy.christmas/templates/LordFilm/css/ 34 KB
10 KB 126ms
125ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.lordseriy.christmas/templates/LordFilm/css/styles.css?v={cache-id}
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 825e10ab8fc9623184a11e0e73f0aefb1d82a8a8a62c7da9a0712ddbdefae52f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JU3uXscb6ZRqYgwPyvHaSf5%2BgY%2BkDySQsxfr4L39MChx%2BdPStQwUdtRbDG4wqCGsjqPKmpdl7Cf7sh4Tsu4PBY9CveEE3WUoSBxuaFsQr970HUSfMV%2BhJXnwcUYpDF5QXPfunoJT2ZI4"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca5cbc29f36-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18840&min_rtt=17762&rtt_var=855&sent=95&recv=37&lost=0&retrans=0&sent_bytes=89415&recv_bytes=10602&delivery_rate=341345&cwnd=39600&unsent_bytes=0&cid=7fdac26912339378&ts=429&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 26 Dec 2024 20:47:09 GMT
content-type: text/css
last-modified: Sun, 15 Dec 2024 05:42:34 GMT
vary: Accept-Encoding
priority: u=0,i=?0

GET
H3 200 responsive.css
hd.lordseriy.christmas/templates/LordFilm/css/ 6 KB
3 KB 109ms
108ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.lordseriy.christmas/templates/LordFilm/css/responsive.css?v={cache-id}
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69c12c737014a966e77027c3cc393a8ec11837757d890f05ec49c66c921c1066

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wb0g7vBF0jDaJwhkvA70a9rLBzk5ftjpj4QqhhTaw6iN4C4LtY3ULxkhMEGA%2F%2FPn%2BRaMMaV%2FTXtAtlguYz%2BDk7SDHPKGvq2bzV1AlYcmXKazL8cEiveG4P8R8s8V%2BaZSqyDdI56b9kZJ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca5ebe29f36-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18738&min_rtt=17762&rtt_var=1113&sent=60&recv=31&lost=0&retrans=0&sent_bytes=52321&recv_bytes=10344&delivery_rate=214916&cwnd=21600&unsent_bytes=0&cid=7fdac26912339378&ts=422&x=1", cfExtPri, cfHdrFlush;dur=3
date: Thu, 26 Dec 2024 20:47:09 GMT
content-type: text/css
last-modified: Sun, 15 Dec 2024 05:42:34 GMT
vary: Accept-Encoding
priority: u=0,i=?0

GET
H3 200 engine.css
hd.lordseriy.christmas/templates/LordFilm/css/ 29 KB
9 KB 130ms
129ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.lordseriy.christmas/templates/LordFilm/css/engine.css?v={cache-id}
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a421a209ce3dbffc4eb6f2ff8259e5ad942cc8fd943287c5b0aa49e45726aeb5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3B49RIyXPnJlbsAL9dIUk3UQtt4jmEBvLec%2FHSSiuYv8Z04u1bKaM48syjFSfB5WJ5wXb4O%2FzOQ7f2qnbWF%2FGQ5aYCo46a6GWt6qlX1vgyf9Z4mo13yH3StoiHe175ActdR1cWxLfPQn"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca5ebe49f36-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18436&min_rtt=17762&rtt_var=784&sent=112&recv=41&lost=0&retrans=0&sent_bytes=108448&recv_bytes=10774&delivery_rate=758445&cwnd=49200&unsent_bytes=0&cid=7fdac26912339378&ts=445&x=1", cfExtPri, cfHdrFlush;dur=2
date: Thu, 26 Dec 2024 20:47:09 GMT
content-type: text/css
last-modified: Sun, 15 Dec 2024 05:42:34 GMT
vary: Accept-Encoding
priority: u=0,i=?0

GET
H3 200 fontawesome.css
hd.lordseriy.christmas/templates/LordFilm/css/ 85 KB
19 KB 156ms
155ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.lordseriy.christmas/templates/LordFilm/css/fontawesome.css?v={cache-id}
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df16275ce5a3280de569354facea42a4a2d2acdc270b19c54721e8149286e443

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hd2aVJr7yUMTp34f9vMCBUSZz4CCifdVaUa5cb2pD5KZAWQ6nY%2Ff4v6PnN60IxMqcLBZma0Eh2Yw1e68J3ES%2FVLkh6ax%2FamgRWPbnbKJJZjmZ%2FLOOyZ50TTGORb7WSVAbG5vXtRsLE7U"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca5ebec9f36-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18624&min_rtt=17762&rtt_var=679&sent=211&recv=46&lost=0&retrans=0&sent_bytes=221372&recv_bytes=10999&delivery_rate=3370106&cwnd=114000&unsent_bytes=0&cid=7fdac26912339378&ts=473&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 26 Dec 2024 20:47:09 GMT
content-type: text/css
last-modified: Sun, 15 Dec 2024 05:42:34 GMT
vary: Accept-Encoding
priority: u=0,i=?0

GET
H3 200 inter-400.woff2
hd.lordseriy.christmas/templates/LordFilm/webfonts/ 21 KB
21 KB 109ms
108ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.lordseriy.christmas/templates/LordFilm/webfonts/inter-400.woff2
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4152910b13961b0102aa8bcf50d5f02c7def843989cfd0f146d98cc6baa4cec7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6cNfvhTThylfqBqz4Ag0Y15qjJV8Niyd1quvCsyfpJC9h99QQZ0HmTz%2FD7EF5Dm1tJu641%2B9djVNgoj1VIJJ9eaA9ZMHxfD9LlwqzXTkAwZ%2Fk9AGl98UmUJRKmNSpl%2Biy3YrifZx6T6c"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca5ebed9f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18738&min_rtt=17762&rtt_var=1113&sent=60&recv=31&lost=0&retrans=0&sent_bytes=52321&recv_bytes=10344&delivery_rate=214916&cwnd=21600&unsent_bytes=0&cid=7fdac26912339378&ts=423&x=1", cfExtPri, cfHdrFlush;dur=2
content-length: 21220
date: Thu, 26 Dec 2024 20:47:09 GMT
content-type: font/woff2
last-modified: Sun, 15 Dec 2024 05:42:34 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET
H3 200 inter-500.woff2
hd.lordseriy.christmas/templates/LordFilm/webfonts/ 22 KB
23 KB 126ms
125ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.lordseriy.christmas/templates/LordFilm/webfonts/inter-500.woff2
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7a286cfd80d5b17b289151f1ae9adac07d41a6905c2f8f364d571196832d90b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IfONwRPeGjgpB4tJDpByCzlHQ3kVnUtOflE4Lke9El0ldnZ%2Fe6Og7eCorMwfFvjQxvwSziERp5z1J78Af1CbbBHOLa0KpMRB00tuA49JDuFXV7ws01tvibAVWgjRht%2Bvn5WpqJFJ65wq"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca5cbc49f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18840&min_rtt=17762&rtt_var=855&sent=95&recv=37&lost=0&retrans=0&sent_bytes=89415&recv_bytes=10602&delivery_rate=341345&cwnd=39600&unsent_bytes=0&cid=7fdac26912339378&ts=433&x=1", cfExtPri, cfHdrFlush;dur=10
content-length: 22572
date: Thu, 26 Dec 2024 20:47:09 GMT
content-type: font/woff2
last-modified: Sun, 15 Dec 2024 05:42:34 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET
H3 200 oswald-700.woff2
hd.lordseriy.christmas/templates/LordFilm/webfonts/ 14 KB
15 KB 130ms
129ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.lordseriy.christmas/templates/LordFilm/webfonts/oswald-700.woff2
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a177fb77ed883beb3d923c055508a3db8e4846458985ec2165b00a0d750ccda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0aKUlA5U5GzNd5twndfq3FjHFM1X9R0HlfJWIoet2EjuVt8y0N8HvKKp6zZAGoJnGPelGq6GQEJws0B6Dxfy4zAxmk19OUAAEjjjWWe5ED%2FUMfpbARYb2%2BL7IOpcHxTo9fXi2rblNIR1"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca5fc049f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18840&min_rtt=17762&rtt_var=855&sent=95&recv=37&lost=0&retrans=0&sent_bytes=89415&recv_bytes=10602&delivery_rate=341345&cwnd=39600&unsent_bytes=0&cid=7fdac26912339378&ts=435&x=1", cfExtPri, cfHdrFlush;dur=8
content-length: 14320
date: Thu, 26 Dec 2024 20:47:09 GMT
content-type: font/woff2
last-modified: Sun, 15 Dec 2024 05:42:34 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET
H3 200 Righteous-Regular.woff2
hd.lordseriy.christmas/templates/LordFilm/webfonts/ 15 KB
16 KB 131ms
130ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.lordseriy.christmas/templates/LordFilm/webfonts/Righteous-Regular.woff2
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b92b726bc2473d43af2279c01bcc9ec3f5deda614a7a172ded06a4d59a23dd95

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X9aNYJxAZfUHZMuJkboCj%2FWzt%2FzgN94imU2xgv9egVG%2B%2Bn1ug3QtfDx2zTez3fC4eI4piehd2Sc%2BUVK8TH8QVD4lf8WWGz%2FrGoHHabQPuLfgEz%2FgggCszM3Naqzkj09yLHu9uPsQh514"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca5fc089f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18840&min_rtt=17762&rtt_var=855&sent=95&recv=37&lost=0&retrans=0&sent_bytes=89415&recv_bytes=10602&delivery_rate=341345&cwnd=39600&unsent_bytes=0&cid=7fdac26912339378&ts=439&x=1", cfExtPri, cfHdrFlush;dur=4
content-length: 15456
date: Thu, 26 Dec 2024 20:47:09 GMT
content-type: font/woff2
last-modified: Sun, 15 Dec 2024 05:42:34 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET
H3 200 fa-solid-900.woff2
hd.lordseriy.christmas/templates/LordFilm/webfonts/ 134 KB
135 KB 169ms
168ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.lordseriy.christmas/templates/LordFilm/webfonts/fa-solid-900.woff2
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68eb827a2fa6f035eab41392f863522ae5dc0d4c0c31d5245362a7f1a5aed46a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2BBGE1sy9lNqhkEMnQ2Ee3u5tJRtEVV8KrIiaI2GPa2Bn6hf2kbN%2FL9KIq0lK7bQzach2obMOcncxUOAMOZ17%2FPTvJUha%2FgTH0DzeB1L6ut8QSR9H%2Fy69QqU%2BysxkhSwuAAP0ijIRBL6"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca5fc0b9f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18440&min_rtt=17762&rtt_var=342&sent=229&recv=51&lost=0&retrans=0&sent_bytes=241628&recv_bytes=11224&delivery_rate=4705432&cwnd=114000&unsent_bytes=0&cid=7fdac26912339378&ts=487&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 137704
date: Thu, 26 Dec 2024 20:47:09 GMT
content-type: font/woff2
last-modified: Sun, 15 Dec 2024 05:42:34 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET
H2 200 rlf.js Show response
cdn.adlook.me/js/ 81 KB
23 KB 578ms
57ms Script
application/javascript 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adlook.me/js/rlf.js
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 0106b546c8e99146c94fceff7190c39d1173cca103f14a452f544f3bf91fe328

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-powered-by: ASP.NET
cache: HIT
x-node: m9p-up-gc30
content-encoding: gzip
etag: "80b7e6e7f431db1:0"
accept-ranges: bytes
content-length: 23444
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: application/javascript,application/javascript;charset=utf-8
last-modified: Fri, 08 Nov 2024 15:43:07 GMT
server: nginx
x-cached-since: 2024-12-26T20:40:30+00:00
vary: Accept-Encoding

GET
H/1.1 200
OK 8ae2b883de5a162923ffe69c8af9171e_h-1400.gif
otvet.imgsmail.ru/download/ 732 KB
732 KB 316ms
183ms Image
image/gif 95.163.41.54
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otvet.imgsmail.ru/download/8ae2b883de5a162923ffe69c8af9171e_h-1400.gif
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.41.54 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS: otvet-stor-vip.vk.team
Software: nginx/portaladmins /
Resource Hash: cf736dd3b4c933471a0b3ec8bd86ae06a43696ea218247c028f81b286928a38c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

ETag: "5ce86b12-b6f98"
Connection: keep-alive
Access-Control-Allow-Methods: GET, OPTIONS
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 749464
Date: Thu, 26 Dec 2024 20:47:09 GMT
Content-Type: image/gif
Last-Modified: Fri, 24 May 2019 22:07:14 GMT
Server: nginx/portaladmins
Access-Control-Allow-Headers: Content-Type, If-Modified-Since, Last-Modified

GET
H3 200 index.php Show response
hd.lordseriy.christmas/engine/classes/min/ 88 KB
31 KB 58ms
58ms Script
application/x-javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.lordseriy.christmas/engine/classes/min/index.php?g=general3&v=57a20
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9dbe74cf540c4cfc329a704fae9092273a28f29864d082c231b02939ea8a2f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "pub1734241350;gz"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OLUf9NKTD3N1AtUmlGwpxCsT2cqp1YRYTOgM6LJ8KkZzS6Iw7hBRx1WrVdOnX81tq6A8nlG3ARxCvFvATjOoz3CNt92jw82IEleX6Y2bqXSYAoxIeW0n%2B0yM1rd5tfnOaXshkepD5j%2BW"}],"group":"cf-nel","max_age":604800}
expires: Fri, 26 Dec 2025 20:47:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19321&min_rtt=17762&rtt_var=2122&sent=31&recv=26&lost=0&retrans=0&sent_bytes=18721&recv_bytes=10129&delivery_rate=659987&cwnd=14400&unsent_bytes=0&cid=7fdac26912339378&ts=389&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 26 Dec 2024 20:47:09 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Sun, 15 Dec 2024 05:42:30 GMT
priority: u=2,i=?0
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f83eca5dbd79f36-FRA
server: cloudflare

GET
H3 200 index.php Show response
hd.lordseriy.christmas/engine/classes/min/ 165 KB
44 KB 99ms
98ms Script
application/x-javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.lordseriy.christmas/engine/classes/min/index.php?f=engine/classes/js/jqueryui3.js,engine/classes/js/dle_js.js&v=57a20
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1ce78cbd86acda1d046f3bf2da112ae3f193ab0790eb0e1c75bd25f33988006

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: "pub1734241350;gz"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rEQRKY9vZbSIPWUTd1u3BAjWqwhdppdGgIQOdkBFgEtOh02G63YbTm3nKheyjptbxpUrYVmjYtpuR9ERA5yzViJcA%2F2vtQ3aJXGYnTgYd04O1fzRdIAHmEMOaZZwBIHg7LJlruPlFupx"}],"group":"cf-nel","max_age":604800}
expires: Fri, 26 Dec 2025 20:47:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18738&min_rtt=17762&rtt_var=1113&sent=60&recv=31&lost=0&retrans=0&sent_bytes=52321&recv_bytes=10344&delivery_rate=214916&cwnd=21600&unsent_bytes=0&cid=7fdac26912339378&ts=424&x=1", cfExtPri, cfHdrFlush;dur=1
date: Thu, 26 Dec 2024 20:47:09 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Sun, 15 Dec 2024 05:42:30 GMT
priority: u=3,i=?0
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f83eca5dbda9f36-FRA
server: cloudflare

GET
H3 200 libs.js Show response
hd.lordseriy.christmas/templates/LordFilm/js/ 12 KB
5 KB 97ms
96ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.lordseriy.christmas/templates/LordFilm/js/libs.js?v={cache-id}
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29394a57a49c70f3856e2fa7ee7d32bc222339abd2f6ee6dc84d7694a835cf8f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bzHheORBwBBpE5rTifoZIJCNIHrAc05OH%2BXU5Hh3P3%2F0FbbP360ec5W1C0oM%2Fyeh8xrAHJkPtgEli%2FvReZL1B8ofkq2DmEQW7N%2BfLD3lk6fEr37ZraQ%2Fm9kwuXopVv3kn76qyDKP%2FYFz"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca5dbdb9f36-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18738&min_rtt=17762&rtt_var=1113&sent=60&recv=31&lost=0&retrans=0&sent_bytes=52321&recv_bytes=10344&delivery_rate=214916&cwnd=21600&unsent_bytes=0&cid=7fdac26912339378&ts=415&x=1", cfExtPri, cfHdrFlush;dur=10
date: Thu, 26 Dec 2024 20:47:09 GMT
content-type: text/javascript
last-modified: Sun, 15 Dec 2024 05:42:34 GMT
vary: Accept-Encoding
priority: u=2,i=?0

GET
H3 200 owl-carousel.js Show response
hd.lordseriy.christmas/templates/LordFilm/js/ 44 KB
13 KB 131ms
131ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.lordseriy.christmas/templates/LordFilm/js/owl-carousel.js?v={cache-id}
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63f3c8dd098ed6e340deb2bfd4bd17a6ec0a33cc0bcff2bebbfb9214658f6671

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7GnsoAh0N4%2FmvFzWWwS%2FaVuFAlfy8B2IKxS0a5ZnhQ7xOiyA1H3AiJXpX%2FHaDurNw3ZEUckeAXFjgfKLQbWsyzd%2BAHirB%2Fkxzinlf8oz53Ag0kMOejpWhrSqsk1lKIxPiFKGIVuH8WwS"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca60c1b9f36-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18840&min_rtt=17762&rtt_var=855&sent=95&recv=37&lost=0&retrans=0&sent_bytes=89415&recv_bytes=10602&delivery_rate=341345&cwnd=39600&unsent_bytes=0&cid=7fdac26912339378&ts=440&x=1", cfExtPri, cfHdrFlush;dur=3
date: Thu, 26 Dec 2024 20:47:09 GMT
content-type: text/javascript
last-modified: Sun, 15 Dec 2024 05:42:34 GMT
vary: Accept-Encoding
priority: u=2,i=?0

GET
H3 200 filter.js Show response
hd.lordseriy.christmas/templates/LordFilm/js/ 71 KB
20 KB 163ms
163ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.lordseriy.christmas/templates/LordFilm/js/filter.js?v={cache-id}
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b216c6486b54cece2b67e8ea186454221be15379675c0964416af71cb24829b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0r9syPHRCuFyhOd2RCWGNqNvkObdBFdBU4mDRQZo78B4FGbnCpTSTjqR3fZBTgd01q7hIwi28tI2aKzEWBTTa496SmSZ1nLNd0dyv93ll9lx%2FEA2zKH4LlSklvdSLbGNCJuAOs8T32l1"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca60c209f36-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18625&min_rtt=17762&rtt_var=444&sent=257&recv=55&lost=0&retrans=0&sent_bytes=273864&recv_bytes=11403&delivery_rate=3559308&cwnd=114000&unsent_bytes=0&cid=7fdac26912339378&ts=494&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 26 Dec 2024 20:47:09 GMT
content-type: text/javascript
last-modified: Sun, 15 Dec 2024 05:42:34 GMT
vary: Accept-Encoding
priority: u=2,i=?0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 222 KB
76 KB 257ms
126ms Script
application/javascript 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

ab6f545892f640da445a4695190e0e9eab30b2119cbbb2a0e40b2d96462eb039

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
content-encoding: br
etag: "67655eba-12b7d"
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Thu, 26 Dec 2024 21:47:10 GMT
access-control-allow-origin: *
content-length: 76669
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: application/javascript
last-modified: Fri, 20 Dec 2024 12:10:34 GMT

GET
H3 200 bg.jpg
hd.lordseriy.christmas/templates/LordFilm/images/ 245 KB
245 KB 91ms
91ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/templates/LordFilm/images/bg.jpg
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/templates/LordFilm/css/styles.css?v={cache-id}
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26964643672f4a385d91af893803917177a49bd62cf45cff608d08b8868645c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/templates/LordFilm/css/styles.css?v={cache-id}

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1kM2jAAUTguJ7dfSABmr%2FqnWWHwd5dzgqt4PGBYU5jLgJlypTaD1%2FHpEAu85o%2BWfq8Y1PAoRt0oi0Zz7rcanJUtjhbfPBWyRVXOnyU4xhlO9Ulfwv248L2VfnmoVmCcE1DnzgzcrkWy7"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca71da29f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18761&min_rtt=17762&rtt_var=563&sent=380&recv=83&lost=0&retrans=0&sent_bytes=404600&recv_bytes=23543&delivery_rate=4407867&cwnd=123600&unsent_bytes=0&cid=7fdac26912339378&ts=620&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 250585
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/jpeg
last-modified: Sun, 15 Dec 2024 05:42:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 logo.svg
hd.lordseriy.christmas/templates/LordFilm/images/ 1 KB
1 KB 85ms
85ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/templates/LordFilm/images/logo.svg
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/templates/LordFilm/css/styles.css?v={cache-id}
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15a96c4dd53ac75387574a966d342e3be1b5abb54059a05ccb3aa8b630856321

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/templates/LordFilm/css/styles.css?v={cache-id}

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FAlkX1tmz0TaS1D0ajM%2F%2BlGgOj%2FZ2uHDyJJ%2FFRZFxQTkdEXirV1d63tBi0UL9c%2FAptNCPXaWegFIwtmTLWZj%2FZzDKR%2BSqsImh5ibGayzAoyg%2BHH02VEU7p76nJkORPDpvTru%2Fp1Ild57"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca72da79f36-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18761&min_rtt=17762&rtt_var=563&sent=380&recv=83&lost=0&retrans=0&sent_bytes=404600&recv_bytes=23543&delivery_rate=4407867&cwnd=123600&unsent_bytes=0&cid=7fdac26912339378&ts=620&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/svg+xml
last-modified: Sun, 15 Dec 2024 05:42:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 5304403_1733808368.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 92 KB
93 KB 131ms
130ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/5304403_1733808368.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cae4b39663840ecdbe2c4083ec2051116a84b4273660c58320359c0f2fad4a56

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rWGs%2F4XlqDH%2BTWCLFUfP0qJA0T6Pd%2FLiNuFZ7f223Ocpx4xLdM9Wzgv4kWEVFKRlkqfb%2BKSUtxnTxtIhOaNmwrn%2BG9pF%2F63HqqH95JNFjlS4vUvuQ3tMnf85%2FI6XQv%2F%2B7j05RTpoZ%2FHA"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca73dbf9f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18698&min_rtt=17762&rtt_var=789&sent=802&recv=95&lost=0&retrans=0&sent_bytes=901289&recv_bytes=24082&delivery_rate=13471621&cwnd=326400&unsent_bytes=0&cid=7fdac26912339378&ts=680&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 94418
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 5360026_1733809796.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 85 KB
86 KB 139ms
137ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/5360026_1733809796.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8573f46e6870d78017527b67a6bb07c6555e90dcb8f067745d06784ce3ecc4fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eByUMhw1OqULJv49uNQYJsiYHgocB6I%2BAs%2B%2BF%2FMgXF1geqq63HiMZae%2FCNKd%2F%2FAOSrRHi4Q590tZEJpWoXqctceKuuDkKy%2BBoCoInbcBtN0ux8JWvFzUGfnpKo1TSQ5SmwLz%2FJDEhj7O"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca73dc19f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18637&min_rtt=17762&rtt_var=563&sent=1058&recv=98&lost=0&retrans=0&sent_bytes=1206214&recv_bytes=24218&delivery_rate=13623140&cwnd=326400&unsent_bytes=0&cid=7fdac26912339378&ts=686&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 87444
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:36 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 4771892_1733839348.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 77 KB
78 KB 133ms
130ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/4771892_1733839348.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a8d3a7b303c6aa356f89ef4cb37dbbd6f939dc639630989f3fe3d4d0ceebd1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TMjy7JZIQdh%2BlJ6hNGcGpfLUx1PNS%2FWbSR9zwHIo%2BvsL0rR4XbA3254ESSNjU2s00pUx1OzaT%2B6mjuSIrSR8Du9ge9Jv%2BPeqe9sINxNzUta%2FpOs6LAqISgdO8Dq2uh9F40kBFPfevtg2"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca73dc59f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18698&min_rtt=17762&rtt_var=789&sent=884&recv=95&lost=0&retrans=0&sent_bytes=998591&recv_bytes=24082&delivery_rate=13471621&cwnd=326400&unsent_bytes=0&cid=7fdac26912339378&ts=682&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 79016
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 727157_1734847581.jpg
hd.lordseriy.christmas/uploads/posts/2024-12/ 107 KB
108 KB 135ms
131ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/727157_1734847581.jpg
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 221e5096795c4a79c701a975be10e9ab5db2f097fd300367e601d51529dd562b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SscVmCxqUVgzJLaWAu6YPmJZ5JT82gi67DeRHgQ9WZ9kFlnbpEEtNs%2FmktgaFhFJrq9OIH5Rb72lCUXXWgqM8uyxRL8NYXfAVotuJaUOwhE4i5mlsVoflXvmxZebqRH8pSzmmbXmRUN4"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca73dc79f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18698&min_rtt=17762&rtt_var=789&sent=952&recv=95&lost=0&retrans=0&sent_bytes=1080103&recv_bytes=24082&delivery_rate=13471621&cwnd=326400&unsent_bytes=0&cid=7fdac26912339378&ts=684&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 109698
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/jpeg
last-modified: Sun, 22 Dec 2024 06:06:22 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 5401330_1733809776.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 93 KB
94 KB 149ms
145ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/5401330_1733809776.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ff4c830fb7709a20d5090e51b85edd2f2cfff075f7909776b270fcf795f4eb4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uuRhkfvZ%2FErEkL2yABw3zDwGJ7tSLxUepdjoEugswtybb7xVu9VkQ65a8tX%2FWrcCV9nf%2BRX%2FVz7WaToppZmfFgpSRTfxJ2M9kuQupa6wCuraybpo7w7TfPIQtBOeLh69IIJ6542WB2U6"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca73dc89f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18609&min_rtt=17762&rtt_var=477&sent=1094&recv=99&lost=0&retrans=0&sent_bytes=1248089&recv_bytes=24264&delivery_rate=14672163&cwnd=346800&unsent_bytes=0&cid=7fdac26912339378&ts=690&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 95308
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:36 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 4531254_1733731535.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 94 KB
95 KB 91ms
86ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/4531254_1733731535.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9906da98130df81b6da1af0d217bd23615279ec824ab216cc2ce809a4d514e4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CI7RUt7Ag4vqMCpRnf5JhLShE6VFXppsWKPIOkPAOGiMYKIUaVOdqv6eQOo0X0YEeXpbBPpF%2F3btACAx1Z6zGiHbqdu5ukE1f%2F2ZiFDU6eIkQ08Lj5WXuJEHIU5ZqAUXJJMH0wDuLpIC"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca74dca9f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18742&min_rtt=17762&rtt_var=362&sent=511&recv=85&lost=0&retrans=0&sent_bytes=559545&recv_bytes=23631&delivery_rate=242884&cwnd=133200&unsent_bytes=0&cid=7fdac26912339378&ts=641&x=1", cfExtPri, cfHdrFlush;dur=1
content-length: 96454
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 1306640_1711095867.webp
hd.lordseriy.christmas/uploads/posts/2024-03/ 89 KB
90 KB 135ms
130ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-03/1306640_1711095867.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31162a69308b2b73938db0d84b940a5eb6822189852de63c3c815b0a979f532f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qnPYM%2Btb9bgzBaoO6FzH%2BqtbMVE9LlSQVxPMi1%2Brw2EpLHvr3falRIGiKy1B9GB0InNyuHD0Z9eBa0QsMAnp2gbiBHk2X46m3R4H9NpZQJYLUFXvN9RaXS%2BYpe6DJ2TrnJLOJWQdDoyi"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca74dcb9f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18655&min_rtt=17762&rtt_var=702&sent=979&recv=97&lost=0&retrans=0&sent_bytes=1112311&recv_bytes=24173&delivery_rate=12998225&cwnd=326400&unsent_bytes=0&cid=7fdac26912339378&ts=685&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 91086
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:30 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 568082_1733480681.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 96 KB
97 KB 257ms
251ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/568082_1733480681.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fd25a586b425c742f647b1a32f6811d99823e0facd8de31f8605fc00dab6825

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BBSwnBV%2FyTlnz7A%2FnDUK6bUI3BWoCXuFiVIks%2Frtn7UdCYeZe57hYzPat2NUeQpHpzVIRhLRSSXvF6KTUoQhN6zAKUS4sJCTCg%2FH0W476e4ENwO0w0OdR7U9kgbRRftBYhHriFKbnX01"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca75df49f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18918&min_rtt=17762&rtt_var=1304&sent=1547&recv=123&lost=0&retrans=0&sent_bytes=1780372&recv_bytes=31232&delivery_rate=2127&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=805&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 98596
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:36 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 5119846_1732624229.webp
hd.lordseriy.christmas/uploads/posts/2024-11/ 59 KB
59 KB 107ms
102ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-11/5119846_1732624229.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2982ffa42e293e0c11e7b3a8df6b3606e377e9904081c4cdb309fd5749280839

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZLAk6YmDUAT%2BiAm%2Bm77%2FrpkfZ4B8XoKwjhXNnP3y6s%2B%2FCQNOJjsPnEjoHS67lqlmSrsGzytN%2FhWXE2pMXCSNpnxEIIaO5I1WVwibMBUCB3K6dej4l%2BPk6nn570GoQebkXDmoyRuyfAz0"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca75df79f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19273&min_rtt=17762&rtt_var=1133&sent=683&recv=87&lost=0&retrans=0&sent_bytes=763366&recv_bytes=23721&delivery_rate=1378413&cwnd=235200&unsent_bytes=0&cid=7fdac26912339378&ts=657&x=1", cfExtPri, cfHdrFlush;dur=1
content-length: 60032
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 4552300_1734934813.jpg
hd.lordseriy.christmas/uploads/posts/2024-12/ 84 KB
84 KB 159ms
154ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/4552300_1734934813.jpg
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e716815fb10807fb2f84dd112fd317c525de5c1b552cfe667dd4b9d1cdddcd5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hYun73FLusMs3d96J4rvG5S20zwjOODCuF%2BHX7uffzJHAvzsHOIFTx%2BTm%2FisAs%2Bk1xbm4pMkFxPf%2BrH5iX8Ymv66nziaZakTHFz%2B2CXf4V4L5ZlUE9UkfQmbiqiGtzANjsxdX51pZlHn"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca75df99f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18854&min_rtt=17762&rtt_var=703&sent=1258&recv=107&lost=0&retrans=0&sent_bytes=1442783&recv_bytes=24627&delivery_rate=13875296&cwnd=489600&unsent_bytes=0&cid=7fdac26912339378&ts=709&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 85821
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/jpeg
last-modified: Mon, 23 Dec 2024 06:20:14 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 5270344_1734935621.jpg
hd.lordseriy.christmas/uploads/posts/2024-12/ 70 KB
71 KB 165ms
160ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/5270344_1734935621.jpg
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72773439ef31387a6261faff3ee08b3410f624e9992adfdb56c0702b1d73fe3a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E6%2BwE7L8EoovjfmGWHhsnr7hfZeUsGXSEydAiMNNQWOWHzcDoQ6G2e%2BXA0%2Bry0SubKoFEf5rGG1wlGB9nfDccit57ipNd4f6RqpGKPVX1MnVIjjIzTQqw%2FtHu2UJA8%2BQCYRmVVcLb%2FhO"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca75dfb9f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18894&min_rtt=17762&rtt_var=606&sent=1480&recv=108&lost=0&retrans=0&sent_bytes=1706248&recv_bytes=24674&delivery_rate=15006588&cwnd=489600&unsent_bytes=0&cid=7fdac26912339378&ts=715&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 71525
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/jpeg
last-modified: Mon, 23 Dec 2024 06:33:42 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H/1.1 200
OK cef3c20b8394f3ec7b6c68aa44690ecc.jpg
www.vokrug.tv/pic/product/c/e/f/3/ 22 KB
22 KB 174ms
59ms Image
image/jpeg 80.66.90.75
SELECTEL-MSK JSC ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vokrug.tv/pic/product/c/e/f/3/cef3c20b8394f3ec7b6c68aa44690ecc.jpg
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.66.90.75 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: e637494e34528d4f086e7cf84ef490d65f4dd075c8b83bcc53611898c63cde08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Cache-Control: max-age=2592000
ETag: "675a757d-58a3"
Connection: keep-alive
Expires: Sat, 25 Jan 2025 20:47:10 GMT
Accept-Ranges: bytes
Content-Length: 22691
Date: Thu, 26 Dec 2024 20:47:10 GMT
Content-Type: image/jpeg
Last-Modified: Thu, 12 Dec 2024 05:32:45 GMT
Server: nginx

GET
H3 200 5438351_1727516368.webp
hd.lordseriy.christmas/uploads/posts/2024-09/ 59 KB
60 KB 162ms
157ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-09/5438351_1727516368.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfebc59b947518831738d45d89d06299fda8433a1d0a4387882df0ee42676d59

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pUNj%2Bs8e0hT9rdlgP7rI5og%2BSpBDFrggohpvkkESHiDKEkEhJEOwmZ68bmqrp44jst9kG7UF7iQLrvqm%2F4%2BOyhvCnzAnlRpDRShtxP04maPFVzt8%2Bk1FAKiG50stCDGZBljjMRLIozDu"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca75dfc9f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18854&min_rtt=17762&rtt_var=703&sent=1378&recv=107&lost=0&retrans=0&sent_bytes=1586783&recv_bytes=24627&delivery_rate=13875296&cwnd=489600&unsent_bytes=0&cid=7fdac26912339378&ts=709&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 60308
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:32 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H/1.1 200
OK 9c766dda3307ea11b9465b89650e9194.jpg
www.vokrug.tv/pic/product/9/c/7/6/ 17 KB
18 KB 172ms
59ms Image
image/jpeg 80.66.90.75
SELECTEL-MSK JSC ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vokrug.tv/pic/product/9/c/7/6/9c766dda3307ea11b9465b89650e9194.jpg
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.66.90.75 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: a66f6f3302156b53ab658b1bffe3a331f4fce7ff25449208188cefbbaea54cff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Cache-Control: max-age=2592000
ETag: "671e6e82-4566"
Connection: keep-alive
Expires: Sat, 25 Jan 2025 20:47:10 GMT
Accept-Ranges: bytes
Content-Length: 17766
Date: Thu, 26 Dec 2024 20:47:10 GMT
Content-Type: image/jpeg
Last-Modified: Sun, 27 Oct 2024 16:46:58 GMT
Server: nginx

GET
H3 200 5075873_1732715006.webp
hd.lordseriy.christmas/uploads/posts/2024-11/ 75 KB
76 KB 157ms
152ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-11/5075873_1732715006.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c3ca555649d677537dcfd5b315b6ec00f197fb0fe8d93f7c0e1507975e41809

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rWq0w8N62DC08Bm%2Fvn5zZuJ8%2BnYdZ0WuvgXjDRt2a1yUABM0HnuafYWLtBMMJX%2FyuqTN42FUKwEJQYgwRWl2mhlajsiGPwdnHFXrAGYD4dFgktkYQTL5heMfluc11MoxXT8si63BtktG"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca75dfd9f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19005&min_rtt=17762&rtt_var=788&sent=1218&recv=105&lost=0&retrans=0&sent_bytes=1394783&recv_bytes=24535&delivery_rate=12848668&cwnd=489600&unsent_bytes=0&cid=7fdac26912339378&ts=708&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 77266
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 5319850_1733564588.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 86 KB
87 KB 883ms
878ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/5319850_1733564588.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cffc011b294fae437a7ae378d2151a37679f8cd669783be5e8bd2f6f7969aab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SS4UYyAghTwxZpXBQ9txR2QT%2B0Z9k52cGBUfrYOaG8Ci3M%2FXl7vm4p4MIZqxLtEynJB8%2FbSKs4TaAnMzUJb1yC3T%2FvhFcSPg6YsvbEvmkQuzKHiMdJREea5WvKfu3V1%2FSlXA6JKk2V98"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca78e2d9f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19707&min_rtt=17762&rtt_var=491&sent=1749&recv=140&lost=0&retrans=0&sent_bytes=2020905&recv_bytes=32398&delivery_rate=258934&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=1435&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 88144
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:36 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 5305583_1733499394.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 63 KB
64 KB 335ms
330ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/5305583_1733499394.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 462b107a23105f2608c75b5e4e6e882c1e13436eeac18df326629d3b68767a82

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9nv0aguLiZKhtB7gQu%2Fxxhuy4%2F7cda5OnuGboO7MkXjIqbuXWj3CTL%2FSOFLZoaspD08Kx0b8t7Sq37RXEoEMRTHQyIXc9XglFnD30WkFRZdOXrpaheFx0IRkvXuNfRxQvuYnkLmbF7dJ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca78e349f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19979&min_rtt=17762&rtt_var=1334&sent=1632&recv=129&lost=0&retrans=0&sent_bytes=1881928&recv_bytes=31498&delivery_rate=1627635&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=886&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 64926
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 5941092_1733564373.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 68 KB
69 KB 857ms
853ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/5941092_1733564373.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cd714df5d7333e18aff0910d25b5c0ba6a6775a4a51a0cb05c9488654919dc2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z1%2B4iGQqxeeNkTHaGnvIg%2Bf5D8YuLt%2B8hX3311ZX8t3lilwk9omWSpHOPYq4QZWei%2F7T12Qb%2Fmay1L6j60Uj2xVLDvv8I6x7SDAtrLah4nADQ1JI1bTWtWhmLnpnrIplCFI71%2FpyEKEl"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca78e369f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19598&min_rtt=17762&rtt_var=652&sent=1689&recv=135&lost=0&retrans=0&sent_bytes=1949054&recv_bytes=32178&delivery_rate=3676201&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=1409&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 69564
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:36 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 4867443_1733564415.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 72 KB
73 KB 95ms
91ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/4867443_1733564415.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d581c099566357c9246cc90a7a9779ed970c9ee70aaeecfe63edf8eaa2510e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sn3YguionU9V4FiNwYeICKkX%2Fko8KXSIaYXLoz%2FAJLWCCIqZ3CFGdR53dmUk0xHDPMFN%2FjAFoxr9Mj%2BHcyqoZlJA4Zzdh%2FMMHgh1%2FoUWmMfpcRL6LkKF14oDeVJmb5bFQM572cvQyUip"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca74dcc9f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18742&min_rtt=17762&rtt_var=362&sent=494&recv=85&lost=0&retrans=0&sent_bytes=540166&recv_bytes=23631&delivery_rate=242884&cwnd=133200&unsent_bytes=0&cid=7fdac26912339378&ts=640&x=1", cfExtPri, cfHdrFlush;dur=7
content-length: 74232
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 4360157_1733499275.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 63 KB
64 KB 898ms
894ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/4360157_1733499275.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e6bd065b74c14ba3dd35466bab123e22428d5e3abe21360eba38103ff5ca669

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jw8mRohxEPB7SS%2Fc1HAE0WzCWntv7p2rTOQio1jVJA7I%2BYa0oWvF03JLBUDe1Fy0l6RpLkDW4fTwMk6w29Rtq9fU9QnvX%2B9Zk%2FiXKshD2Vio6Oc5DvCoVFeqKe1RpLTukwIEPjJwZk9o"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca78e3a9f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19707&min_rtt=17762&rtt_var=491&sent=1825&recv=140&lost=0&retrans=0&sent_bytes=2111764&recv_bytes=32398&delivery_rate=258934&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=1450&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 64980
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 5388439_1733480160.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 74 KB
75 KB 902ms
898ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/5388439_1733480160.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52fbd86060452e9d203e00d606c14c8740ad44a494cc73683690e17c0eda8a08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jyfXxhjzEsDggBdFGQ5a1jsMBmmMQTsP7zB9yua2uyH%2ByGYkv7EQCvvIYlJ1Nx2XhAL6uBi3j0b4Ax8jMa1dyYpVOMlwZeJ%2F42Ddo3siPV485e8r1C8YDSsEEfl%2FbsoK6ya2vNaLtv0P"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca78e3c9f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19379&min_rtt=17762&rtt_var=398&sent=1881&recv=145&lost=0&retrans=0&sent_bytes=2178914&recv_bytes=32623&delivery_rate=302060&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=1455&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 76192
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:36 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 5515324_1733638379.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 81 KB
81 KB 1019ms
1015ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/5515324_1733638379.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36e0686e3dc4ac5de38f9e28f004c2e61293f4c72c4a6c155cfcf199ffd39b0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bavfXMhq%2BuIESZBOBKBH77GC98Q9vYVxf5y6qccox0DiBi89wHMzrV%2FDZ6eeUlzYrixvDwDHjQxx9RK9F2ggJQnqpP0QVYI45PYcjquVqCxlDZRG66SWSvLr6OQDRmd6gq4x1gDjwvBQ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca78e3d9f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19705&min_rtt=17762&rtt_var=1127&sent=2022&recv=155&lost=0&retrans=0&sent_bytes=2344991&recv_bytes=33081&delivery_rate=976&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=1572&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 82660
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:36 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H2 200 orig
avatars.mds.yandex.net/get-kinopoisk-image/4483445/41b0dacd-cca7-484b-9032-0edee91d68a8/ 618 KB
619 KB 343ms
219ms Image
image/webp 2a02:6b8::184
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-kinopoisk-image/4483445/41b0dacd-cca7-484b-9032-0edee91d68a8/orig
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 636802e86fdebbd4c8d2372ed0637e601045e7b40c04f57eb391761b1f1b0d12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-request-id: bd30c2b3e71d35d5
cache-control: max-age=604800,immutable
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin: *
access-control-allow-credentials: true
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=KLG"}]}
access-control-allow-origin: *
content-length: 632772
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/webp
last-modified: Tue, 12 Nov 2024 11:50:55 GMT
server: nginx

GET
H3 200 5019944_1733810528.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 83 KB
83 KB 904ms
901ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/5019944_1733810528.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e9d30bd2b31fd3885980ddc7ce6fc2ec1f747d7bc3b36e02992d132f8f8ad0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SgCtpny9egto9Y%2FkTCjjDNyUez0hn16HemFxkV0bdiJuelo1V4HqFjUIwmw%2B%2Feun%2FE3pz9ov2P2Ud9NQzgsNOn5v7%2BxAs6pNsFL0Rg25z7DLk33glDkZa4zkVKZdiyJqtLm4m86jQAxZ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca78e3e9f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19379&min_rtt=17762&rtt_var=398&sent=1947&recv=145&lost=0&retrans=0&sent_bytes=2257544&recv_bytes=32623&delivery_rate=302060&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=1458&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 84764
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 4456536_1733565529.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 73 KB
74 KB 1312ms
1308ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/4456536_1733565529.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23446889b79196ed8d14de97b57659cd16246b93dbd9bd0b6b60836b62719dd8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fpq5o97lwyB0hU9HGoYwiMb%2B9tFRmu9QJpQgYPM6LzuN1DXfftA6QC5ls9%2BtEx4y5cEonhbh4HfougsIU1VuKlpwiqx%2BJpdVO7xG4IgwEh7rg4IUPRoRZeicO33Byp1CO1QPd9liUPzM"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca78e409f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19242&min_rtt=17762&rtt_var=521&sent=2280&recv=178&lost=0&retrans=0&sent_bytes=2648348&recv_bytes=34118&delivery_rate=2885221&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=1865&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 74784
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 6219173_1733151481.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 82 KB
83 KB 1173ms
1169ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/6219173_1733151481.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73e706ef4a401d18c2d79f9b0c0ee7fc4e8746de089f5ee08f897090e8d84ad7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OOfmMKuR%2Bjppm1nRo%2BZCwjVmI6bwrp0woN6YdINfN3kgPP6tqgeLqDYrL1dxG8FV44LASVYCrf%2FmtuLuSLZK0wKwMN3fUCTmBcqBZJL%2Bu8jeMfhE2pGTV3GvqeUTxPnYU%2Bz%2BGCkGi8z7"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca78e429f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19347&min_rtt=17762&rtt_var=236&sent=2160&recv=167&lost=0&retrans=0&sent_bytes=2507390&recv_bytes=33616&delivery_rate=945016&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=1726&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 84000
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:36 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 5374681_1734533100.jpg
hd.lordseriy.christmas/uploads/posts/2024-12/ 111 KB
111 KB 1372ms
1369ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/5374681_1734533100.jpg
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db0ad30560e4c9eaf2bcc11c571b22d0d85a1b13b6ee2ee2dbb1f3ee7282753c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kMdqd757oTpnlHECNJ1aZxY8vlgtN3Avib4xtfi%2Bo9uU7idU3u%2BEYbeDRN5wVxEek2ongv3YoEUODL%2F6w%2F6lDUmNjew2HXqMStJ%2Fgu1bzdkRq2AVi8IT6Z4oebJQFQftsVigi4FOTgj2"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca78e439f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19195&min_rtt=17762&rtt_var=485&sent=2345&recv=179&lost=0&retrans=0&sent_bytes=2725545&recv_bytes=34164&delivery_rate=857795&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=1926&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 113355
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: image/jpeg
last-modified: Wed, 18 Dec 2024 14:45:01 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 1245667_1734533698.jpg
hd.lordseriy.christmas/uploads/posts/2024-12/ 51 KB
52 KB 1221ms
1217ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/1245667_1734533698.jpg
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a174dd347807975b4fb8c4ad873ee3a75ed3b99cfe15e02f37dd567d8dd1d75

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LIMhAqQAF5o%2BptO5duPUjbNOvjjqAalouqyF26R5cScX8d%2BL9o0S7R65aBAYtkPq%2B4EhT0Qf8D9MGt4vX0d3QWroQ0ZQfRSBqThLLhE7EmE8QJurEZoV%2BNrmh4OkXW3nKnIF50CcgFv4"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca78e449f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19130&min_rtt=17762&rtt_var=187&sent=2233&recv=173&lost=0&retrans=0&sent_bytes=2594032&recv_bytes=33887&delivery_rate=4754668&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=1773&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 52398
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: image/jpeg
last-modified: Wed, 18 Dec 2024 14:54:59 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 5453359_1734613179.jpg
hd.lordseriy.christmas/uploads/posts/2024-12/ 50 KB
51 KB 1833ms
1830ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/5453359_1734613179.jpg
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db8e30aa07ec7666d6627c36d9e7de3bf6ac47d980c0b7df1b33b8327656c502

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TPwaBZhWpFLsz387ttDE5W0QH9P4mm13lXogpuAV4ZRaUyJTv0KeWK5DvuGv6tR2pz7wcBCKDNfRDNz6cJ11l6MD1m40aBlSVeErukH6tgtFLcZalHXJePecsYQs98Y5eFqc8UJd5gey"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca78e459f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19250&min_rtt=17762&rtt_var=367&sent=2443&recv=184&lost=0&retrans=0&sent_bytes=2842207&recv_bytes=34390&delivery_rate=6321395&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=2387&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 51688
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: image/jpeg
last-modified: Thu, 19 Dec 2024 12:59:39 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 4491006_1733564268.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 73 KB
74 KB 1147ms
1143ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/4491006_1733564268.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14260743f30cb3820d3da47bcb4be3c6239ddae5132e54fe4a67fc324a2fb5b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Fb6mNDmDhJ9IzvwNgDxc6%2FUxq6wPXxSiqAEmdLO7WyhekFkmykBqc%2BPVEGVHmnQLJ8tBb39YV8L%2BGUhpazUFwWl1ucoQcw9tlloRDWw8LtHdK8hMsXSf25SW0GeJZlnbRhUD0FdyPTs"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca78e469f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19416&min_rtt=17762&rtt_var=583&sent=2095&recv=161&lost=0&retrans=0&sent_bytes=2430284&recv_bytes=33350&delivery_rate=4481733&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=1700&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 74692
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 5430480_1733499648.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 102 KB
103 KB 1964ms
1961ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/5430480_1733499648.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6134f2db27eee735c0883fd6476c4dd7d7331019755f2beedbbbc32802c03f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VJNPqE16QXf4dTTO6KTrCjYwnA10gsGKniMK%2BBpCkUPbOiZEcHbxzLK6W027KoDioSnduewsz1nSqr%2FTiV0vLgLhgccJc%2BCk4kf93TUojAOfobs5qKhGJ%2FqawWim6%2BqA0c6PbYYDxKwh"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca86f6e9f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19443&min_rtt=17762&rtt_var=799&sent=2568&recv=191&lost=0&retrans=0&sent_bytes=2990291&recv_bytes=34711&delivery_rate=6878885&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=2518&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 104666
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:36 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 5458390_1733810503.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 54 KB
54 KB 2734ms
2731ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/5458390_1733810503.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab0a4bc227c7ccada09a23cd6f504e48fa58c706830c0112717939ef9d33b246

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=55BkPedQAWkx%2BHi6jJThaDhM8uJigXa1PWBBaODUCGPbU7WpzSw3P0e3CKyNDUh0cmlrF50SX%2Fzdk%2BZ%2BWT6T2T9KTDteJadQsuMFtxgWSfmx43fLC0c4uJi4cjKfiM4VMQ7M84z9TuK3"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca86f6f9f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19019&min_rtt=17651&rtt_var=535&sent=3262&recv=231&lost=0&retrans=0&sent_bytes=3813847&recv_bytes=36516&delivery_rate=3924927&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=3288&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 55068
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:36 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 1245958_1733638083.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 73 KB
74 KB 1968ms
1965ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/1245958_1733638083.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b910bbbb27700d674b937a0989eb02cefdd26bea58dd4796a0382320f44952d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ttqz6XLSZJBOa%2FeS54oHjXk7VD9VIv0P6N4W2euB2ktO858yC00u5%2BcXrEqmF0WMC1wo3MBEXA47t5L5zbyJUEH831G4ChELt3JIb%2F%2B5pYwG%2F3uUZQMxlOoH3bSCMpW6f86tXGN9cmxQ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca86f719f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19443&min_rtt=17762&rtt_var=799&sent=2669&recv=191&lost=0&retrans=0&sent_bytes=3110926&recv_bytes=34711&delivery_rate=6878885&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=2521&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 74744
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 924229_1733578291.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 99 KB
99 KB 2229ms
2226ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/924229_1733578291.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18c0a1924323d5b71b7a9e450d9eda05b0b0bd677587493604ba2689398bb8a0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SrhVJVZfM96Kmxs1U6xUGjd1ZhTvIIwdKjb84Sb%2BlM7NN5wQvmNclLDZmuqdxm6chXjL5ao09SzpcJsYN9uGuebc1FXIfIkpLCwgIOIJ%2BO0F5Ab576ObU2zIUmqeAsIv2mzW4I0HR47Y"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca86f739f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19589&min_rtt=17762&rtt_var=681&sent=3113&recv=222&lost=0&retrans=0&sent_bytes=3636617&recv_bytes=36112&delivery_rate=2380066&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=2784&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 101002
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:36 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H2 200 orig
avatars.mds.yandex.net/get-kinopoisk-image/4716873/18fa1237-8578-4e98-84c9-be413245fffb/ 271 KB
272 KB 235ms
114ms Image
image/webp 2a02:6b8::184
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-kinopoisk-image/4716873/18fa1237-8578-4e98-84c9-be413245fffb/orig
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: ddd50583ae386c6ff0a7f52b5a590ea3f53702cffc181128f35ecdf5050af4f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-request-id: 95d9da1240695e08
cache-control: max-age=604800,immutable
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin: *
access-control-allow-credentials: true
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=KLG"}]}
access-control-allow-origin: *
content-length: 277992
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/webp
last-modified: Wed, 25 Dec 2024 05:28:34 GMT
server: nginx

GET
H3 200 927722_1733809949.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 69 KB
70 KB 2324ms
2322ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/927722_1733809949.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dc4fe635252c2c68ab4ef4e00356db4f31403c3d3659333421114163ae288e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xkPDrT9P1UVoC%2FXNn9FWjtcSywmh4db%2FDAPVFbysVBHW0RDhgg40HF1Ieg%2FYpuljvib9QMpT1ZQn26nhzjiwXvdinW7KaS2zRyxk%2B5kewaD7VsBoWNGToKdvHIW6seSi2jvmMEkQhC9w"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca86f749f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19012&min_rtt=17651&rtt_var=921&sent=3201&recv=228&lost=0&retrans=0&sent_bytes=3740662&recv_bytes=36380&delivery_rate=4100386&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=2879&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 70878
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:36 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 491522_1733916590.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 66 KB
67 KB 2171ms
2169ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/491522_1733916590.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69c73ae1002b0eb6463207cfa791e4e5425b95280b71e42232251de26e85df49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NGJ%2BEVF%2B0de3kGq2amEobg0ZlJfrsbIabOEaER0%2BfPAkd59zTCTHrU6bKme5K6qqXmW%2B36GK5VA7HgLsh8jBM3m8Ov1RQEbwI%2BF3%2Bp0%2FbjrvE0kVU%2F57YAukr%2FUS3vFLEFBfnI6YdLCi"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca86f759f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19461&min_rtt=17762&rtt_var=643&sent=2993&recv=216&lost=0&retrans=0&sent_bytes=3495169&recv_bytes=35841&delivery_rate=3918806&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=2726&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 67794
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 2001315_1733917302.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 80 KB
81 KB 2147ms
2144ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/2001315_1733917302.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 568c5fa6fe3fdf7eaa7df4d8e546eaec35e843774dd53e63f4ed551a48247b88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uh%2FWpzqDSK4PeMLgI8Kl7MPgDIL4Ky3LekCak8uUzM0k7vLEQfmohoxgrKMV89eHU8aTmKcu4lW6QanzC4YgFLh2renyfoa25d3yxDIu72kmhiUlNQY5jMzZ5KWA%2BBKYS%2BT4nHijx0rt"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca86f769f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19225&min_rtt=17762&rtt_var=500&sent=2922&recv=210&lost=0&retrans=0&sent_bytes=3410293&recv_bytes=35571&delivery_rate=2823294&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=2701&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 82294
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 6224621_1733908381.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 81 KB
82 KB 2007ms
2004ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/6224621_1733908381.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55e6afa88d53e690e0490409be3b9a9d3c71f3478d334e4102455bb9de8af38f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TVJNfq5zsp7%2FvEDH1MQafqjVb79BHGxxAY%2B0jCCkOSP63Fd5GOg1ThbWR%2FgtYwEq34eMVOYWJvZ37Q7m3ncZnWvP2hyKPjBVOFA0j2SfLsZPDF42IA2I86IbexnCLLba85%2BDLCf4tEK%2B"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca86f779f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19193&min_rtt=17762&rtt_var=741&sent=2784&recv=200&lost=0&retrans=0&sent_bytes=3246884&recv_bytes=35117&delivery_rate=3262619&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=2561&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 82972
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:36 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 1117685_1733842422.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 67 KB
68 KB 2195ms
2192ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/1117685_1733842422.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3fecb90e374236b529c6c74f813de68f5cb5d255cc343825e8ff53f0ae14021

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ql0emhYQmTNrndclk1i0UT2sk0dhPXTkwWx7NeAp%2BXFGi9ONV8DHkf0X7nGDzjkhX3o4e43HekfgVNxa%2BXygGNXLRip83G6E4B4v%2F8DFwv1CGDTlUGTwMotvJ4n5XnKFuIfQcuNZ2pDM"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca86f799f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19488&min_rtt=17762&rtt_var=639&sent=3053&recv=221&lost=0&retrans=0&sent_bytes=3565252&recv_bytes=36067&delivery_rate=2447257&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=2750&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 69086
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 610422_1733578263.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 74 KB
74 KB 2035ms
2033ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/610422_1733578263.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 197e5ea552ab9934e995189eb90a28971d51d876c1fabf392f193576fe9bcc53

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4KAWslIW3InWa%2FhazHSCBcxDkG%2FzcFktBmppQhXF0lfQ1ob36wG07HsWuvSM71ijuj2X%2FsQM793r78dJlhSNwh8KlriiMSE7mtDthEP0GzLN8V%2F2PcjtcW3scx1FIl8Zjxas52apnH%2BQ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca86f7a9f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18991&min_rtt=17762&rtt_var=540&sent=2857&recv=206&lost=0&retrans=0&sent_bytes=3332504&recv_bytes=35393&delivery_rate=6462837&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=2591&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 75368
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:36 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 5106881_1733499720.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 60 KB
60 KB 2887ms
2885ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/5106881_1733499720.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d01f2aa3dc6b1429c0e4be0a5f9be0730e97ba7dafd531963d14852a9078f5fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=quCbVuLI8c9KZRgzVdmpx%2B7W5ZyG4a2iCU365Gi%2B8ONZxTz%2ByiEIyq9vwrNmJMA%2B2ySeQVVPszg0q5M1KAOtSHL3ysWzsZ1uMAHAG3ijoAsvHQ5a8aQtahBBerRGOo37iIULo9Vz%2FgQC"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca88f909f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18900&min_rtt=17651&rtt_var=233&sent=3427&recv=248&lost=0&retrans=0&sent_bytes=4008926&recv_bytes=37284&delivery_rate=7546287&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=3442&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 60956
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 1162885_1733579604.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 64 KB
65 KB 2828ms
2826ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/1162885_1733579604.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85f979c5e0786d55553569eaa11381d8a4031e21eed64af60bfba70fd855c935

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wspQ2YBvoYRFVaaes1nr96Btys2A%2FnNnzOwgOD8B%2BXBfmxIKBsUARf4A77OaF3xhXFG%2F9I6pNpOvzxsuMckgCCqeHHNaMr%2F6A7uEfk7FuLLDUhg7LnbykiFgxnTui748waMdYr9kKeZ0"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca88f919f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18925&min_rtt=17651&rtt_var=238&sent=3311&recv=236&lost=0&retrans=0&sent_bytes=3870901&recv_bytes=36747&delivery_rate=3147130&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=3383&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 65616
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 1392743_1733480419.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 78 KB
79 KB 2892ms
2890ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/1392743_1733480419.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5da36073140c816a2248e6bd5bea5f8ae669fc5ffe1f6bf90cc22d4f69c7b0e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N6foeDVqPmnvsb8p0d9fbYTPLEV1Rwv5L7SyR9HIyxsd%2BPrwXYw%2BfuYyY4HYeqEs%2BDuzQ1pOFxTxh53OmkdxIMJKPQLBjOfB8HsWW7XhQuQ6yHjzkeqLq1EpP4Ze3Dvhv%2F56RTDoT2F9"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca88f929f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18900&min_rtt=17651&rtt_var=233&sent=3480&recv=248&lost=0&retrans=0&sent_bytes=4071971&recv_bytes=37284&delivery_rate=7546287&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=3446&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 79942
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 4456370_1733917066.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 79 KB
80 KB 2893ms
2891ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/4456370_1733917066.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c82ce50da97302e1e7bb57a58f6334383c5c35f346369dc390635ae5b36664a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GH8tswO1zMzcFEWcEq4F4Iheu0hWVJbiU1n16XQJ0CjYMpjDf3LO9qX1uXbQYYdog5F5mPbHyLkwqcVeAjElF9meK1SIWCf1Ryamr6xFWt%2FmPDbIuEZesSVlAkBkBfqlP%2B4VoHfXiKiK"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca88f939f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18900&min_rtt=17651&rtt_var=233&sent=3549&recv=248&lost=0&retrans=0&sent_bytes=4154439&recv_bytes=37284&delivery_rate=7546287&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=3448&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 80916
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 1405773_1733931269.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 66 KB
67 KB 2840ms
2838ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/1405773_1733931269.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b633f574ba3808c50e98ec47c7b766171f93371a31f171212ece807163513d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HYfBLkh1MI9hWIPYG5X4zZ2HYRSgxOU19YqaZN6gDh2Xr0n%2FTznVyTlpuVAeouiSInOSUpen2UkMF11c8qgxaGcG3C9CnAlMA%2BcL1QJXdP7t%2BfgxWUsydID1d1tZORe8lIK6tx%2BuYAom"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca88f959f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18925&min_rtt=17651&rtt_var=238&sent=3368&recv=236&lost=0&retrans=0&sent_bytes=3938715&recv_bytes=36747&delivery_rate=3147130&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=3396&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 67958
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 4994559_1733931204.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 91 KB
91 KB 1961ms
1959ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/4994559_1733931204.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f35c48dfc83c0c4b52f5d9d6b6ea275bd84ed241a6ab366fff869204520f338

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=koLYOZGVhRpiUOk6mJIWxe5%2Bc%2F%2BFX1N%2B5zaC1QuZUfAVFK31hC%2BoC6AKinlHFlPdb07ZRWibgSJV4FDTppQILqoLEaWDhsMUnyTZBXoHu5euppewsa9LagCHAZyRAANL0xU7AlahCA5g"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca84f3f9f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19443&min_rtt=17762&rtt_var=799&sent=2548&recv=191&lost=0&retrans=0&sent_bytes=2966291&recv_bytes=34711&delivery_rate=6878885&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=2517&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 92820
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:34 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H3 200 5456445_1733908439.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 67 KB
67 KB 1833ms
1831ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/5456445_1733908439.webp
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19f29336bc6d6025c25a2f442e645b04684b354307ad8e9c8b58d16c97f5c7fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DonoLM%2FgeoPs8n1DmijtMfJ1Zmum%2F%2BpktF5suRE0kAJ3khoqNrNw7QbopFIrXSjj2OYMqsTTVsgRS0mn%2FTZR5QA3DfrMpsK72i11ldycN%2B5APOK0itR7haqUfechp5bjzrPWm8iAV7lr"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83eca84f419f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19250&min_rtt=17762&rtt_var=367&sent=2488&recv=184&lost=0&retrans=0&sent_bytes=2895755&recv_bytes=34390&delivery_rate=6321395&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=2388&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 68250
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:36 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10606.6ZHs54mTonVueA3dVGnr5hVTjoCcCLtJF7hdfoCrIL0iapSSFGxD69vAcBe0YBcZ.UcOS2FTiR-r4oH3xhVDoln_cdOs%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10606.S6W7jkxHzWC_n80VjusTeckBgPCXZBdGsOWwI6FpDGYZWD1-rps2clseBSHHevhEh4Jl6zOEZy2nhNyaDVakP-4f0QGs_UaZ8U0Wod-x1gTWLUIR6gNXDsNXiNN8l0R6BMYzRIBtiv...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10606.nIuuxSBcMBAXqpgg7UzQuSd_KO3n5yM6ZHt2XpFDBt7POKht0Fc-x-qKrvWOs9VeT9vrcm4uNL3LMyy9T-5DutXMd7MraztOWD0GsLQ-6-NGT...

43 B
584 B

70ms
70ms

Image
image/gif

2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10606.nIuuxSBcMBAXqpgg7UzQuSd_KO3n5yM6ZHt2XpFDBt7POKht0Fc-x-qKrvWOs9VeT9vrcm4uNL3LMyy9T-5DutXMd7MraztOWD0GsLQ-6-NGT-R5CyWWjdbnUIgRO0_CtAy7cWT7mBYNazr4n_ZSxcKJ3a5cpbkV5hrkdJ94wtCTSie7uVU9d_NkiqYf20Y11WQ1AiBTYLqon2z6pr3fUQ%2C%2C.qwvXTUsk1ngVqMXS1sT15-X6ZO0%2C

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000
location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10606.nIuuxSBcMBAXqpgg7UzQuSd_KO3n5yM6ZHt2XpFDBt7POKht0Fc-x-qKrvWOs9VeT9vrcm4uNL3LMyy9T-5DutXMd7MraztOWD0GsLQ-6-NGT-R5CyWWjdbnUIgRO0_CtAy7cWT7mBYNazr4n_ZSxcKJ3a5cpbkV5hrkdJ94wtCTSie7uVU9d_NkiqYf20Y11WQ1AiBTYLqon2z6pr3fUQ%2C%2C.qwvXTUsk1ngVqMXS1sT15-X6ZO0%2C
date: Thu, 26 Dec 2024 20:47:10 GMT
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
571 B 109ms
109ms Image
image/gif 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "67655eba-2b"
expires: Thu, 26 Dec 2024 21:47:10 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Thu, 26 Dec 2024 20:47:10 GMT
last-modified: Fri, 20 Dec 2024 12:10:34 GMT
content-type: image/gif

GET
H2 200 cds.html
cdn.adlook.me/u/ Frame 8465 0
0 146ms
48ms Document
text/html 2a11:27c0:10::182
EdgeCenterLLC Edg...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adlook.me/u/cds.html
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0:10::182 , Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash

Request headers

Referer: https://hd.lordseriy.christmas/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache: HIT
content-length: 1439
content-type: text/html
date: Thu, 26 Dec 2024 20:47:10 GMT
etag: "207a2dfe136cd61:0"
last-modified: Thu, 06 Aug 2020 17:06:57 GMT
server: nginx
x-cached-since: 2024-12-26T20:38:47+00:00
x-node: k12-up-gc14
x-powered-by: ASP.NET

GET
H2 200 rlf.css
cdn.adlook.me/css/ 5 KB
1 KB 55ms
54ms Stylesheet
text/css 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adlook.me/css/rlf.css?1.6
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: bc6a7fa3d87f2303f1441693e8bdeb935c537fb5f952373314303b9aa22fabfd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-powered-by: ASP.NET
cache: HIT
x-node: m9p-up-gc30
content-encoding: gzip
etag: "808ef3a9832db1:0"
accept-ranges: bytes
content-length: 1183
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: text/css
last-modified: Fri, 08 Nov 2024 18:04:33 GMT
server: nginx
x-cached-since: 2024-12-26T20:43:06+00:00
vary: Accept-Encoding

GET
H2 200 vast Show response
ads.adlook.me/ 135 KB
136 KB 291ms
160ms XHR
application/json 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adlook.me/vast?id=25206&w=1600&h=900&mult=1&rw=0&ref=&loc=https%3A%2F%2Fhd.lordseriy.christmas%2F&top=&pt=inread&_ts=1735246030356
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 28cd520f20cc5e844bb66349b23f0f1b311df6b2e851c043959ba9508f17028e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 138681
date: Thu, 26 Dec 2024 20:47:09 GMT
content-type: application/json
server: Microsoft-IIS/10.0
access-control-allow-credentials: true

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame E3E2 0
0 180ms
62ms Document
text/html 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hd.lordseriy.christmas/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 2080
content-type: text/html
date: Thu, 26 Dec 2024 20:47:10 GMT
etag: "67655eba-820"
expires: Thu, 26 Dec 2024 21:47:10 GMT
last-modified: Fri, 20 Dec 2024 12:10:34 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2 200 cx32.png
cdn.adlook.me/i/ 1 KB
1 KB 54ms
54ms Image
image/png 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adlook.me/i/cx32.png
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/css/rlf.css?1.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 4b6546145e061f52789243425d5c7f6539154338c487b1b6f86cf60c5ff84ebe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cdn.adlook.me/css/rlf.css?1.6

Response headers

x-node: m9p-up-gc30
cache: HIT
etag: "30203eb7e731db1:0"
accept-ranges: bytes
content-length: 1345
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/png
last-modified: Fri, 08 Nov 2024 14:08:41 GMT
server: nginx
x-cached-since: 2024-12-26T20:45:25+00:00
x-powered-by: ASP.NET

GET
H2

200

1 Show response
mc.yandex.com/watch/99270249/
Redirect Chain

https://mc.yandex.com/watch/99270249?wmode=7&page-url=https%3A%2F%2Fhd.lordseriy.christmas%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Aut...
https://mc.yandex.com/watch/99270249/1?wmode=7&page-url=https%3A%2F%2Fhd.lordseriy.christmas%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3A...

603 B
1001 B

68ms
67ms

Fetch
application/json

2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/99270249/1?wmode=7&page-url=https%3A%2F%2Fhd.lordseriy.christmas%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A794929952921%3Ahid%3A80971784%3Az%3A60%3Ai%3A20241226214710%3Aet%3A1735246030%3Ac%3A1%3Arn%3A189954214%3Arqn%3A1%3Au%3A1735246030519732062%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A630%3Awv%3A2%3Ads%3A36%2C26%2C305%2C18%2C0%2C0%2C%2C171%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1735246029340%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1735246031%3At%3A%D0%9B%D0%BE%D1%80%D0%B4%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20-%20%D1%81%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B2%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B5%D0%BC%20%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

d82a51bd2514abfcb1aa576765133e3c9e68c8f98f2f1b9ab6a904c6809acb76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Thu, 26-Dec-2024 20:47:10 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 603
date: Thu, 26 Dec 2024 20:47:10 GMT
x-xss-protection: 1; mode=block
content-type: application/json; charset=utf-8
last-modified: Thu, 26-Dec-2024 20:47:10 GMT

Redirect headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: /watch/99270249/1?wmode=7&page-url=https%3A%2F%2Fhd.lordseriy.christmas%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A794929952921%3Ahid%3A80971784%3Az%3A60%3Ai%3A20241226214710%3Aet%3A1735246030%3Ac%3A1%3Arn%3A189954214%3Arqn%3A1%3Au%3A1735246030519732062%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A630%3Awv%3A2%3Ads%3A36%2C26%2C305%2C18%2C0%2C0%2C%2C171%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1735246029340%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1735246031%3At%3A%D0%9B%D0%BE%D1%80%D0%B4%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20-%20%D1%81%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B2%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B5%D0%BC%20%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 26-Dec-2024 20:47:10 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
date: Thu, 26 Dec 2024 20:47:10 GMT
x-xss-protection: 1; mode=block
last-modified: Thu, 26-Dec-2024 20:47:10 GMT

GET
H3 200 favicon.svg
hd.lordseriy.christmas/templates/LordFilm/images/ 1 KB
1 KB 2394ms
2394ms Other
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hd.lordseriy.christmas/templates/LordFilm/images/favicon.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15a96c4dd53ac75387574a966d342e3be1b5abb54059a05ccb3aa8b630856321

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DY8Zth0kno5YCUPo7qxPz1axFtu%2BgHi59ESC1dNTsIHpLCCyXzgrEl%2FkcgYAMf%2B%2BSaOu0GlyS2hO4f0FnV%2BLPOa7aNiC5%2FHLdGP%2F%2FiNHLcZhTdhrxhyoaTQOQL%2BmK42C%2Fxf2rJi8irr2"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83ecab29fa9f36-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19134&min_rtt=17651&rtt_var=739&sent=3620&recv=258&lost=0&retrans=0&sent_bytes=4237927&recv_bytes=37740&delivery_rate=12607900&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=3571&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/svg+xml
last-modified: Sun, 15 Dec 2024 05:42:34 GMT
vary: Accept-Encoding
priority: u=1,i

GET
H2 204 / Show response
ssp.hybrid.ai/ 0
215 B 59ms
20ms XHR
text/plain 37.230.131.76
HYBRID-Poland HYB...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hybrid.ai/?jDvBWM8+tGxE98AzTRg6TWlynxGc/QUGQ3cR/sm2S+PxBMPhE9FLOTsOCLKLwKKCHgHaXaD8PVYebgrBUffyX2Mm7oljqWJAoc4AbcM9BMY=&page=hd.lordseriy.christmas
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.230.131.76 Amsterdam, Netherlands, ASN200197 (HYBRID-Poland HYBRID ADTECH SP.Z.O.O., PL),
Reverse DNS
Software: Hybrid Web Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

access-control-allow-origin: https://hd.lordseriy.christmas
p3p: CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
date: Thu, 26 Dec 2024 20:47:10 GMT
vary: Origin
server: Hybrid Web Server
access-control-allow-credentials: true

GET
H2 200 linear Show response
instreamvideo.ru/core/vpaid/ 2 KB
1 KB 214ms
101ms XHR
text/xml 2a02:2d9:3:e::30
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://instreamvideo.ru/core/vpaid/linear?pid=739&vr=1&rid=638708536306137304
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:2d9:3:e::30 , United Kingdom, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS
Software: nginx/1.27.1 /
Resource Hash: 8cf7c94046adf8e0e0ac6d93bfff97ee4133e5d96c1f6227ca0d27dc64f6764e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
expires: Thursday, 01-Jan-1970 00:00:00 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: text/xml; charset=utf-8
server: nginx/1.27.1

GET
H2 200 linear Show response
instreamvideo.ru/core/vpaid/ 2 KB
1 KB 195ms
83ms XHR
text/xml 2a02:2d9:3:e::30
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://instreamvideo.ru/core/vpaid/linear?pid=739&vr=1&rid=638708536306144855
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:2d9:3:e::30 , United Kingdom, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS
Software: nginx/1.27.1 /
Resource Hash: f720348a3824039e47b5ada6486b4880aa58f4cdee2898799984f025b61d8f35

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
expires: Thursday, 01-Jan-1970 00:00:00 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: text/xml; charset=utf-8
server: nginx/1.27.1

GET
H2 200 linear Show response
instreamvideo.ru/core/vpaid/ 2 KB
1 KB 179ms
67ms XHR
text/xml 2a02:2d9:3:e::30
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://instreamvideo.ru/core/vpaid/linear?pid=741&vr=1&rid=638708536306150298
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:2d9:3:e::30 , United Kingdom, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS
Software: nginx/1.27.1 /
Resource Hash: edd02b03525176a20dd93459f314c1f26e39097e70eac660d2e696d88d7cd8fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
expires: Thursday, 01-Jan-1970 00:00:00 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: text/xml; charset=utf-8
server: nginx/1.27.1

GET
H2 200 linear Show response
instreamvideo.ru/core/vpaid/ 2 KB
1 KB 173ms
62ms XHR
text/xml 2a02:2d9:3:e::30
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://instreamvideo.ru/core/vpaid/linear?pid=741&vr=1&rid=638708536306154211
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:2d9:3:e::30 , United Kingdom, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS
Software: nginx/1.27.1 /
Resource Hash: 0a9ada3816b928d8804c5d1a27906fb9e88785e06808c3041b4b4b4be58f14c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
expires: Thursday, 01-Jan-1970 00:00:00 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: text/xml; charset=utf-8
server: nginx/1.27.1

GET
H2 200 linear Show response
instreamvideo.ru/core/vpaid/ 2 KB
1 KB 186ms
76ms XHR
text/xml 2a02:2d9:3:e::30
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://instreamvideo.ru/core/vpaid/linear?pid=734&vr=1&rid=638708536306166837
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:2d9:3:e::30 , United Kingdom, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS
Software: nginx/1.27.1 /
Resource Hash: 04149c495a2051e6e2f5b49dd53abab124261f0acc25e747a802a9f06c097db7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
expires: Thursday, 01-Jan-1970 00:00:00 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: text/xml; charset=utf-8
server: nginx/1.27.1

GET
H2 200 vast Show response
nyfeljad.moe.video/ 1 KB
1 KB 166ms
55ms XHR
application/xml 212.41.28.228
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to

Full URL

https://nyfeljad.moe.video/vast?pid=10283&vpt=inbanner&advertCount=1&vt=vpaid&vl=0&rnd={RANDOM}&referer=https://hd.lordseriy.christmas/

Requested by

Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.41.28.228 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

57f41bdc012e39837879ff5282bc7e8cb4fddcf42650fd418a082fabfc2cdd22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 1051
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: application/xml; charset=UTF-8
version: v1.20.4
access-control-allow-credentials: true

GET
H/1.1 200
OK 1584274 Show response
ad.mail.ru/vast/ 60 B
745 B 181ms
67ms XHR
text/xml 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/1584274?dl=hd.lordseriy.christmas&content_id=2130206312345
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Cache-Control: private, no-cache, no-store
Timing-Allow-Origin: *
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hd.lordseriy.christmas
Date: Thu, 26 Dec 2024 20:47:10 GMT
Content-Type: text/xml
Server: nginx

GET vk-vdisp-25-1.xml
cdn.adlook.me/vast/vk-vdisp/ 0
0

GET vk-vdisp-40-1.xml
cdn.adlook.me/vast/vk-vdisp/ 0
0

GET
H2 200 getCode Show response
yandex.ru/ads/adfox/390632/ 42 B
1 KB 505ms
86ms XHR
text/xml 5.255.255.77
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/390632/getCode?pp=cxgb&ps=gnpw&p2=iiqv

Requested by

Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.255.255.77 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

d75a5ae8cfa906a56ed852cb303f01968978daf562ad14da806f483cc35c6b6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-yandex-req-id: 1735246031253673-1741355734988740899-balancer-l7leveler-kubr-yp-vla-99-BAL
content-encoding: gzip
x-adfox: {"default":true, "place_id":1338485, "code_type":"regular"}
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Thu, 26 Dec 2024 20:47:11 GMT
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: text/xml; charset=utf-8
last-modified: Thu, 26 Dec 2024 20:47:11 GMT
content-disposition: attachment; filename="null"
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordseriy.christmas
x-xss-protection: 1; mode=block

GET y5zona-ru-ya-vdisp-1.xml
cdn.adlook.me/vast/ya-vdisp/ 0
0

GET y5zona-ru-ya-vdisp-2.xml
cdn.adlook.me/vast/ya-vdisp/ 0
0

GET y5zona-ru-ya-vdisp-3.xml
cdn.adlook.me/vast/ya-vdisp/ 0
0

GET lordseriyl-ru-ya-vdisp-1.xml
cdn.adlook.me/vast/ya-vdisp/ 0
0

GET
H2

200

1
mc.yandex.ru/watch/85660012/
Redirect Chain

https://mc.yandex.ru/watch/85660012
https://mc.yandex.ru/watch/85660012/1

43 B
84 B

69ms
68ms

Image
image/gif

2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/85660012/1

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Thu, 26-Dec-2024 20:47:10 GMT
content-length: 43
x-xss-protection: 1; mode=block
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/gif
last-modified: Thu, 26-Dec-2024 20:47:10 GMT

Redirect headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: /watch/85660012/1
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Thu, 26-Dec-2024 20:47:10 GMT
x-xss-protection: 1; mode=block
date: Thu, 26 Dec 2024 20:47:10 GMT
last-modified: Thu, 26-Dec-2024 20:47:10 GMT

GET
H2

200

sspmatch-iframe
ads.betweendigital.com/ Frame 37A1
Redirect Chain

https://ads.betweendigital.com/sspmatch-iframe?country=RU&p=42122
https://ads.betweendigital.com/sspmatch-iframe?country=RU&p=42122&crf=1&rts=-6263180332745787803

0
0

25ms
25ms

Document
text/html

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe?country=RU&p=42122&crf=1&rts=-6263180332745787803
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://hd.lordseriy.christmas/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 836
content-type: text/html

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: /sspmatch-iframe?country=RU&p=42122&crf=1&rts=-6263180332745787803

GET
H2

200

aotm.js Show response
sync.dmp.otm-r.com/match/
Redirect Chain

https://sync.dmp.otm-r.com/match/aotm.js
https://sync.dmp.otm-r.com/match/aotm.js?otcm_check=1735246030

5 KB
5 KB

25ms
24ms

Script
application/javascript

159.69.59.100
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.dmp.otm-r.com/match/aotm.js?otcm_check=1735246030
Protocol: H2
Server: 159.69.59.100 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.100.59.69.159.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: a5dd191e6934984613b1581de31a429f38d1da866f22a058bc337d5659557089

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

access-control-allow-origin: *
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: application/javascript
server: nginx/1.17.10

Redirect headers

access-control-allow-origin: *
location: /match/aotm.js?otcm_check=1735246030
content-length: 59
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.10

GET
H/1.1

200
OK

/
sync.bumlam.com/
Redirect Chain

https://sync.bumlam.com/?src=adlook&uid=02858148e65c4fe2b8e1b07dc3891da5
https://sync.bumlam.com/?src=adlook&s_data=CAIQARjOgbe7BmIgMDI4NTgxNDhlNjVjNGZlMmI4ZTFiMDdkYzM4OTFkYTWiARCUMNgGw8oR74bgACWQwGR8

43 B
653 B

20ms
20ms

Image
image/gif

31.172.81.146
DE-FIRSTCOLO firs...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=adlook&s_data=CAIQARjOgbe7BmIgMDI4NTgxNDhlNjVjNGZlMmI4ZTFiMDdkYzM4OTFkYTWiARCUMNgGw8oR74bgACWQwGR8
Protocol: HTTP/1.1
Server: 31.172.81.146 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hd.lordseriy.christmas
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Thu, 26 Dec 2024 20:47:10 GMT
Content-Type: image/gif
Server: nginx

Redirect headers

Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Location: //sync.bumlam.com/?src=adlook&s_data=CAIQARjOgbe7BmIgMDI4NTgxNDhlNjVjNGZlMmI4ZTFiMDdkYzM4OTFkYTWiARCUMNgGw8oR74bgACWQwGR8
ETag: 9430d806-c3ca-11ef-86e0-002590c0647c
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hd.lordseriy.christmas
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Thu, 26 Dec 2024 20:47:10 GMT
Server: nginx

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ 0
215 B 551ms
58ms Image
text/plain 217.65.2.150
CITYTELECOM-MSK C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=adlook&id=02858148e65c4fe2b8e1b07dc3891da5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK Citytelecom LLC, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Access-Control-Allow-Origin: *
Content-Length: 0
Date: Thu, 26 Dec 2024 20:47:11 GMT
Vary: Origin
Server: nginx/1.22.1
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2

200

csync
ads.adlook.me/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=42122&callback_url=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dbtw%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=42122&callback_url=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dbtw%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=5726549479194430119
https://ads.adlook.me/csync?pid=btw&uid=9165ef9a-67e1-5269-b9cd-53c0dea0930e

43 B
43 B

52ms
51ms

Image
application/json

78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.adlook.me/csync?pid=btw&uid=9165ef9a-67e1-5269-b9cd-53c0dea0930e
Protocol: H2
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

content-length: 43
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: application/json
server: Microsoft-IIS/10.0

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
location: https://ads.adlook.me/csync?pid=btw&uid=9165ef9a-67e1-5269-b9cd-53c0dea0930e
content-length: 0

GET
H2

200

csync
ads.adlook.me/
Redirect Chain

https://www.acint.net/rmatch?dp=110&r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D%24%7BUSER_ID%7D
https://www.acint.net/rmatch?r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D$%7BUSER_ID%7D&dp=110&tc=1
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fads.adlook.me%252Fcsync%253Fpid%253Dsape%2526uid%253D$%257BUSER_ID%257D...
https://acint.net/rmatch?dp=14&euid=2C03420ACFC06D67FC00615B02485006&r=https%3A%2F%2Fads.adlook.me%2Fcsync%3Fpid%3Dsape%26uid%3D$%7BUSER_ID%7D
https://ads.adlook.me/csync?pid=sape&uid=0400007FCEC06D675305E56C02F09BCD

43 B
43 B

53ms
52ms

Image
application/json

78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.adlook.me/csync?pid=sape&uid=0400007FCEC06D675305E56C02F09BCD
Protocol: H2
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

content-length: 43
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: application/json
server: Microsoft-IIS/10.0

Redirect headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: https://ads.adlook.me/csync?pid=sape&uid=0400007FCEC06D675305E56C02F09BCD
expires: Wed, 19 Apr 2000 11:43:00 GMT
content-length: 154
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: text/html
server: openresty

GET
H2

200

match
www.acint.net/
Redirect Chain

https://acint.net/cmatch/?dp=14&pi=1612784
https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D14
https://acint.net/rmatch?dp=14&euid=2B03420ACFC06D67CA00FA7B02BD4706&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D14
https://mc.acint.net/cmatch?dp=14
https://px.adhigh.net/p/cm/sape?u=0400007FCEC06D675305E56C02F09BCD
https://mc.acint.net/rmatch?dp=17&euid=xHjxiGPTgaI.AikABlGUBLkoiQ&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D17
https://mc.acint.net/cmatch?dp=17
https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=Z9bPLYGrfC-E

43 B
269 B

24ms
24ms

Image
image/gif

142.132.138.212
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=Z9bPLYGrfC-E
Protocol: H2
Server: 142.132.138.212 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.212.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
expires: Wed, 19 Apr 2000 11:43:00 GMT
content-length: 43
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty

Redirect headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Location: https://www.acint.net/match?dp=104&euid=Z9bPLYGrfC-E
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Date: Thu, 26 Dec 2024 20:47:11 GMT
Server: nginx
Connection: close

GET
H2

204

adlook
sync.dmp.otm-r.com/match/
Redirect Chain

https://sync.dmp.otm-r.com/match/adlook?id=02858148e65c4fe2b8e1b07dc3891da5
https://sync.dmp.otm-r.com/match/adlook?id=02858148e65c4fe2b8e1b07dc3891da5&otcm_check=1735246030

0
153 B

23ms
23ms

Image
text/plain

159.69.59.100
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/adlook?id=02858148e65c4fe2b8e1b07dc3891da5&otcm_check=1735246030
Protocol: H2
Server: 159.69.59.100 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.100.59.69.159.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:10 GMT
server: nginx/1.17.10
access-control-allow-origin: *

Redirect headers

access-control-allow-origin: *
location: /match/adlook?id=02858148e65c4fe2b8e1b07dc3891da5&otcm_check=1735246030
content-length: 98
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.10

GET
H2

200

/
exchange.buzzoola.com/cookiesync/ssp/adlook/
Redirect Chain

https://exchange.buzzoola.com/cookiesync/ssp/adlook/?uid=02858148e65c4fe2b8e1b07dc3891da5
https://exchange.buzzoola.com/cookiesync/ssp/adlook/?set_buzzoola_cookie=t&uid=02858148e65c4fe2b8e1b07dc3891da5

43 B
130 B

103ms
103ms

Image
image/gif

2a00:ab00:1103:3a:45:138:161:70
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.buzzoola.com/cookiesync/ssp/adlook/?set_buzzoola_cookie=t&uid=02858148e65c4fe2b8e1b07dc3891da5
Protocol: H2
Server: 2a00:ab00:1103:3a:45:138:161:70 , Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

content-length: 43
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: image/gif
server: nginx
serverid: TODO

Redirect headers

location: /cookiesync/ssp/adlook/?set_buzzoola_cookie=t&uid=02858148e65c4fe2b8e1b07dc3891da5
content-length: 122
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: text/html; charset=utf-8
server: nginx
serverid: TODO

GET
H2

200

csync
ads.adlook.me/
Redirect Chain

https://px.adhigh.net/p/cm/adlook?u=02858148e65c4fe2b8e1b07dc3891da5
https://px.adhigh.net/p/cm/adlook?u=02858148e65c4fe2b8e1b07dc3891da5&bounced=1
https://ads.adlook.me/csync?pid=gi&uid=xHjxiGPTgaI.AikABlGUBLkohA

43 B
43 B

52ms
52ms

Image
application/json

78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.adlook.me/csync?pid=gi&uid=xHjxiGPTgaI.AikABlGUBLkohA
Protocol: H2
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

content-length: 43
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: application/json
server: Microsoft-IIS/10.0

Redirect headers

x-backend-id: f16-ru
cache-control: no-cache, no-store
location: https://ads.adlook.me/csync?pid=gi&uid=xHjxiGPTgaI.AikABlGUBLkohA
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Thu, 26 Dec 2024 20:47:11 GMT
server: nginx

GET
H2

200

opendsp-video-ex
exchange.buzzoola.com/cookiesync/dsp/
Redirect Chain

https://sync.opendsp.ru/match/adlook?id=02858148e65c4fe2b8e1b07dc3891da5
https://sync.opendsp.ru/match/adlook?id=02858148e65c4fe2b8e1b07dc3891da5&chk=1
https://sync.dmp.otm-r.com/match/open_ssp?id=NzM3MzkwOTcwMTNkOTkyMg
https://sync.opendsp.ru/match/otm_ex?id=Njc2ZGMwY2QwZjcyMWZkNQ%3D%3D
https://sync.dmp.otm-r.com/match/open_ssp?id=MjczYWMyZTMyOTg5ZTM0Nw
https://sync.opendsp.ru/match/otm_ex?id=Njc2ZGMwY2QwZjcyMWZkNQ%3D%3D
https://exchange.buzzoola.com/cookiesync/dsp/opendsp-video-ex?uid=MjczYWMyZTMyOTg5ZTM0Nw

43 B
130 B

103ms
103ms

Image
image/gif

2a00:ab00:1103:3a:45:138:161:70
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.buzzoola.com/cookiesync/dsp/opendsp-video-ex?uid=MjczYWMyZTMyOTg5ZTM0Nw
Protocol: H2
Server: 2a00:ab00:1103:3a:45:138:161:70 , Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

content-length: 43
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: image/gif
server: nginx
serverid: TODO

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
location: https://exchange.buzzoola.com/cookiesync/dsp/opendsp-video-ex?uid=MjczYWMyZTMyOTg5ZTM0Nw
content-length: 0
date: Thu, 26 Dec 2024 20:47:11 GMT
server: nginx

GET AdLook
gomatching.gomatching-54-prod.svc.cluster.local/match/ 0
0

GET
H/1.1

200
OK

beeline
kimberlite.io/rtb/sync/
Redirect Chain

https://kimberlite.io/rtb/sync/adlook?u=02858148e65c4fe2b8e1b07dc3891da5
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=Z23Az4zZNWA
https://vma.mts.ru/match/second?ssp=59&exu=Z23Az4zZNWA
https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=db9e459a-d975-46f1-affd-9c4570d36f7b&redirect_return_url=https%3A%2F%2Fexchange.buzzoola.c...
https://5266145921735246031421.cm.a.mts.ru/cm/match?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=db9e459a-d975-46f1-affd-9c4570d36f7b&redirect_return_url=https://e...
https://exchange.buzzoola.com/cookiesync/dsp/stream-banner?uid=db9e459a-d975-46f1-affd-9c4570d36f7b&url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D4%26ssp%3Dbuzzoola%26id%3D%24%7BUUID%7D
https://vma.mts.ru/em?next=59&em=4&ssp=buzzoola&id=15b76273-0e5d-4f72-6b22-51f68c73d6b7
https://kimberlite.io/rtb/sync/mts?u=4e3a013e-68ff-4b12-875a-89173dbfe1f3
https://a.utraff.com/sync?ssp=3046&id=Z23Az2Dd1cc
https://kimberlite.io/rtb/sync/utraff2?u=0741dfd5-cfb4-4d81-8efb-0bac1010e5c6
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=Z23Az2Dd1cc
https://vma.mts.ru/match/second?ssp=59&exu=Z23Az2Dd1cc
https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=4e3a013e-68ff-4b12-875a-89173dbfe1f3&redirect_return_url=https%3A%2F%2Fredirect.frontend.w...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D5%26ssp%3Dweborama%26id%3D%7BWEBO_CID%7D
https://vma.mts.ru/em?next=59&em=5&ssp=weborama&id=zHNpgJfaVvvQlmMwAQV9Bu
https://kimberlite.io/rtb/sync/mts?u=4e3a013e-68ff-4b12-875a-89173dbfe1f3
https://sync.dmp.otm-r.com/match/kimberlite?id=Z23Az2Dd1cc
https://kimberlite.io/rtb/sync/beeline?u=Njc2ZGMwY2QwZjcyMWZkNQ%3D%3D

43 B
570 B

57ms
57ms

Image
image/gif

217.199.220.43
NETRACK-AS Start LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kimberlite.io/rtb/sync/beeline?u=Njc2ZGMwY2QwZjcyMWZkNQ%3D%3D
Protocol: HTTP/1.1
Server: 217.199.220.43 , Russian Federation, ASN61400 (NETRACK-AS Start LLC, RU),
Reverse DNS: s3.kimberlite.io
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: *
server-timing: app;srv=s7a;dur=0.0004
Content-Length: 43
Date: Thu, 26 Dec 2024 20:47:12 GMT
Content-Type: image/gif
Server: nginx

Redirect headers

access-control-allow-origin: *
location: https://kimberlite.io/rtb/sync/beeline?u=Njc2ZGMwY2QwZjcyMWZkNQ%3D%3D
content-length: 92
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.10

GET
H/1.1

200
OK

mts
kimberlite.io/rtb/sync/
Redirect Chain

https://kimberlite.io/rtb/syncd
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=Z23Az2Dd1cc
https://vma.mts.ru/match/second?ssp=59&exu=Z23Az2Dd1cc
https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=4e3a013e-68ff-4b12-875a-89173dbfe1f3&redirect_return_url=https%3A%2F%2Fmts-dsp-sync.rutarg...
https://8504670341735246031434.cm.a.mts.ru/cm/match?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=4e3a013e-68ff-4b12-875a-89173dbfe1f3&redirect_return_url=https://m...
https://mts-dsp-sync.rutarget.ru/sync?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D3%26ssp%3Dsegmento%26id%3D%24%7BRUTARGET_VISITOR_ID%7D
https://vma.mts.ru/em?next=59&em=3&ssp=segmento&id=5flcP_MzxoWQ
https://kimberlite.io/rtb/sync/mts?u=4e3a013e-68ff-4b12-875a-89173dbfe1f3

43 B
440 B

68ms
67ms

Image
image/gif

217.199.220.43
NETRACK-AS Start LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kimberlite.io/rtb/sync/mts?u=4e3a013e-68ff-4b12-875a-89173dbfe1f3
Protocol: HTTP/1.1
Server: 217.199.220.43 , Russian Federation, ASN61400 (NETRACK-AS Start LLC, RU),
Reverse DNS: s3.kimberlite.io
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: *
server-timing: app;srv=s15a;dur=0.0004
Content-Length: 43
Date: Thu, 26 Dec 2024 20:47:11 GMT
Content-Type: image/gif
Server: nginx

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Location: https://kimberlite.io/rtb/sync/mts?u=4e3a013e-68ff-4b12-875a-89173dbfe1f3
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Thu, 26 Dec 2024 20:47:11 GMT
Vary: Origin
Server: nginx
Access-Control-Allow-Headers: Origin

GET
H2

200

csync
ads.adlook.me/
Redirect Chain

https://ssp.al-adtech.com/api/sync/adlook
https://ads.adlook.me/csync?pid=alab&uid=bd085086-5b59-450a-801e-4a8ea946b539

43 B
43 B

51ms
51ms

Image
application/json

78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.adlook.me/csync?pid=alab&uid=bd085086-5b59-450a-801e-4a8ea946b539
Protocol: H2
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

content-length: 43
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: application/json
server: Microsoft-IIS/10.0

Redirect headers

Location: https://ads.adlook.me/csync?pid=alab&uid=bd085086-5b59-450a-801e-4a8ea946b539
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Content-Length: 0
Date: Thu, 26 Dec 2024 20:47:11 GMT
Vary: Origin
Server: nginx/1.20.1

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/7526/i/
Redirect Chain

https://sync.gonet-ads.com/match/Adlook?id=02858148e65c4fe2b8e1b07dc3891da5
https://sync.gonet-ads.com/match/Adlook?id=02858148e65c4fe2b8e1b07dc3891da5&chk=1
https://dmg.digitaltarget.ru/1/7526/i/i?a=1044&e=NmQwOWIxYzg5MzZhOTNkNQ&i=1fatjy9avw9me
https://dmg.digitaltarget.ru/awg/custom/7526/i/i?call_source=awg&ts=1735246031206&a=1044&e=NmQwOWIxYzg5MzZhOTNkNQ&i=1fatjy9avw9me

49 B
555 B

55ms
55ms

Image
image/gif

185.15.175.144
SAFEDATA Data Sto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/7526/i/i?call_source=awg&ts=1735246031206&a=1044&e=NmQwOWIxYzg5MzZhOTNkNQ&i=1fatjy9avw9me

Protocol

HTTP/1.1

Server

185.15.175.144 , Russian Federation, ASN43226 (SAFEDATA Data Storage Center JSC, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Access-Control-Max-Age: 86400
Connection: keep-alive
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 49
Date: Thu, 26 Dec 2024 20:47:11 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/gif
Server: nginx
X-Frame-Options: DENY

Redirect headers

Access-Control-Max-Age: 86400
Location: https://dmg.digitaltarget.ru/awg/custom/7526/i/i?call_source=awg&ts=1735246031206&a=1044&e=NmQwOWIxYzg5MzZhOTNkNQ&i=1fatjy9avw9me
Connection: keep-alive
X-Permitted-Cross-Domain-Policies: master-only
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Thu, 26 Dec 2024 20:47:11 GMT
X-XSS-Protection: 1; mode=block
Server: nginx
X-Frame-Options: DENY

GET
H3 204 sync
a.adspector.io/ 0
847 B 63ms
32ms Image
text/plain 172.67.161.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.adspector.io/sync?ssp=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BeJH%2BBFeFErsP2MTgtbfPqshpj1PUY%2FncrPqzpZyJgIOmE6dnNPmHSUdFG6XZKRBu2LTG2qwYYWhP1TCr3o54O08R%2FblZ7lMHiHp1WzHy7DIPstmVxSH0%2FKwhpBBrAyOEg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17349&min_rtt=17344&rtt_var=6507&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4187&recv_bytes=4310&delivery_rate=182435&cwnd=12000&unsent_bytes=0&cid=be165314f738eeac&ts=35&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: text/plain
vary: Origin
priority: u=3,i
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8f83ecaebfd83a52-FRA
content-length: 0
server: cloudflare

GET
H2 400 cm
match.ohmy.bid/ 11 B
93 B 74ms
23ms Image
text/plain 167.235.14.51
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.ohmy.bid/cm?ssp=adlook&redirect_url=https://ads.adlook.me/csync?pid=ohmy&uid=02858148e65c4fe2b8e1b07dc3891da5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 167.235.14.51 Bühl, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.51.14.235.167.clients.your-server.de
Software: nginx /
Resource Hash: 479fb0d12a7b5f0127a4e8fa4fa9d2cf8414314a09d17af1fd2c40b78658b039

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

content-length: 11
date: Thu, 26 Dec 2024 20:47:11 GMT
server: nginx
access-control-allow-credentials: true

GET
H2 200 93399771 Show response
mc.yandex.com/watch/ 603 B
636 B 67ms
66ms Fetch
application/json 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/93399771?wmode=7&page-url=https%3A%2F%2Fhd.lordseriy.christmas%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1551%3Acn%3A2%3Adp%3A1%3Als%3A616535466686%3Ahid%3A80971784%3Az%3A60%3Ai%3A20241226214710%3Aet%3A1735246031%3Ac%3A1%3Arn%3A692087787%3Arqn%3A1%3Au%3A1735246030519732062%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A630%3Awv%3A2%3Ads%3A36%2C26%2C305%2C18%2C0%2C0%2C%2C171%2C0%2C1233%2C1233%2C0%2C981%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1735246029340%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1735246031%3At%3A%D0%9B%D0%BE%D1%80%D0%B4%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20-%20%D1%81%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B2%20%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%B5%D0%BC%20%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%2C%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009088)dss(2)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

84f5b2ed96149ad405ee5c4064e6e135f5c7e271325472c6030dee0aec1f9ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Thu, 26-Dec-2024 20:47:10 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 603
x-xss-protection: 1; mode=block
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: application/json; charset=utf-8
last-modified: Thu, 26-Dec-2024 20:47:10 GMT

GET
H/1.1 200
OK cm
cmr.bidderstack.com/adlook/ 44 B
274 B 178ms
47ms Image
image/gif 185.149.242.234
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmr.bidderstack.com/adlook/cm?user_id=02858148e65c4fe2b8e1b07dc3891da5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.149.242.234 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software: Angie /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-from: lp-nrr-2
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 44
Date: Thu, 26 Dec 2024 20:47:11 GMT
Content-Type: image/gif
Server: Angie

GET
H2 200 vk-vdisp-25-1.xml Show response
cdn.adlook.me/vast/vk-vdisp/ 2 KB
973 B 470ms
56ms XHR
text/xml 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adlook.me/vast/vk-vdisp/vk-vdisp-25-1.xml
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 7c4e076001c994b8591665f3a10aec0f768de4db5afb65d152d9f547d15e57f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-cached-since: 2024-12-26T20:44:03+00:00
cache: HIT
etag: "c7deff25873adb1:0"
accept-ranges: bytes
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 2334
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: text/xml
last-modified: Tue, 19 Nov 2024 13:30:07 GMT
x-powered-by: ASP.NET
server: nginx

GET
H2 200 vk-vdisp-40-1.xml Show response
cdn.adlook.me/vast/vk-vdisp/ 2 KB
1 KB 469ms
55ms XHR
text/xml 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adlook.me/vast/vk-vdisp/vk-vdisp-40-1.xml
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 9cd587717892f73a5c3afbde7d3b8e2db526e645003a1cd7679e5c40bb83b8e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-cached-since: 2024-12-26T20:41:44+00:00
cache: HIT
etag: "be7e7ca0873adb1:0"
accept-ranges: bytes
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 2334
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: text/xml
last-modified: Tue, 19 Nov 2024 13:33:32 GMT
x-powered-by: ASP.NET
server: nginx

GET
H2 200 y5zona-ru-ya-vdisp-1.xml Show response
cdn.adlook.me/vast/ya-vdisp/ 2 KB
1 KB 522ms
125ms XHR
text/xml 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adlook.me/vast/ya-vdisp/y5zona-ru-ya-vdisp-1.xml
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 5e33c0df06a8d97433f1aa2334d3f3c812cbe5359d3b13a59731e96380dca968

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-powered-by: ASP.NET
cache: STALE
content-encoding: gzip
etag: "1b8ed6c854edb1:0"
accept-ranges: bytes
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 1079
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: text/xml
last-modified: Sun, 15 Dec 2024 00:05:29 GMT
server: nginx
x-cached-since: 2024-12-26T19:48:28+00:00
vary: Accept-Encoding

POST
H2 200 1
mc.yandex.com/watch/93399771/ 43 B
146 B 67ms
67ms Ping
image/gif 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/93399771/1?page-url=https%3A%2F%2Fhd.lordseriy.christmas%2F&charset=utf-8&uah=chm%0A%3F0&hittoken=1735246030_497f5aeccd09c4537456c340a632df58b3a8255aa0d302989f3859d984cc8727&browser-info=pa%3A1%3Aar%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1551%3Acn%3A2%3Adp%3A1%3Als%3A616535466686%3Ahid%3A80971784%3Az%3A60%3Ai%3A20241226214710%3Aet%3A1735246031%3Ac%3A1%3Arn%3A506273579%3Arqn%3A2%3Au%3A1735246030519732062%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1735246029340%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1735246031&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(2)aw(1)rcm(1)cdl(na)eco(42009088)dss(2)ti(0)&force-urlencoded=1&site-info=%7B%22pub_tag%22%3A%225931%2C25206%22%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials: true
expires: Thu, 26-Dec-2024 20:47:12 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 43
date: Thu, 26 Dec 2024 20:47:12 GMT
x-xss-protection: 1; mode=block
last-modified: Thu, 26-Dec-2024 20:47:12 GMT
content-type: image/gif

GET
H2 200 lordseriyl-ru-ya-vdisp-1.xml Show response
cdn.adlook.me/vast/ya-vdisp/ 2 KB
1 KB 516ms
137ms XHR
text/xml 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adlook.me/vast/ya-vdisp/lordseriyl-ru-ya-vdisp-1.xml
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: eeb71e24caa5911a95336844bf2c58473ed117c5215b5c238f4c00b256ff52c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-powered-by: ASP.NET
cache: STALE
content-encoding: gzip
etag: "110c862854edb1:0"
accept-ranges: bytes
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 1080
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: text/xml
last-modified: Sun, 15 Dec 2024 00:07:53 GMT
server: nginx
x-cached-since: 2024-12-26T19:48:28+00:00
vary: Accept-Encoding

GET
H2 200 y5zona-ru-ya-vdisp-3.xml Show response
cdn.adlook.me/vast/ya-vdisp/ 2 KB
1 KB 407ms
75ms XHR
text/xml 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adlook.me/vast/ya-vdisp/y5zona-ru-ya-vdisp-3.xml
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: e641ebe9320b6d813faf70a54aa3902a7a61f53dcfff7efc88955ae459a21579

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-powered-by: ASP.NET
cache: STALE
content-encoding: gzip
etag: "718f9a1c854edb1:0"
accept-ranges: bytes
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 1081
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: text/xml
last-modified: Sun, 15 Dec 2024 00:05:55 GMT
server: nginx
x-cached-since: 2024-12-26T19:48:28+00:00
vary: Accept-Encoding

GET
H2 200 y5zona-ru-ya-vdisp-2.xml Show response
cdn.adlook.me/vast/ya-vdisp/ 2 KB
1 KB 406ms
74ms XHR
text/xml 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adlook.me/vast/ya-vdisp/y5zona-ru-ya-vdisp-2.xml
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 111bf260b56cb065ba84a68c9d57df82829e463d8315ce65ea8dbc810c54de59

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-powered-by: ASP.NET
cache: STALE
content-encoding: gzip
etag: "88f0b114854edb1:0"
accept-ranges: bytes
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 1083
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: text/xml
last-modified: Sun, 15 Dec 2024 00:05:42 GMT
server: nginx
x-cached-since: 2024-12-26T19:48:28+00:00
vary: Accept-Encoding

GET
H2

204

weborama
sync.dmp.otm-r.com/match/
Redirect Chain

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fweborama%3Fid%3D{WEBO_CID}
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fweborama%3Fid%3D%7BWEBO_CID%7D&bounce=1&random=2857787734
https://sync.dmp.otm-r.com/match/weborama?id=zHNpgJfaVvvQlmMwAQV9Bu

0
153 B

71ms
69ms

Image
text/plain

159.69.59.100
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/weborama?id=zHNpgJfaVvvQlmMwAQV9Bu
Protocol: H2
Server: 159.69.59.100 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.100.59.69.159.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:11 GMT
server: nginx/1.17.10
access-control-allow-origin: *

Redirect headers

cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
location: https://sync.dmp.otm-r.com/match/weborama?id=zHNpgJfaVvvQlmMwAQV9Bu
pragma: no-cache
via: 1.1 google
expires: Tue, 03 Jul 2001 06:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
date: Thu, 26 Dec 2024 20:47:10 GMT
last-modified: Thu, 26 Dec 2024 20:47:11 GMT
vary: Origin
server: Weborama Collect Frontend

GET
H/1.1

200
OK

sape
kimberlite.io/rtb/sync/
Redirect Chain

https://a.adspector.io/sync?ssp=27&id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
https://kimberlite.io/rtb/syncd
https://www.acint.net/rmatch?dp=202&r=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fsape%3Fu%3D%24%7BUSER_ID%7D%26f%3D%26n%3D2
https://kimberlite.io/rtb/sync/sape?u=0400007FCEC06D675305E56C02F09BCD&f=&n=2

43 B
527 B

110ms
110ms

Image
image/gif

217.199.220.43
NETRACK-AS Start LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kimberlite.io/rtb/sync/sape?u=0400007FCEC06D675305E56C02F09BCD&f=&n=2
Protocol: HTTP/1.1
Server: 217.199.220.43 , Russian Federation, ASN61400 (NETRACK-AS Start LLC, RU),
Reverse DNS: s3.kimberlite.io
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: *
server-timing: app;srv=s7a;dur=0.0004
Content-Length: 43
Date: Thu, 26 Dec 2024 20:47:11 GMT
Content-Type: image/gif
Server: nginx

Redirect headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: https://kimberlite.io/rtb/sync/sape?u=0400007FCEC06D675305E56C02F09BCD&f=&n=2
expires: Wed, 19 Apr 2000 11:43:00 GMT
content-length: 154
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: text/html
server: openresty

GET
H3 200 p
cs.alfasense.com/ 35 B
968 B 109ms
77ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.alfasense.com/p?ssp=ot&id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-host: 23.111.100.20
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VOYHLxqqVwcSAz3joqdWVuJW12QWu5o%2B2TE28Vn2Rdch1dbgZIvm31GF%2FR5UJYMncWRkYyFQzIGchsvH%2BRzbQhuW8WvJJBegzoDKWuOsxnHNpSQ7Co%2BsOK9s8yBMpXo1EZAc"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
expires: Thu, 01 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18154&min_rtt=18080&rtt_var=3865&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4203&recv_bytes=4424&delivery_rate=32244&cwnd=12000&unsent_bytes=0&cid=a4f61c436e4d74a5&ts=79&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: image/gif
priority: u=3,i
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
cache-control: no-store, no-cache, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8f83ecaf8a093a94-FRA
accept-ranges: bytes
content-length: 35
server: cloudflare

GET
H2 200 cs
rtb.moe.video/ 0
177 B 157ms
44ms Image
text/plain 46.148.230.54
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.moe.video/cs?d=12&b=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.148.230.54 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

GET
H2 204 sync
a.utraff.com/ 0
421 B 39ms
39ms Image
text/plain 2606:4700:20::681a:7bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=2960&id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:7bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

access-control-expose-headers: Content-Length,Content-Range
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q3qh3NvooZMxvFQVCy7ZVgLmDA4qt5tJKGBXfSCRAC88g0mrwt%2FgoXMxw%2BSV5ptXDA7NYK4yTMFxpYvFWMzgHFEvzHkgPSRWxoL7E7XWShCFW8hEDWLVZ%2B5%2BPRcDm16LQ7HK%2BjJuhgiWWA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83ecaf982e975e-FRA
server-timing: cfL4;desc="?proto=TCP&rtt=18447&min_rtt=18313&rtt_var=3002&sent=9&recv=13&lost=0&retrans=0&sent_bytes=4304&recv_bytes=2433&delivery_rate=208991&cwnd=254&unsent_bytes=0&cid=9a742b872ec26615&ts=58&x=0"
content-length: 0
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: text/plain
vary: Origin
server: cloudflare
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/1/7612/i/
Redirect Chain

https://a.lotus-dsp.ru/sync?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D&ssp=BeelineADX
https://dmg.digitaltarget.ru/1/7612/i/i?a=2367&e=4887f1df-d1fe-4ea8-bbd8-918af72363ae&i=9845507015835721876

49 B
555 B

55ms
54ms

Image
image/gif

185.15.175.144
SAFEDATA Data Sto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/1/7612/i/i?a=2367&e=4887f1df-d1fe-4ea8-bbd8-918af72363ae&i=9845507015835721876

Protocol

HTTP/1.1

Server

185.15.175.144 , Russian Federation, ASN43226 (SAFEDATA Data Storage Center JSC, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Access-Control-Max-Age: 86400
Connection: keep-alive
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 49
Date: Thu, 26 Dec 2024 20:47:11 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/gif
Server: nginx
X-Frame-Options: DENY

Redirect headers

access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I8ylTDMNois7sZo0ZZXPajqpyp5iK8dTbZVwyXDY1F0vh5x4HU6MP%2Bi60t74T%2B9anVgHefXvxc8OwdRGO%2BH0KrEDSdN0m9c6WI8%2FhYvnKkWmvVIYPRkxCZukRiqPgrmRPw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17942&min_rtt=17860&rtt_var=6756&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4183&recv_bytes=4338&delivery_rate=162091&cwnd=12000&unsent_bytes=0&cid=e7ee4e0b449607e8&ts=37&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: text/plain
vary: Origin
priority: u=3,i
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://dmg.digitaltarget.ru/1/7612/i/i?a=2367&e=4887f1df-d1fe-4ea8-bbd8-918af72363ae&i=9845507015835721876
access-control-allow-credentials: true
cf-ray: 8f83ecb01cf29f37-FRA
content-length: 0
server: cloudflare

GET
H2

204

sync
a.utraff.com/
Redirect Chain

https://sync.opendsp.ru/match/OTM_bannner?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
https://sync.opendsp.ru/match/OTM_bannner?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D&chk=1
https://sync.dmp.otm-r.com/match/open_ssp?id=NDliM2U1ZDE1MTljMTg4Mw
https://sync.opendsp.ru/match/otm_ex?id=Njc2ZGMwY2QwZjcyMWZkNQ%3D%3D
https://ads.betweendigital.com/match?bidder_id=45814&callback_url=https%3A%2F%2Fsync.opendsp.ru%2Fmatch%2FBetween_ex%3Fid%3D%24%7BUSER_ID%7D
https://sync.opendsp.ru/match/Between_ex?id=9165ef9a-67e1-5269-b9cd-53c0dea0930e
https://a.utraff.com/sync?ssp=3368

0
910 B

96ms
46ms

Image
text/plain

2606:4700:20::681a:7bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=3368
Protocol: H2
Server: 2606:4700:20::681a:7bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

access-control-expose-headers: Content-Length,Content-Range
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HNg3J248bT1Sq8cdYsH6GnKd0AdiitAR3N%2B5ZNHoM6hnQB6%2Bw8C9EQW3RitxemWNqjXhX4ooghu6f8v9%2FQq16iNev0cwY23hBY1Oq1IsXxmBhm%2FFqJJCUcRrEavyEkN1uJ7AJyCZxZeT4g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83ecaf8ff5975e-FRA
server-timing: cfL4;desc="?proto=TCP&rtt=18447&min_rtt=18313&rtt_var=3002&sent=8&recv=13&lost=0&retrans=0&sent_bytes=3365&recv_bytes=2433&delivery_rate=208991&cwnd=254&unsent_bytes=0&cid=9a742b872ec26615&ts=48&x=0"
content-length: 0
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: text/plain
vary: Origin
server: cloudflare
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
location: https://a.utraff.com/sync?ssp=3368
content-length: 0
date: Thu, 26 Dec 2024 20:47:11 GMT
server: nginx

GET
H2

204

stream
sync.dmp.otm-r.com/match/
Redirect Chain

https://sm.rtb.mts.ru/p?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D&ssp=otmvid
https://vma.mts.ru/match/second?ssp=26&exu=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=4e3a013e-68ff-4b12-875a-89173dbfe1f3&redirect_return_url=https%3A%2F%2Fmts-dsp-sync.rutarg...
https://mts-dsp-sync.rutarget.ru/sync?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D26%26em%3D3%26ssp%3Dsegmento%26id%3D%24%7BRUTARGET_VISITOR_ID%7D
https://vma.mts.ru/em?next=26&em=3&ssp=segmento&id=Z9bPLYGrfC-E
https://sync.dmp.otm-r.com/match/stream?id=4e3a013e-68ff-4b12-875a-89173dbfe1f3

0
153 B

71ms
71ms

Image
text/plain

159.69.59.100
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/stream?id=4e3a013e-68ff-4b12-875a-89173dbfe1f3
Protocol: H2
Server: 159.69.59.100 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.100.59.69.159.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:11 GMT
server: nginx/1.17.10
access-control-allow-origin: *

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Location: https://sync.dmp.otm-r.com/match/stream?id=4e3a013e-68ff-4b12-875a-89173dbfe1f3
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Thu, 26 Dec 2024 20:47:11 GMT
Vary: Origin
Server: nginx
Access-Control-Allow-Headers: Origin

GET
H2

204

segmento
sync.dmp.otm-r.com/match/
Redirect Chain

https://videotarget-sync.rutarget.ru/sync
https://sync.dmp.otm-r.com/match/segmento?id=5flcP_MzxoWQ

0
153 B

33ms
33ms

Image
text/plain

159.69.59.100
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/segmento?id=5flcP_MzxoWQ
Protocol: H2
Server: 159.69.59.100 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.100.59.69.159.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:11 GMT
server: nginx/1.17.10
access-control-allow-origin: *

Redirect headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Location: https://sync.dmp.otm-r.com/match/segmento?id=5flcP_MzxoWQ
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Date: Thu, 26 Dec 2024 20:47:11 GMT
Server: nginx
Connection: close

GET
H2 200 stable
sync.otm-r.com/match/ 0
238 B 190ms
59ms Image
text/plain 158.160.0.94
YandexCloud Yande...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.otm-r.com/match/stable?mpid=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.160.0.94 Moscow, Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 0
date: Thu, 26 Dec 2024 20:47:11 GMT
vary: Origin
server: nginx
access-control-allow-credentials: true

GET
H2 200 p
s.suprion.ru/ 807 B
252 B 232ms
65ms Image
image/gif 213.248.44.211
DINET-AS LLC Digi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.suprion.ru/p?source=otm&id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.248.44.211 Reutov, Russian Federation, ASN12695 (DINET-AS LLC Digital Network, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

content-length: 60
content-encoding: gzip
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: image/gif
server: nginx

GET
H2

204

adspector
sync.dmp.otm-r.com/match/
Redirect Chain

https://a.adspector.io/sync?ssp=24&id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
https://sync.dmp.otm-r.com/match/adspector?id=a259530f-6729-4e22-8d0f-4df6394ff7d0

0
153 B

32ms
31ms

Image
text/plain

159.69.59.100
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/adspector?id=a259530f-6729-4e22-8d0f-4df6394ff7d0
Protocol: H2
Server: 159.69.59.100 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.100.59.69.159.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:11 GMT
server: nginx/1.17.10
access-control-allow-origin: *

Redirect headers

access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lR%2F1rANk9KJsn0q5wmjufb7WECQH%2B1N8gKkh4SjUle5OAnq%2FVIEWG%2F2%2FtrS69Z%2BlYzTk8nJzN6RZ5mU01Dspf5id%2FY%2BMc4Jtrntb3%2BjDkN89EsETNpRTwQKyJLBT2MhR6w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19223&min_rtt=17271&rtt_var=5590&sent=15&recv=13&lost=0&retrans=0&sent_bytes=6115&recv_bytes=5309&delivery_rate=17923&cwnd=12000&unsent_bytes=0&cid=be165314f738eeac&ts=293&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: text/plain
vary: Origin
priority: u=3,i
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://sync.dmp.otm-r.com/match/adspector?id=a259530f-6729-4e22-8d0f-4df6394ff7d0
access-control-allow-credentials: true
cf-ray: 8f83ecb059443a52-FRA
content-length: 0
server: cloudflare

GET
H2

204

getintent
sync.dmp.otm-r.com/match/
Redirect Chain

https://px.adhigh.net/p/cm/otm_video
https://px.adhigh.net/p/cm/otm_video?bounced=1
https://sync.dmp.otm-r.com/match/getintent?id=xHjxiGPTgaI.AikABlGUBLkoiQ

0
153 B

115ms
115ms

Image
text/plain

159.69.59.100
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/getintent?id=xHjxiGPTgaI.AikABlGUBLkoiQ
Protocol: H2
Server: 159.69.59.100 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.100.59.69.159.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:11 GMT
server: nginx/1.17.10
access-control-allow-origin: *

Redirect headers

x-backend-id: f16-ru
cache-control: no-cache, no-store
location: https://sync.dmp.otm-r.com/match/getintent?id=xHjxiGPTgaI.AikABlGUBLkoiQ
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Thu, 26 Dec 2024 20:47:11 GMT
server: nginx

GET
H2 200 cm
match.ohmy.bid/ 44 B
312 B 25ms
24ms Image
image/gif 167.235.14.51
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.ohmy.bid/cm?dsp_id=95&uid=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 167.235.14.51 Bühl, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.51.14.235.167.clients.your-server.de
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

content-length: 58
bidder: bid-20 1.1744.42f7ffd6
date: Thu, 26 Dec 2024 20:47:11 GMT
content-encoding: gzip
content-type: image/gif
server: nginx
access-control-allow-credentials: true

GET
H2 200 csync
ads.adlook.me/ 43 B
43 B 55ms
51ms Image
application/json 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.adlook.me/csync?pid=otm&uid=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

content-length: 43
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: application/json
server: Microsoft-IIS/10.0

GET
H2

200

match
ads.betweendigital.com/
Redirect Chain

https://sync.gonet-ads.com/match/OTM?rid=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
https://ads.betweendigital.com/match?bidder_id=4098&external_user_id=NmQwOWIxYzg5MzZhOTNkNQ

68 B
598 B

27ms
27ms

Image
image/png

188.42.189.197
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=4098&external_user_id=NmQwOWIxYzg5MzZhOTNkNQ
Protocol: H2
Server: 188.42.189.197 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
location: https://ads.betweendigital.com/match?bidder_id=4098&external_user_id=NmQwOWIxYzg5MzZhOTNkNQ
x-content-type-options: nosniff
content-length: 0
date: Thu, 26 Dec 2024 20:47:11 GMT
x-xss-protection: 1; mode=block
server: nginx
x-frame-options: SAMEORIGIN

GET
H2

204

umg_display
sync.dmp.otm-r.com/match/
Redirect Chain

https://a.utraff.com/sync?ssp=3031&id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
https://sync.dmp.otm-r.com/match/umg_display?id=0741dfd5-cfb4-4d81-8efb-0bac1010e5c6

0
153 B

89ms
89ms

Image
text/plain

159.69.59.100
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/umg_display?id=0741dfd5-cfb4-4d81-8efb-0bac1010e5c6
Protocol: H2
Server: 159.69.59.100 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.100.59.69.159.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:11 GMT
server: nginx/1.17.10
access-control-allow-origin: *

Redirect headers

access-control-expose-headers: Content-Length,Content-Range
location: https://sync.dmp.otm-r.com/match/umg_display?id=0741dfd5-cfb4-4d81-8efb-0bac1010e5c6
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kV5ZM0CbBV61FZ3SK2%2Fcu7zSW%2B7rfZ0hUnguzJLE0s2rtJ28CgT4IAcPdsRVFkZeWqFoCUqI1kTU5ccsWTisXfQluFk3kOA170%2Fzhidl3W0rllLW4xAx3oquaiQJWRpgZzfpch0pWFFrJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83ecb058e8975e-FRA
server-timing: cfL4;desc="?proto=TCP&rtt=19650&min_rtt=18313&rtt_var=4658&sent=10&recv=15&lost=0&retrans=0&sent_bytes=4754&recv_bytes=2536&delivery_rate=208991&cwnd=256&unsent_bytes=0&cid=9a742b872ec26615&ts=169&x=0"
content-length: 0
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: text/plain
vary: Origin
server: cloudflare
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET otmrtb-sync
rtb.com.ru/ 0
0

GET p
7452824949490489945-otm.ops.beeline.ru/ 0
0

GET
H/1.1 200
OK cm
cmr.bidderstack.com/otm/ 44 B
274 B 61ms
61ms Image
image/gif 185.149.242.234
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cmr.bidderstack.com/otm/cm?user_id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.149.242.234 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software: Angie /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-from: lp-nrr-2
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 44
Date: Thu, 26 Dec 2024 20:47:11 GMT
Content-Type: image/gif
Server: Angie

GET
H2

204

solta_banner_video
sync.dmp.otm-r.com/match/
Redirect Chain

https://sync.dsp.solta.io/match/OTM_direct_piratka_ssp?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
https://sync.dsp.solta.io/match/OTM_direct_piratka_ssp?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D&chk=1
https://kimberlite.io/rtb/sync/iage?u=MmExYTQwY2VlM2UxZDhmYw
https://a.utraff.com/sync?ssp=3046&id=Z23Az2Dd1cc
https://kimberlite.io/rtb/sync/utraff2?u=0741dfd5-cfb4-4d81-8efb-0bac1010e5c6
https://sync.dmp.otm-r.com/match/solta_banner_video?id=Z23Az2Dd1cc

0
153 B

68ms
68ms

Image
text/plain

159.69.59.100
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/solta_banner_video?id=Z23Az2Dd1cc
Protocol: H2
Server: 159.69.59.100 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.100.59.69.159.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

date: Thu, 26 Dec 2024 20:47:11 GMT
server: nginx/1.17.10
access-control-allow-origin: *

Redirect headers

cache-control: no-store
location: https://sync.dmp.otm-r.com/match/solta_banner_video?id=Z23Az2Dd1cc
Connection: keep-alive
access-control-allow-credentials: true
referrer-policy: no-referrer
access-control-allow-origin: *
server-timing: app;srv=s9a;dur=0.0005
Content-Length: 0
Date: Thu, 26 Dec 2024 20:47:11 GMT
Server: nginx

GET
H2 200 cm
sp.ohmy.bid/ 44 B
190 B 76ms
25ms Image
image/gif 167.235.10.90
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.ohmy.bid/cm?dsp_id=48&uid=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 167.235.10.90 Bühl, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.90.10.235.167.clients.your-server.de
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

content-length: 58
bidder: bid-26 1.1744.42f7ffd6
date: Thu, 26 Dec 2024 20:47:11 GMT
content-encoding: gzip
content-type: image/gif
server: nginx
access-control-allow-credentials: true

GET
H2 200 Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
an.yandex.ru/mapuid/otmrtbis/ 43 B
352 B 487ms
63ms Image
image/gif 213.180.193.90
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/otmrtbis/Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.180.193.90 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-encoding: gzip
pragma: no-cache
expires: Thu, 26 Dec 2024 20:47:11 GMT
x-xss-protection: 1; mode=block
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: image/gif; charset=utf-8
last-modified: Thu, 26 Dec 2024 20:47:11 GMT

GET
H2 201 sync
a.utraff.com/ 0
423 B 34ms
34ms Image
text/plain 2606:4700:20::681a:7bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?dsp=OTM&buyerid=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:7bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

access-control-expose-headers: Content-Length,Content-Range
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TZV3VRhuSkJfeOSv8koAt8x4FWDo5x4z2%2Fz%2FNwdZo5pt2ztEXt3TSr5HRMsc6kx2s%2FEUnHplY%2FVpquRv5d%2BllCAK9LCxytP6xVwfhDEP%2B0i23cZhBki%2FpOl0yeyBTHotq6Cp3qXEdtzcUw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83ecb109ad975e-FRA
server-timing: cfL4;desc="?proto=TCP&rtt=24680&min_rtt=18313&rtt_var=13554&sent=11&recv=17&lost=0&retrans=0&sent_bytes=5656&recv_bytes=2708&delivery_rate=208991&cwnd=257&unsent_bytes=0&cid=9a742b872ec26615&ts=280&x=0"
content-length: 0
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: text/plain
vary: Origin
server: cloudflare
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2

204

weborama_newUrl
sync.dmp.otm-r.com/match/
Redirect Chain

https://redirect-frontend.weborama-tech.ru/rd?url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fweborama_newUrl%3Fid%3D{WEBO_CID}
https://redirect-frontend.weborama-tech.ru/rd?url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fweborama_newUrl%3Fid%3D%7BWEBO_CID%7D&bounce=1&random=3228652405
https://sync.dmp.otm-r.com/match/weborama_newUrl?id=ahq7pwAUnLxloClwmtdB3u

0
153 B

40ms
39ms

Image
text/plain

159.69.59.100
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/weborama_newUrl?id=ahq7pwAUnLxloClwmtdB3u
Protocol: H2
Server: 159.69.59.100 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.100.59.69.159.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:11 GMT
server: nginx/1.17.10
access-control-allow-origin: *

Redirect headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
location: https://sync.dmp.otm-r.com/match/weborama_newUrl?id=ahq7pwAUnLxloClwmtdB3u
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
access-control-allow-origin: *
content-length: 0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
date: Thu, 26 Dec 2024 20:47:11 GMT
last-modified: Thu, 26 Dec 2024 20:47:11 GMT
vary: Origin

GET
H2

200

counter
top-fwz1.mail.ru/
Redirect Chain

https://x01.aidata.io/0.gif?pid=OTM&id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
https://x01.aidata.io/0.gif?pid=OTM&id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D&bounce=1
https://px.adhigh.net/p/cm/aidata?u=3fFichlD25pd8kOpsSRBrA&back=SYNC
https://x01.aidata.io/0.gif?pid=GETINTENT&id=xHjxiGPTgaI.AikABlGUBLkoiQ&back=SYNC
https://counter.yadro.ru/id-redir/aidata.gif?back=SYNC
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=SYNC
https://sync.dmp.otm-r.com/match/aidata?back=SYNC&rp=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DOTM%26id%3D%7Bpid%7D
https://x01.aidata.io/0.gif?pid=OTM&id=Njc2ZGMwY2QwZjcyMWZkNQ%3D%3D&back=SYNC
https://sync.upravel.com/aidata/sync?back=SYNC
https://x01.aidata.io/0.gif?pid=MGCOM&id=fb19b462-1c8f-495b-9393-c17f0bbe89c6&back=SYNC
https://aidata-sync.rutarget.ru/sync?back=SYNC
https://x01.aidata.io/0.gif?pid=SEGMENTO&id=5flcP_MzxoWQ&back=SYNC
https://an.yandex.ru/mapuid/dmpaidatame/3fFichlD25pd8kOpsSRBrA?sign=3168579214&location=https%3A//x01.aidata.io/0.gif%3Fpid%3DSYNC
https://x01.aidata.io/0.gif?pid=SYNC
https://cm.p.altergeo.ru/aidata?aid=3fFichlD25pd8kOpsSRBrA&nc=3974&url=https%3A//x01.aidata.io/0.gif%3Fpid%3DALTERGEO%26id%3D%24%7BUSER_ID%7D%26rnd%3D%24%7BRANDOM%7D%26back%3DSYNC
https://x01.aidata.io/0.gif?pid=ALTERGEO&id=CMttwQlld2QReBf3gP4e+dtA==&rnd=bbe94301&back=SYNC
https://sync.crwdcntrl.net/map/c=7645/tp=AIDA/gdpr=0/gdpr_consent=DAISYBIT/?https://x01.aidata.io/0.gif?pid=LOTAME&id=${profile_id}&back=SYNC
https://x01.aidata.io/0.gif?pid=LOTAME&id=&back=SYNC
https://top-fwz1.mail.ru/counter?id=3202981;pid=3fFichlD25pd8kOpsSRBrA

43 B
1 KB

166ms
53ms

Image
image/gif

95.163.52.67
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3202981;pid=3fFichlD25pd8kOpsSRBrA

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
x-content-type-options: nosniff
accept-ch-lifetime: 86400
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
date: Thu, 26 Dec 2024 20:47:13 GMT
content-type: image/gif
access-control-allow-headers: *
cache-control: private, no-cache, no-store, max-age=0
timing-allow-origin: *
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
content-length: 43
server: nginx

Redirect headers

cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
location: https://top-fwz1.mail.ru/counter?id=3202981;pid=3fFichlD25pd8kOpsSRBrA
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: Thu, 26 Dec 2024 20:47:12 GMT
content-length: 0
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
date: Thu, 26 Dec 2024 20:47:13 GMT
last-modified: Thu, 26 Dec 2024 20:47:12 GMT
server: nginx

GET
H2

204

programmatica
sync.dmp.otm-r.com/match/
Redirect Chain

https://sync.programmatica.com/match/OTM?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
https://sync.programmatica.com/match/OTM?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D&chk=1
https://sync.dmp.otm-r.com/match/programmatica?id=NzNkM2Q4MTVmYjJiYmEyNQ

0
153 B

24ms
24ms

Image
text/plain

159.69.59.100
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/programmatica?id=NzNkM2Q4MTVmYjJiYmEyNQ
Protocol: H2
Server: 159.69.59.100 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.100.59.69.159.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:11 GMT
server: nginx/1.17.10
access-control-allow-origin: *

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
location: https://sync.dmp.otm-r.com/match/programmatica?id=NzNkM2Q4MTVmYjJiYmEyNQ
content-length: 0
date: Thu, 26 Dec 2024 20:47:11 GMT

GET
H2 200 OTM_video
sync.opendsp.ru/match/ 43 B
157 B 56ms
52ms Image
image/gif 185.175.47.157
SELECTEL-MSK JSC ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.opendsp.ru/match/OTM_video?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.175.47.157 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),

Reverse DNS

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 43
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: image/gif
server: nginx

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ 0
215 B 56ms
56ms Image
text/plain 217.65.2.150
CITYTELECOM-MSK C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D&src=otm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK Citytelecom LLC, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Access-Control-Allow-Origin: *
Content-Length: 0
Date: Thu, 26 Dec 2024 20:47:11 GMT
Vary: Origin
Server: nginx/1.22.1
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H/1.1

200
OK

buzzoola
kimberlite.io/rtb/sync/
Redirect Chain

https://kimberlite.io/rtb/sync/otm?u=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
https://sync.dsp.solta.io/match/kimberlite?id=Z23Az2Dd1cc
https://dmg.digitaltarget.ru/1/7518/i/i?a=1042&e=MmExYTQwY2VlM2UxZDhmYw&i=af7391f7pllz
https://sync.dsp.solta.io/match/dmp_amberdata?fp=
https://kimberlite.io/rtb/sync/iage?u=MmExYTQwY2VlM2UxZDhmYw
https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbuzzoola%3Fu%3D%24%7BUUID%7D%26f%3D%26n%3D2
https://kimberlite.io/rtb/sync/buzzoola?u=15b76273-0e5d-4f72-6b22-51f68c73d6b7&f=&n=2

43 B
498 B

55ms
55ms

Image
image/gif

217.199.220.43
NETRACK-AS Start LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kimberlite.io/rtb/sync/buzzoola?u=15b76273-0e5d-4f72-6b22-51f68c73d6b7&f=&n=2
Protocol: HTTP/1.1
Server: 217.199.220.43 , Russian Federation, ASN61400 (NETRACK-AS Start LLC, RU),
Reverse DNS: s3.kimberlite.io
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: *
server-timing: app;srv=s7;dur=0.0004
Content-Length: 43
Date: Thu, 26 Dec 2024 20:47:12 GMT
Content-Type: image/gif
Server: nginx

Redirect headers

location: https://kimberlite.io/rtb/sync/buzzoola?u=15b76273-0e5d-4f72-6b22-51f68c73d6b7&f=&n=2
content-length: 116
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: text/html; charset=utf-8
server: nginx
serverid: TODO

GET
H2

204

ohmybids_new
sync.dmp.otm-r.com/match/
Redirect Chain

https://match.ohmy.bid/cm?ssp=otm&redirect_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fohmybids_new%3Fid%3D%7Buid%7D
https://sync.dmp.otm-r.com/match/ohmybids_new?id=575e70ae-4cea-4fdc-8aae-55dbc0a4c1dd

0
153 B

59ms
58ms

Image
text/plain

159.69.59.100
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/ohmybids_new?id=575e70ae-4cea-4fdc-8aae-55dbc0a4c1dd
Protocol: H2
Server: 159.69.59.100 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.100.59.69.159.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:11 GMT
server: nginx/1.17.10
access-control-allow-origin: *

Redirect headers

location: https://sync.dmp.otm-r.com/match/ohmybids_new?id=575e70ae-4cea-4fdc-8aae-55dbc0a4c1dd
bidder: bid-16 1.1744.42f7ffd6
content-length: 0
date: Thu, 26 Dec 2024 20:47:11 GMT
server: nginx
access-control-allow-credentials: true

GET
H2

204

vihub1
sync.dmp.otm-r.com/match/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=42919&callback_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fvihub1%3Fid%3D%24%7BUSER_ID%7D
https://sync.dmp.otm-r.com/match/vihub1?id=9165ef9a-67e1-5269-b9cd-53c0dea0930e

0
153 B

74ms
74ms

Image
text/plain

159.69.59.100
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/vihub1?id=9165ef9a-67e1-5269-b9cd-53c0dea0930e
Protocol: H2
Server: 159.69.59.100 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.100.59.69.159.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:11 GMT
server: nginx/1.17.10
access-control-allow-origin: *

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
location: https://sync.dmp.otm-r.com/match/vihub1?id=9165ef9a-67e1-5269-b9cd-53c0dea0930e
content-length: 0

GET
H2

204

yandex_dsp_new
sync.dmp.otm-r.com/match/
Redirect Chain

https://an.yandex.ru/mapuid/videonowssp/
https://sync.dmp.otm-r.com/match/yandex_dsp_new?id=92E427D737B3D8F7

0
153 B

23ms
23ms

Image
text/plain

159.69.59.100
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/yandex_dsp_new?id=92E427D737B3D8F7
Protocol: H2
Server: 159.69.59.100 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.100.59.69.159.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:12 GMT
server: nginx/1.17.10
access-control-allow-origin: *

Redirect headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: https://sync.dmp.otm-r.com/match/yandex_dsp_new?id=92E427D737B3D8F7
timing-allow-origin: *
content-encoding: gzip
pragma: no-cache
expires: Thu, 26 Dec 2024 20:47:11 GMT
x-xss-protection: 1; mode=block
date: Thu, 26 Dec 2024 20:47:11 GMT
last-modified: Thu, 26 Dec 2024 20:47:11 GMT

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/1/7601/i/
Redirect Chain

https://sync.opendsp.ru/match/otm_ex?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
https://sync.opendsp.ru/match/otm_ex?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D&chk=1
https://ads.betweendigital.com/match?bidder_id=45814&callback_url=https%3A%2F%2Fsync.opendsp.ru%2Fmatch%2FBetween_ex%3Fid%3D%24%7BUSER_ID%7D
https://sync.opendsp.ru/match/Between_ex?id=9165ef9a-67e1-5269-b9cd-53c0dea0930e
https://ads.betweendigital.com/match?bidder_id=45814&callback_url=https%3A%2F%2Fsync.opendsp.ru%2Fmatch%2FBetween_ex%3Fid%3D%24%7BUSER_ID%7D
https://sync.opendsp.ru/match/Between_ex?id=9165ef9a-67e1-5269-b9cd-53c0dea0930e
https://dmg.digitaltarget.ru/1/7601/i/i?a=2121&i=oet5178v3jz4&e=MjczYWMyZTMyOTg5ZTM0Nw

49 B
555 B

69ms
55ms

Image
image/gif

185.15.175.144
SAFEDATA Data Sto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/1/7601/i/i?a=2121&i=oet5178v3jz4&e=MjczYWMyZTMyOTg5ZTM0Nw

Protocol

HTTP/1.1

Server

185.15.175.144 , Russian Federation, ASN43226 (SAFEDATA Data Storage Center JSC, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Access-Control-Max-Age: 86400
Connection: keep-alive
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 49
Date: Thu, 26 Dec 2024 20:47:11 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/gif
Server: nginx
X-Frame-Options: DENY

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
location: https://dmg.digitaltarget.ru/1/7601/i/i?a=2121&i=oet5178v3jz4&e=MjczYWMyZTMyOTg5ZTM0Nw
content-length: 0
date: Thu, 26 Dec 2024 20:47:11 GMT
server: nginx

GET

https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fmgcomm%3Fid%3D%7BUID%7D
sync.upravel.com/
Redirect Chain

https://sync.upravel.com/image?source=otm&id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D&return_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fmgcomm%3Fid%3D%7BUID%7D
https://sync.upravel.com/image?source=otm&id=Njc2ZGMwY2UwNzhjOWE1OQ%253D%253D&return_url=https%253A%252F%252Fsync.dmp.otm-r.com%252Fmatch%252Fmgcomm%253Fid%253D%257BUID%257D&session_tpt=eyJoZWFkZXJ...
https://sync.upravel.com/https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fmgcomm%3Fid%3D%7BUID%7D

0
0

GET
H2

204

adriver.img
sync.dmp.otm-r.com/match/
Redirect Chain

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5932509&bn=5932509&rnd=1234567890
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5932509&bn=5932509&rnd=1234567890&tuid=-6286784521
https://sync.dmp.otm-r.com/match/adriver.img?id=AWje7oQcXFqJsHfkL7D7gpg

0
153 B

27ms
27ms

Image
text/plain

159.69.59.100
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/adriver.img?id=AWje7oQcXFqJsHfkL7D7gpg
Protocol: H2
Server: 159.69.59.100 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.100.59.69.159.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:12 GMT
server: nginx/1.17.10
access-control-allow-origin: *

Redirect headers

Transfer-Encoding: chunked
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Location: https://sync.dmp.otm-r.com/match/adriver.img?id=AWje7oQcXFqJsHfkL7D7gpg
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Date: Thu, 26 Dec 2024 20:47:11 GMT
Content-Type: text/html

GET
H2 204 match
dm-eu.hybrid.ai/ 0
288 B 55ms
17ms Image
text/plain 37.230.131.16
HYBRID-Poland HYB...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=137&burl=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fhybrid%3Fid%3D%24%7BVID%7D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.16 Amsterdam, Netherlands, ASN200197 (HYBRID-Poland HYBRID ADTECH SP.Z.O.O., PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
access-control-allow-credentials: true
expires: -1
access-control-allow-origin: https://hd.lordseriy.christmas
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 0541
date: Thu, 26 Dec 2024 20:47:11 GMT
x-xss-protection: 1; mode=block
server: Hybrid Web Server

GET
H2

204

adwist_a2
sync.dmp.otm-r.com/match/
Redirect Chain

https://cs.agency2.ru/p?ssp=ot&uid=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
https://sync.dmp.otm-r.com/match/adwist_a2?id=b7112153-730b-4fb9-ade6-d858260c75cb

0
153 B

24ms
24ms

Image
text/plain

159.69.59.100
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/adwist_a2?id=b7112153-730b-4fb9-ade6-d858260c75cb
Protocol: H2
Server: 159.69.59.100 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.100.59.69.159.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:12 GMT
server: nginx/1.17.10
access-control-allow-origin: *

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Location: https://sync.dmp.otm-r.com/match/adwist_a2?id=b7112153-730b-4fb9-ade6-d858260c75cb
X-Host: 23.105.255.196
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Date: Thu, 26 Dec 2024 20:47:12 GMT
Server: fasthttp
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT

GET
H2

204

sape_stable
sync.dmp.otm-r.com/match/
Redirect Chain

https://www.acint.net/rmatch?dp=68&euid=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D&r=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fsape_stable%3Fid%3D%24%7BUSER_ID%7D
https://sync.dmp.otm-r.com/match/sape_stable?id=0400007FCEC06D675305E56C02F09BCD

0
153 B

70ms
70ms

Image
text/plain

159.69.59.100
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape_stable?id=0400007FCEC06D675305E56C02F09BCD
Protocol: H2
Server: 159.69.59.100 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.100.59.69.159.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:11 GMT
server: nginx/1.17.10
access-control-allow-origin: *

Redirect headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: https://sync.dmp.otm-r.com/match/sape_stable?id=0400007FCEC06D675305E56C02F09BCD
expires: Wed, 19 Apr 2000 11:43:00 GMT
content-length: 154
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
date: Thu, 26 Dec 2024 20:47:10 GMT
content-type: text/html
server: openresty

GET
H/1.1

204
No Content

otm
ssp.al-adtech.com/api/openrtb/match/
Redirect Chain

https://ssp.al-adtech.com/api/sync/otm
https://sync.dmp.otm-r.com/match/astralab?id=f07130e7-2901-4aaf-9730-eb2ed2851eac
https://ssp.al-adtech.com/api/openrtb/match/otm?id=Njc2ZGMwY2QwZjcyMWZkNQ%3D%3D

0
195 B

55ms
54ms

Image
text/plain

45.139.25.118
PROCLOUD KVIKTEL LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.al-adtech.com/api/openrtb/match/otm?id=Njc2ZGMwY2QwZjcyMWZkNQ%3D%3D
Protocol: HTTP/1.1
Server: 45.139.25.118 Moscow, Russian Federation, ASN34959 (PROCLOUD KVIKTEL LLC, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Access-Control-Allow-Origin
Date: Thu, 26 Dec 2024 20:47:12 GMT
Vary: Origin
Server: nginx/1.20.1
Connection: keep-alive
Access-Control-Allow-Credentials: true

Redirect headers

access-control-allow-origin: *
location: https://ssp.al-adtech.com/api/openrtb/match/otm?id=Njc2ZGMwY2QwZjcyMWZkNQ%3D%3D
content-length: 102
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.10

GET
H/1.1

200
OK

usersync%20
partnerabc.com/
Redirect Chain

https://sync.opendsp.ru/match/otm_wl?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
https://sync.opendsp.ru/match/otm_wl?id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D&chk=1
https://sm.rtb.mts.ru/p?ssp=tradingdesk&id=MjczYWMyZTMyOTg5ZTM0Nw
https://vma.mts.ru/match/second?ssp=67&exu=MjczYWMyZTMyOTg5ZTM0Nw
https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=2ace4a0d-281c-4c62-9e94-4598214900df&redirect_return_url=https%3A%2F%2Fdmg.digitaltarget.r...
https://9633794231735246031422.cm.a.mts.ru/cm/match?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=2ace4a0d-281c-4c62-9e94-4598214900df&redirect_return_url=https://d...
https://dmg.digitaltarget.ru/1/7673/i/i?a=3680&e=2ace4a0d-281c-4c62-9e94-4598214900df&i=6136&redirect=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D67%26em%3D6%26ssp%3Damberdata
https://vma.mts.ru/em?next=67&em=6&ssp=amberdata
https://sync.opendsp.ru/match/mts_dsp?id=4e3a013e-68ff-4b12-875a-89173dbfe1f3
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2FPartnerABC.com%2Fusersync%20%3Fwebouuid%3DMjczYWMyZTMyOTg5ZTM0Nw
https://partnerabc.com/usersync%20?webouuid=MjczYWMyZTMyOTg5ZTM0Nw

0
38 B

350ms
117ms

Image
text/plain

2600:1900:4000:ea00:8000:74:8a0:d2d1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partnerabc.com/usersync%20?webouuid=MjczYWMyZTMyOTg5ZTM0Nw
Protocol: HTTP/1.1
Server: 2600:1900:4000:ea00:8000:74:8a0:d2d1 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Content-Length: 0

Redirect headers

cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
location: https://partnerabc.com/usersync%20?webouuid=MjczYWMyZTMyOTg5ZTM0Nw
pragma: no-cache
via: 1.1 google
expires: Tue, 03 Jul 2001 06:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
date: Thu, 26 Dec 2024 20:47:11 GMT
last-modified: Thu, 26 Dec 2024 20:47:11 GMT
vary: Origin
server: Weborama Collect Frontend

GET
H2

204

snp
sync.dmp.otm-r.com/match/
Redirect Chain

https://sync.bumlam.com/?src=otm1&rurl=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fsnp%3Fid%3D%7BUID3%7D&uid=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D
https://sync.dmp.otm-r.com/match/snp?id=9430d806-c3ca-11ef-86e0-002590c0647c

0
153 B

2129ms
2129ms

Image
text/plain

159.69.59.100
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/snp?id=9430d806-c3ca-11ef-86e0-002590c0647c
Protocol: H2
Server: 159.69.59.100 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.100.59.69.159.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:14 GMT
server: nginx/1.17.10
access-control-allow-origin: *

Redirect headers

Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Location: https://sync.dmp.otm-r.com/match/snp?id=9430d806-c3ca-11ef-86e0-002590c0647c
Connection: keep-alive
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Thu, 26 Dec 2024 20:47:12 GMT
Content-Type: text/html; charset=utf-8
Server: nginx

GET
H2

204

bazzoola
sync.dmp.otm-r.com/match/
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/videotarget?redirect_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fbazzoola%3Fid%3D%24%7BUUID%7D
https://sync.dmp.otm-r.com/match/bazzoola?id=15b76273-0e5d-4f72-6b22-51f68c73d6b7

0
153 B

74ms
74ms

Image
text/plain

159.69.59.100
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/bazzoola?id=15b76273-0e5d-4f72-6b22-51f68c73d6b7
Protocol: H2
Server: 159.69.59.100 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.100.59.69.159.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:12 GMT
server: nginx/1.17.10
access-control-allow-origin: *

Redirect headers

location: https://sync.dmp.otm-r.com/match/bazzoola?id=15b76273-0e5d-4f72-6b22-51f68c73d6b7
content-length: 104
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: text/html; charset=utf-8
server: nginx
serverid: TODO

GET
H/1.1 200
OK p
cs.agency2.ru/ 35 B
712 B 120ms
59ms Image
image/gif 23.105.255.196
UNITEDNET EDINAYA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.agency2.ru/p?ssp=ai
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.105.255.196 , Russian Federation, ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU),
Reverse DNS
Software: fasthttp /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Cache-Control: no-store, no-cache, must-revalidate
X-Host: 23.105.255.196
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 35
Date: Thu, 26 Dec 2024 20:47:12 GMT
Content-Type: image/gif
Server: fasthttp
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT

GET
H/1.1 200
OK i
dmg.digitaltarget.ru/1/7493/i/ 49 B
555 B 57ms
57ms Image
image/gif 185.15.175.144
SAFEDATA Data Sto...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/1/7493/i/i?a=656&e=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D&i=123

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.15.175.144 , Russian Federation, ASN43226 (SAFEDATA Data Storage Center JSC, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Access-Control-Max-Age: 86400
Connection: keep-alive
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 49
Date: Thu, 26 Dec 2024 20:47:12 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/gif
Server: nginx
X-Frame-Options: DENY

GET
H2 200 set
sync.rambler.ru/ 0
97 B 177ms
59ms Image
text/plain 87.242.127.163
CLOUDRU-AS "Cloud...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.rambler.ru/set?partner_id=ac24647d-6dd5-45f2-9616-a0eba04cfd13&id=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.242.127.163 , Russian Federation, ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-sca-elb: ext
content-length: 0
date: Thu, 26 Dec 2024 20:47:12 GMT

GET
H2 200 reg
stat.adlook.me/ 0
21 B 62ms
51ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=rU%2FdtmgcWzDfh%2BP2BvGWbX2%2BQGFvxIk4Ie4vfUdo69MJm5nQ9AorEM8e2s%2BdIPUS9sOExRHWOEiv5aXSKWPHx%2B5mDan%2BVihRe2iNtM%2BHWnNDZg8hRoxL6X57I3VQdA%2F3qWmvQe6FF242xnumxzu%2BOT69iJP14E3VTPlwbMxulE9evmEK%2FVJAuBKgYmndbct1XA1EIr0CTzjvNGJ90lA5pgYs4finZV7SXrN6rJyO%2BT53d%2B2NaFojfA%3D%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524603180351764&_adlk_ts=173524603180351764
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:11 GMT
server: Microsoft-IIS/10.0

GET
H2 200 reg
stat.adlook.me/ 0
44 B 55ms
51ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=qCTi1MkTZdT1xO%2BFq%2BRQF9aKuHOvGph3uGwNxsA5sxU3lBOI059T4DmiMBsW9MDTa8hFLef1lHG0JYBbBTRaO31DvVlU56elD364L8FhEJjX1i6R3%2BpeP7UCB4Uv%2FbA1kFE%2Bez0ry3TDzTyXELLJgPP6IJvXe86o%2B8JObNDRAnFvVtRxVf%2Fg93vzBy3Mk7W1WGZfSrCzJZIpKIUpJumtKJXeHGsqCLbpHZ69NgCquaaqfxi%2BPrRxYw%3D%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524603180476755&_adlk_ts=173524603180476755
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:11 GMT
server: Microsoft-IIS/10.0

GET
H2 200 linear-vpaid-v1.js Show response
cdn.instreamvideo.ru/storage/linear/ Frame B743 165 KB
45 KB 203ms
75ms Script
application/javascript 2a02:2d9:3:e::12
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js

Requested by

Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:2d9:3:e::12 , United Kingdom, ASN57304 (RETNRU-AS JSC "RetnNet", RU),

Reverse DNS

Software

nginx/1.27.3 /

Resource Hash

f9ace719aab268fea2590b8a040a9816646150476aa10d95aac31abf60a64653

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-location-name: special-1
content-encoding: br
etag: W/"674d5e82-293df"
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 02 Dec 2024 07:15:14 GMT
server: nginx/1.27.3

GET
H2 200 top100.js Show response
st.top100.ru/top100/ Frame B743 133 KB
40 KB 214ms
19ms Script
application/javascript 151.236.71.248
CDNetworks GLOBAL...

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNetworks GLOBAL CLOUD NETWORK LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: cdc9f17e47e9bbe67f5eace6a2980bc26dda093b18798cf16f56636af8b14398

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-amz-content-sha256: cdc9f17e47e9bbe67f5eace6a2980bc26dda093b18798cf16f56636af8b14398
x-amz-tagging-count: 0
x-cdn-edge-id: 2315
x-cdn-edge-cache: HIT
x-cdn-request-id: 6f5acd9b0b4d0dca33aa4dab6285fa79
content-encoding: gzip
x-amz-meta-s3cmd-attrs: atime:1734617865/ctime:1734619546/gid:0/gname:root/md5:3078b8dd6174af394c940cc90f007709/mode:33188/mtime:1734617865/uid:0/uname:root
etag: W/"3078b8dd6174af394c940cc90f007709"
x-amz-request-id: 00000194045C6E5FA0E69CD4B28CF638
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: application/javascript
last-modified: Thu, 19 Dec 2024 14:45:48 GMT
server: nginx
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

GET
H2 204 cmf
sp.ohmy.bid/ Frame 6678 0
0 315ms
22ms Document
text/plain 167.235.9.235
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.ohmy.bid/cmf?0.21565431461084072
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 167.235.9.235 Bühl, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.235.9.235.167.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

Referer: https://hd.lordseriy.christmas/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
bidder: bid-22 1.1744.42f7ffd6
date: Thu, 26 Dec 2024 20:47:12 GMT
server: nginx

GET
H/1.1 200
OK sync-loader.js Show response
ad.mail.ru/static/ Frame B743 155 KB
41 KB 109ms
108ms Script
application/javascript 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/static/sync-loader.js
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5e5ebd5298cb9dab18bda0c5076bb0c3422876cd52d442f2ff93564c071d786c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=600
Timing-Allow-Origin: *
Content-Encoding: gzip
Connection: keep-alive
Expires: Thu, 26 Dec 2024 20:57:12 GMT
Access-Control-Allow-Origin: *
Date: Thu, 26 Dec 2024 20:47:12 GMT
Content-Type: application/javascript;charset=UTF-8
Server: nginx

GET
H2 200 black.jpg
inplayer.ru/video/ Frame B743 2 KB
2 KB 414ms
52ms Image
image/jpeg 2a02:2d9:3:e::32
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inplayer.ru/video/black.jpg
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:2d9:3:e::32 , United Kingdom, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 68757ecc2c822ec174f9555b734fa6f139f6db60fcffd26195ac037ffeb0ad2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

etag: "5af40ea8-787"
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1927
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/jpeg
last-modified: Thu, 10 May 2018 09:19:36 GMT
server: nginx/1.27.2

GET
H2 200 ads.xml Show response
instreamvideo.ru/c/ Frame B743 565 B
1 KB 165ms
164ms XHR
application/xml 2a02:2d9:3:e::30
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://instreamvideo.ru/c/ads.xml?pid=739&vr=1&rid=638708536306137304&ss=SSz84tC8IuXU&idntfy=VUf9hvCPZuAANkV&pw=420&ph=236&dl=https%3A%2F%2Fhd.lordseriy.christmas%2F&dc=https%3A%2F%2Fhd.lordseriy.christmas%2F
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:2d9:3:e::30 , United Kingdom, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS
Software: nginx/1.27.1 /
Resource Hash: 63396b72c1a757304b6bb0636913d23d5da199ecf035771db4a5bbd29af3f70c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
access-control-allow-credentials: true
expires: Thursday, 01-Jan-1970 00:00:00 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 565
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: application/xml
x-server-vendor: Viaprog S.R.L.
server: nginx/1.27.1

GET
H2

200

/
www.tns-counter.ru/V13b****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100103-posid2155078/ Frame B743
Redirect Chain

https://www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100103-posid2155078/
https://www.tns-counter.ru/V13b****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100103-posid2155078/

43 B
297 B

58ms
58ms

Image
image/gif

2001:6d0:4001::226
ADFACT JSC ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100103-posid2155078/
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT JSC ADFACT, RU),
Reverse DNS
Software: ms-counter-4.4.3/1.22.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:01 GMT
content-length: 43
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.4.3/1.22.1

Redirect headers

strict-transport-security: max-age=2678400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
location: https://www.tns-counter.ru/V13b****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100103-posid2155078/
timing-allow-origin: *
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:01 GMT
content-length: 0
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/gif
server: ms-counter-4.4.3/1.22.1

GET
H2

200

tmsec=rambler_cid1100106-posid2155081
www.tns-counter.ru/V13b****rambler_ad/ru/UTF-8/ Frame B743
Redirect Chain

https://www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100106-posid2155081
https://www.tns-counter.ru/V13b****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100106-posid2155081

43 B
297 B

57ms
57ms

Image
image/gif

2001:6d0:4001::226
ADFACT JSC ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100106-posid2155081
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT JSC ADFACT, RU),
Reverse DNS
Software: ms-counter-4.4.3/1.22.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:01 GMT
content-length: 43
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.4.3/1.22.1

Redirect headers

strict-transport-security: max-age=2678400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
location: https://www.tns-counter.ru/V13b****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100106-posid2155081
timing-allow-origin: *
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:01 GMT
content-length: 0
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/gif
server: ms-counter-4.4.3/1.22.1

GET
H3 200 ads.xml Show response
instreamvideo.ru/c/ Frame B743 87 KB
6 KB 58ms
58ms XHR
text/xml 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://instreamvideo.ru/c/ads.xml?pid=739&vr=1&wotag=38843&ss=SSz84tC8IuXU&idntfy=VUf9hvCPZuAANkV&ow=0&oh=0&sw=0&sh=0&pd=0&pw=420&ph=236&dl=https%3A%2F%2Fhd.lordseriy.christmas%2F&rid=638708536306137304&pid=739&pw=420&ph=236&dl=https%3A%2F%2Fhd.lordseriy.christmas%2F&dc=https%3A%2F%2Fhd.lordseriy.christmas%2F
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: 5e313ef02dec0fe222c481658d0fb2bf376eee64b9c39c392fa71fe830b862a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: origin-when-cross-origin
expires: Thursday, 01-Jan-1970 00:00:00 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: text/xml; charset=utf-8
server: nginx/1.27.1

OPTIONS
H/1.1 200
OK /
privacy-cs.mail.ru/fp/ Frame 0
0 423ms
53ms Preflight
application/octet-stream 2a00:1148:1000:101:8:3:0:17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy-cs.mail.ru/fp/?id=cI7jr2SP06agLQhr8dr0T
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:1148:1000:101:8:3:0:17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://hd.lordseriy.christmas
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Method: POST
Access-Control-Allow-Origin: https://hd.lordseriy.christmas
Access-Control-Max-Age: 1728000
Cache-Control: max-age=7200
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream
Date: Thu, 26 Dec 2024 20:47:12 GMT
Expires: Thu, 26 Dec 2024 22:47:12 GMT
Server: nginx

POST
H/1.1 200
OK /
privacy-cs.mail.ru/fp/ Frame B743 0
0 183ms
67ms Fetch
application/octet-stream 2a00:1148:1000:101:8:3:0:17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy-cs.mail.ru/fp/?id=cI7jr2SP06agLQhr8dr0T
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/sync-loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:1148:1000:101:8:3:0:17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=7200
Timing-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 26 Dec 2024 22:47:12 GMT
Access-Control-Allow-Origin: https://hd.lordseriy.christmas
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Date: Thu, 26 Dec 2024 20:47:12 GMT
Content-Type: application/octet-stream
Server: nginx

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ Frame B743 43 B
640 B 167ms
55ms Image
image/gif 81.19.89.16
RAMBLER-TELECOM-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=7627570&session_id=57827816_1735246032477&session_number=1&session_event_number=1&version=3.16.50&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.7627570.2027199106.1735246032476&adtech_uid=28316ae1-3eb2-4f89-b307-11526ef0f10a&adtech_uid_scope=lordseriy.christmas&fingerprint_ip=pA8AAENKs1cOuH7NAZvzAAA%3D&ym_uid=1735246030519732062&url=https%3A%2F%2Fhd.lordseriy.christmas%2F&request_id=1735246032.476-482776279&event_id=580260324792514&meta=%7B%22title%22%3A%22%22%2C%22referer%22%3A%22https%3A%2F%2Fhd.lordseriy.christmas%2F%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%22420x236%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22nl-NL%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%22-60%22%7D&rn=1363943168

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS Rambler Internet Holding LLC, RU),

Reverse DNS

kraken.rambler.ru

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-sca-elb: t100-exd
content-length: 43
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: content-type

GET
H2 200 getCode Show response
yandex.ru/ads/adfox/257999/ Frame B743 42 B
197 B 79ms
79ms XHR
text/xml 5.255.255.77
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/257999/getCode?p1=dfkws&p2=hiuy&puid1=&puid2=&puid3=

Requested by

Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.255.255.77 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

d75a5ae8cfa906a56ed852cb303f01968978daf562ad14da806f483cc35c6b6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-yandex-req-id: 1735246032513798-64802313111050805-balancer-l7leveler-kubr-yp-vla-99-BAL
content-encoding: gzip
x-adfox: {"default":true, "place_id":1466158, "code_type":"regular"}
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Thu, 26 Dec 2024 20:47:12 GMT
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: text/xml; charset=utf-8
content-disposition: attachment; filename="null"
last-modified: Thu, 26 Dec 2024 20:47:12 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordseriy.christmas
x-xss-protection: 1; mode=block

GET
H2 204 vast Show response
sp.ohmy.bid/ssp/traff-ins85/ Frame B743 0
136 B 84ms
84ms XHR
text/plain 167.235.10.90
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.ohmy.bid/ssp/traff-ins85/vast?w=420&h=236&domain=hd.lordseriy.christmas&page=https%3A%2F%2Fhd.lordseriy.christmas%2F
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 167.235.10.90 Bühl, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.90.10.235.167.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

access-control-allow-origin: https://hd.lordseriy.christmas
bidder: bid-13 1.1744.42f7ffd6
date: Thu, 26 Dec 2024 20:47:12 GMT
server: nginx
access-control-allow-credentials: true

GET
H/1.1 200
OK vast.php Show response
vast.ufouxbwn.com/ Frame B743 27 B
552 B 86ms
51ms XHR
application/xml 94.103.9.201
FOXCLOUD FOXCLOUD...

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.ufouxbwn.com/vast.php?partner_id=5686402&set=4893698&format=6&referrer=https%3A%2F%2Fhd.lordseriy.christmas%2F
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 94.103.9.201 Amsterdam, Netherlands, ASN200904 (FOXCLOUD FOXCLOUD LLP, GB),
Reverse DNS: h201-nl9.fcsrv.net
Software: nginx/1.24.0 / PHP/8.3.14
Resource Hash: fd8b5f56a42ba9c68188da914e3e00e6f1b1328baf2fec87206dbda14340f737

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hd.lordseriy.christmas
Date: Thu, 26 Dec 2024 20:47:12 GMT
Content-Type: application/xml; charset=utf-8
Vary: Accept-Encoding
Server: nginx/1.24.0
X-Powered-By: PHP/8.3.14

GET
H2 200 ads.xml Show response
mediatoday.ru/c/ Frame B743 12 B
590 B 474ms
62ms XHR
text/xml 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://mediatoday.ru/c/ads.xml?pid=9398&vr=1&rid=638708536306137304&dl=https%3A%2F%2Fhd.lordseriy.christmas%2F&idntfy=VUf9hvCPZuAANkV&pw=420&ph=236
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: 21b398232e73bcfb7e782233055a6fbc1dbb3faf8736e512c216329555da2529

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: origin-when-cross-origin
expires: Thursday, 01-Jan-1970 00:00:00 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: text/xml; charset=utf-8
server: nginx/1.27.1

GET
H2 200 getCode Show response
yandex.ru/ads/adfox/257999/ Frame B743 8 KB
1 KB 78ms
77ms XHR
text/xml 5.255.255.77
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/257999/getCode?p1=ddypa&p2=hmkh&dl=hd.lordseriy.christmas

Requested by

Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.255.255.77 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

3836aa0bcae4ffa0697732c9580049ecb6b8fe493c49132e44e0b823567a1a80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-yandex-req-id: 1735246032515420-12255152133881323031-balancer-l7leveler-kubr-yp-vla-99-BAL
content-encoding: gzip
x-adfox: {"campaign_id":3198609, "banner_id":13224645, "session_type":"none", "campaign_level":20, "place_id":1440270, "code_type":"regular"}
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Thu, 26 Dec 2024 20:47:12 GMT
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: text/xml; charset=utf-8
last-modified: Thu, 26 Dec 2024 20:47:12 GMT
content-disposition: attachment; filename="null"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordseriy.christmas
x-xss-protection: 1; mode=block

GET
H3 200 e.gif
instreamvideo.ru/c/ Frame B743 43 B
298 B 56ms
55ms Image
image/gif 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instreamvideo.ru/c/e.gif?eid=94&bid=39280&pid=739&ll=https%3A%2F%2Fhd.lordseriy.christmas%2F&pw=420&ph=236&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SSz84tC8IuXU&idntfy=VUf9hvCPZuAANkV
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/gif
server: nginx/1.27.1

GET
H3 200 e.gif
instreamvideo.ru/c/ Frame B743 43 B
298 B 55ms
54ms Image
image/gif 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instreamvideo.ru/c/e.gif?eid=94&bid=39277&pid=739&ll=https%3A%2F%2Fhd.lordseriy.christmas%2F&pw=420&ph=236&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SSz84tC8IuXU&idntfy=VUf9hvCPZuAANkV
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/gif
server: nginx/1.27.1

GET
H3 200 e.gif
instreamvideo.ru/c/ Frame B743 43 B
298 B 52ms
52ms Image
image/gif 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instreamvideo.ru/c/e.gif?eid=94&bid=39257&pid=739&ll=https%3A%2F%2Fhd.lordseriy.christmas%2F&pw=420&ph=236&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SSz84tC8IuXU&idntfy=VUf9hvCPZuAANkV
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/gif
server: nginx/1.27.1

GET
H3 200 e.gif
instreamvideo.ru/c/ Frame B743 43 B
298 B 52ms
51ms Image
image/gif 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instreamvideo.ru/c/e.gif?eid=94&bid=39247&pid=739&ll=https%3A%2F%2Fhd.lordseriy.christmas%2F&pw=420&ph=236&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SSz84tC8IuXU&idntfy=VUf9hvCPZuAANkV
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/gif
server: nginx/1.27.1

GET
H3 200 e.gif
instreamvideo.ru/c/ Frame B743 43 B
298 B 110ms
110ms Image
image/gif 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instreamvideo.ru/c/e.gif?eid=94&bid=39126&pid=739&ll=https%3A%2F%2Fhd.lordseriy.christmas%2F&pw=420&ph=236&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SSz84tC8IuXU&idntfy=VUf9hvCPZuAANkV
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/gif
server: nginx/1.27.1

GET
H2 200 645476.xml Show response
cdn-rtb.sape.ru/rtb-b/vast/476/ Frame B743 1 KB
1 KB 171ms
55ms XHR
text/xml 193.3.184.47
QWARTA QWARTA LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-rtb.sape.ru/rtb-b/vast/476/645476.xml

Requested by

Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.3.184.47 , Russian Federation, ASN50214 (QWARTA QWARTA LLC, RU),

Reverse DNS

Software

openresty /

Resource Hash

03570a57ba8190569ca976df757bbfd9d8656c1b41ed7f66165b7986224bd280

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

content-encoding: gzip
etag: W/"f6a0ce927d409e54d929a761ffa131eb"
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 26 Dec 2024 21:47:12 GMT
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: text/xml; charset=UTF-8
last-modified: Sun, 22 Dec 2024 02:01:40 GMT
vary: Origin, Accept-Encoding
x-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: block-all-mixed-content
cache-control: max-age=3600
access-control-allow-credentials: true
x-amz-request-id: 18135DB64C06F08B
access-control-allow-origin: https://hd.lordseriy.christmas
x-xss-protection: 1; mode=block
server: openresty

GET
H2 200 vast Show response
ad.moe.video/ Frame B743 1 KB
1 KB 148ms
45ms XHR
application/xml 212.41.29.35
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.moe.video/vast?pid=10289&vpt=inbanner&advertCount=1&vt=vpaid&vl=0&rnd=638708536306137304&referer=https%3A%2F%2Fhd.lordseriy.christmas%2F

Requested by

Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.41.29.35 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

2c66d4d62eda1bf111a79e4e84dabeb596ba1262cc0f7e7b5283150f30147e78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 1061
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: application/xml; charset=UTF-8
version: v1.20.4
access-control-allow-credentials: true

GET
H3 200 e.gif
instreamvideo.ru/c/ Frame B743 43 B
298 B 60ms
60ms Image
image/gif 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instreamvideo.ru/c/e.gif?eid=94&bid=38787&pid=739&ll=https%3A%2F%2Fhd.lordseriy.christmas%2F&pw=420&ph=236&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SSz84tC8IuXU&idntfy=VUf9hvCPZuAANkV
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/gif
server: nginx/1.27.1

GET
H2 200 vast-container Show response
dsp.tigra.dev/bid/ Frame B743 615 B
804 B 230ms
73ms XHR
application/xml 5.227.125.249
MTS MTS PJSC

General

Check archive.org

Show headers Download Go to

Full URL

https://dsp.tigra.dev/bid/vast-container?ssp=36

Requested by

Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.227.125.249 , Russian Federation, ASN39001 (MTS MTS PJSC, RU),

Reverse DNS

Software

Resource Hash

536c856f1ee19382b4e411fcd357b042ca60cdeed78b2d032b1f3d1a876e7045

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 615
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: application/xml
access-control-allow-credentials: true

GET
H3 200 e.gif
instreamvideo.ru/c/ Frame B743 43 B
298 B 54ms
54ms Image
image/gif 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instreamvideo.ru/c/e.gif?eid=94&bid=37258&pid=739&ll=https%3A%2F%2Fhd.lordseriy.christmas%2F&pw=420&ph=236&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SSz84tC8IuXU&idntfy=VUf9hvCPZuAANkV
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/gif
server: nginx/1.27.1

GET
H2 200 code.xml Show response
catsnetwork.ru/core/ Frame B743 12 B
493 B 527ms
412ms XHR
text/xml 2a02:2d9:3:e::31
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://catsnetwork.ru/core/code.xml?pid=9433&vr=1&rid=638708536306137304&dl=https%3A%2F%2Fhd.lordseriy.christmas%2F&idntfy=VUf9hvCPZuAANkV&dc=https%3A%2F%2Fhd.lordseriy.christmas%2F
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:2d9:3:e::31 , United Kingdom, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS
Software: nginx/1.27.1 /
Resource Hash: 21b398232e73bcfb7e782233055a6fbc1dbb3faf8736e512c216329555da2529

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: origin-when-cross-origin
expires: Thursday, 01-Jan-1970 00:00:00 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:13 GMT
content-type: text/xml; charset=utf-8
server: nginx/1.27.1

GET
H3 200 e.gif
instreamvideo.ru/c/ Frame B743 43 B
298 B 51ms
51ms Image
image/gif 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instreamvideo.ru/c/e.gif?eid=94&bid=37250&pid=739&ll=https%3A%2F%2Fhd.lordseriy.christmas%2F&pw=420&ph=236&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SSz84tC8IuXU&idntfy=VUf9hvCPZuAANkV
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/gif
server: nginx/1.27.1

GET
H3 200 e.gif
instreamvideo.ru/c/ Frame B743 43 B
298 B 98ms
98ms Image
image/gif 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instreamvideo.ru/c/e.gif?eid=82&bid=38787&pid=739&ll=https%3A%2F%2Fhd.lordseriy.christmas%2F&pw=420&ph=236&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SSz84tC8IuXU&idntfy=VUf9hvCPZuAANkV
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/gif
server: nginx/1.27.1

GET
H3 200 e.gif
instreamvideo.ru/c/ Frame B743 43 B
298 B 97ms
97ms Image
image/gif 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instreamvideo.ru/c/e.gif?eid=82&bid=39126&pid=739&ll=https%3A%2F%2Fhd.lordseriy.christmas%2F&pw=420&ph=236&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SSz84tC8IuXU&idntfy=VUf9hvCPZuAANkV
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/gif
server: nginx/1.27.1

GET
H3 200 e.gif
instreamvideo.ru/c/ Frame B743 43 B
298 B 51ms
51ms Image
image/gif 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instreamvideo.ru/c/e.gif?eid=82&bid=37258&pid=739&ll=https%3A%2F%2Fhd.lordseriy.christmas%2F&pw=420&ph=236&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SSz84tC8IuXU&idntfy=VUf9hvCPZuAANkV
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/gif
server: nginx/1.27.1

GET
H3 200 wb-no-controls.css
instreamvideo.ru/storage/linear/ Frame B743 30 KB
13 KB 51ms
51ms Stylesheet
text/css 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://instreamvideo.ru/storage/linear/wb-no-controls.css
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: 53743a9865204a566c23e0b971798e07fb263f6fe3670cee74ba9734e9c991eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

content-encoding: br
etag: W/"623af9b8-797f"
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: text/css
last-modified: Wed, 23 Mar 2022 10:43:04 GMT
server: nginx/1.27.1

GET
H3 200 e.gif
instreamvideo.ru/c/ Frame B743 43 B
298 B 63ms
62ms Image
image/gif 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instreamvideo.ru/c/e.gif?eid=95&bid=39126&pid=739&ll=https%3A%2F%2Fhd.lordseriy.christmas%2F&pw=420&ph=236&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SSz84tC8IuXU&idntfy=VUf9hvCPZuAANkV
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:13 GMT
content-type: image/gif
server: nginx/1.27.1

GET
H3 200 err.gif
instreamvideo.ru/c/ Frame B743 43 B
298 B 98ms
98ms Image
image/gif 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instreamvideo.ru/c/err.gif?bid=39126&pid=739&ss=SSz84tC8IuXU&idntfy=VUf9hvCPZuAANkV&ssq=[ISV_SSQ]&err=erid&errv=405&errd=
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:13 GMT
content-type: image/gif
server: nginx/1.27.1

GET
H2 204 event
ads.adfox.ru/257999/ Frame B743 0
230 B 285ms
106ms Image
text/plain 2a02:6b8::1be
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/257999/event?hash=ac090cde21c29a48&p2=hmkh&rtb-si=b&p5=bcylcf&rand=lrzwads&sj=BFeILLhcPkuOFNo0mNbgjBzRQxXt0wK8de5JAjUP5KQYUMU468HbB8SuVO5RLw%3D%3D&lts=fqbgeaa&dl=hd.lordseriy.christmas&pr=a&p1=ddypa&rqs=zrxbQ6JpCHHQwG1nbZ5YA-o9Z7VdTtaS&pm=u

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
expires: Mon, 04 Dec 1999 21:29:02 GMT
access-control-allow-origin: *
date: Thu, 26 Dec 2024 20:47:13 GMT
last-modified: Thu, 26 Dec 2024 20:47:13 GMT

GET
H2 200 vpaid-ssp.min.js Show response
cdnrtbsape.ru/js/vast/ Frame EC3B 153 KB
46 KB 221ms
106ms Script
text/javascript 193.3.184.43
QWARTA QWARTA LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnrtbsape.ru/js/vast/vpaid-ssp.min.js

Requested by

Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.3.184.43 , Russian Federation, ASN50214 (QWARTA QWARTA LLC, RU),

Reverse DNS

Software

openresty /

Resource Hash

9aed6621a0c694a733d18724966165110b5f6fc84790d10b42ec2523e53c11d2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

content-encoding: gzip
etag: W/"1575c684f1dab8b3a41ff8653b83cce2"
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Fri, 27 Dec 2024 20:47:13 GMT
date: Thu, 26 Dec 2024 20:47:13 GMT
content-type: text/javascript
last-modified: Thu, 01 Aug 2024 07:08:47 GMT
vary: Origin, Accept-Encoding
x-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: block-all-mixed-content
cache-control: max-age=86400
access-control-allow-credentials: true
x-amz-request-id: 180E2F48592C082F
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: openresty

HEAD
H2 200 context.js
yandex.ru/ads/system/ Frame B743 0
0 429ms
68ms Fetch
text/javascript 2a02:6b8:a::a
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: ad.mail.ru
URL: https://ad.mail.ru/static/sync-loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-robots-tag: noindex, noarchive, nofollow
x-yandex-req-id: 1735246033542051-8847549652996301362-balancer-l7leveler-kubr-yp-klg-226-BAL
cache-control: private, max-age=3600
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
content-encoding: br
etag: "bcc2518e0edf5164708b153dc773e9bb-1183758"
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
timing-allow-origin: *
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Thu, 26 Dec 2024 21:47:13 GMT
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8

POST
H2 200 99270249
mc.yandex.com/webvisor/ 43 B
0 256ms
125ms Fetch
image/gif 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/99270249?wv-part=1&wv-type=7&wmode=0&wv-hit=80971784&page-url=https%3A%2F%2Fhd.lordseriy.christmas%2F&rn=28260406&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1735246033%3Aw%3A1600x1200%3Av%3A1551%3Az%3A60%3Ai%3A20241226214713%3Au%3A1735246030519732062%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1735246033&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 26-Dec-2024 20:47:13 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 43
x-xss-protection: 1; mode=block
date: Thu, 26 Dec 2024 20:47:13 GMT
content-type: image/gif
last-modified: Thu, 26-Dec-2024 20:47:13 GMT

GET
H2 200 aci.js Show response
www.acint.net/ Frame EC3B 31 KB
9 KB 25ms
24ms Script
application/x-javascript 142.132.138.212
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: cdnrtbsape.ru
URL: https://cdnrtbsape.ru/js/vast/vpaid-ssp.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.212 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.212.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: 7b2d18d3dc9861604cbbde63dd9218e12a6cac1a06f52b877eddf61f9f7c3b37

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: "6710dc23-225f"
expires: Fri, 27 Dec 2024 08:47:13 GMT
content-length: 8799
date: Thu, 26 Dec 2024 20:47:13 GMT
content-type: application/x-javascript
last-modified: Thu, 17 Oct 2024 09:42:59 GMT
server: openresty

GET
H3 200 e.gif
instreamvideo.ru/c/ Frame B743 43 B
298 B 118ms
117ms Image
image/gif 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instreamvideo.ru/c/e.gif?eid=78&bid=39126&pid=739&ll=https%3A%2F%2Fhd.lordseriy.christmas%2F&pw=420&ph=236&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SSz84tC8IuXU&idntfy=VUf9hvCPZuAANkV&ssq=0
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:13 GMT
content-type: image/gif
server: nginx/1.27.1

GET
H2 200 get_sspuid Show response
www.acint.net/services/ Frame EC3B 92 B
166 B 24ms
24ms Script
application/javascript 142.132.138.212
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/services/get_sspuid?callback=cid_676dc0d14_93338683
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.212 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.212.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: c2c8995d7b2b8d058fcaff2f117c95b8558bb65cf1cdd3305dc24967abedbe2f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

content-length: 92
date: Thu, 26 Dec 2024 20:47:13 GMT
content-type: application/javascript
server: openresty

GET
H2 200 ymcode Show response
ssp-rtb.sape.ru/ Frame EC3B 36 B
397 B 61ms
61ms Script
application/octet-stream 193.3.184.211
QWARTA QWARTA LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/ymcode?callback=sapeRTB_676dc0d15_54789543
Requested by: Host: cdnrtbsape.ru
URL: https://cdnrtbsape.ru/js/vast/vpaid-ssp.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.211 , Russian Federation, ASN50214 (QWARTA QWARTA LLC, RU),
Reverse DNS
Software: openresty /
Resource Hash: e4aa3fe443ce66fe8cf7cffb5b88870fd5ac8d1f630e13351b54fd14168fa18f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-yarequestid: 413ee287c7cf413da97337cf523fc7d4
content-encoding: gzip
x-yaspanid: 6535ece604949d3b
access-control-allow-methods: GET
expires: Wed, 19 Apr 2000 11:43:00 GMT
access-control-allow-origin: *
content-length: 56
accept-encoding: gzip, identity
date: Thu, 26 Dec 2024 20:47:13 GMT
x-yatraceid: f3476fd09d254f3f9f9dd85d336e6eb6
content-type: application/octet-stream
server: openresty

GET
H2 200 /
mc.acint.net/mc/ Frame 9E55 0
0 70ms
24ms Document
text/html 142.132.138.214
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://mc.acint.net/mc/?dp=131&aid=0400007FCEC06D675305E56C02F09BCD
Requested by: Host: cdnrtbsape.ru
URL: https://cdnrtbsape.ru/js/vast/vpaid-ssp.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.214 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.214.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash

Request headers

Referer: https://hd.lordseriy.christmas/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 26 Dec 2024 20:47:13 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server: openresty

GET watch.js
mc.yandex.ru/metrika/ Frame EC3B 0
0

GET
H2 200 /
www.acint.net/mc/ Frame FF7A 0
0 71ms
25ms Document
text/html 142.132.138.214
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=14&aid=0400007FCEC06D675305E56C02F09BCD
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.214 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.214.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash

Request headers

Referer: https://hd.lordseriy.christmas/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 26 Dec 2024 20:47:13 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server: openresty

GET
H2 200 oci.js Show response
www.acint.net/ Frame EC3B 31 KB
14 KB 27ms
27ms Script
application/x-javascript 142.132.138.212
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/oci.js?t=1735246033317
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.212 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.212.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: 6484b6ba0da1ddeed1cddbc5f51a925c9321fa6c256e7f1d5e6a4b470a7f61ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

content-encoding: gzip
date: Thu, 26 Dec 2024 20:47:13 GMT
etag: W/"641e08a5-7dac"
content-type: application/x-javascript
last-modified: Fri, 24 Mar 2023 20:31:33 GMT
server: openresty

GET
H2 200 1
pxl.acint.net/pxl/ Frame EC3B 43 B
224 B 30ms
24ms Image
image/gif 142.132.138.214
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pxl.acint.net/pxl/1?dp=16&id=122912.645476.163382213&sid=676dc0d1-4147-b0pn-v6u7-zhhkl6e1yvth&aid=0400007FCEC06D675305E56C02F09BCD&ref=https%3A%2F%2Fhd.lordseriy.christmas%2F&r=1735246033
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.214 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.214.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
date: Thu, 26 Dec 2024 20:47:13 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty

GET
H2 200 /
www.acint.net/hit/ Frame EC3B 43 B
224 B 25ms
24ms Image
image/gif 142.132.138.212
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.7.1&uid=8c47019c-afa8-4e83-9d8b-017a4e91e137&dp=14&tz=%2B01%3A00&nc=172892&aid=0400007FCEC06D675305E56C02F09BCD&u=&r=&rs=1600x1200&t=&oE=1&oP=1&dT=2024-12-26T21%3A47%3A13.316&fu=9bf334d2-904d-44d6-888d-ee2873456d49&if=https%3A%2F%2Fhd.lordseriy.christmas%2F
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.212 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.212.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
date: Thu, 26 Dec 2024 20:47:13 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty

GET
H2 200 /
ssp-rtb.sape.ru/data/ Frame EC3B 21 B
0 112ms
112ms XHR
application/xml 193.3.184.211
QWARTA QWARTA LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/data/?callback=sapeRTBreadResponse_122912&srtbid=122912&scids=163382213&aid=0400007FCEC06D675305E56C02F09BCD&sx=420&sy=236&u=https%3A%2F%2Fhd.lordseriy.christmas%2F&allimps=1&fl=0&tz=%2B01%3A00&op=vast
Requested by: Host: cdnrtbsape.ru
URL: https://cdnrtbsape.ru/js/vast/vpaid-ssp.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.3.184.211 , Russian Federation, ASN50214 (QWARTA QWARTA LLC, RU),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-yarequestid: 8121bd6a3dc644ddaaa5d012b63ec1d4
content-encoding: gzip
x-yaspanid: 021a606c91afe2d5
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: Wed, 19 Apr 2000 11:43:00 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 41
accept-encoding: gzip, identity
date: Thu, 26 Dec 2024 20:47:13 GMT
x-yatraceid: 3a9eb771afa04f6c967ef29657e8767a
content-type: application/xml; charset=UTF-8
server: openresty

GET
H2 200 /
www.acint.net/oci/ Frame EC3B 43 B
224 B 24ms
24ms Image
image/gif 142.132.138.212
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/oci/?v=0.7.1&uid=8c47019c-afa8-4e83-9d8b-017a4e91e137&dp=14&tz=%2B01%3A00&nc=272280&aid=0400007FCEC06D675305E56C02F09BCD&oid=7940a256e92ed9cc81d903c23035db11
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.212 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.212.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
date: Thu, 26 Dec 2024 20:47:13 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty

GET
H3 200 err.gif
instreamvideo.ru/c/ Frame B743 43 B
298 B 54ms
54ms Image
image/gif 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instreamvideo.ru/c/err.gif?bid=39126&pid=739&ss=SSz84tC8IuXU&idntfy=VUf9hvCPZuAANkV&ssq=[ISV_SSQ]&err=&errv=310&errd=
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:13 GMT
content-type: image/gif
server: nginx/1.27.1

GET
H2 204 event
ads.adfox.ru/257999/ Frame B743 0
18 B 110ms
108ms Image
text/plain 2a02:6b8::1be
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
expires: Mon, 04 Dec 1999 21:29:02 GMT
access-control-allow-origin: *
date: Thu, 26 Dec 2024 20:47:13 GMT
last-modified: Thu, 26 Dec 2024 20:47:13 GMT

GET
H3 200 e.gif
instreamvideo.ru/c/ Frame B743 43 B
298 B 76ms
75ms Image
image/gif 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instreamvideo.ru/c/e.gif?eid=95&bid=38787&pid=739&ll=https%3A%2F%2Fhd.lordseriy.christmas%2F&pw=420&ph=236&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SSz84tC8IuXU&idntfy=VUf9hvCPZuAANkV
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:13 GMT
content-type: image/gif
server: nginx/1.27.1

GET
H3 200 err.gif
instreamvideo.ru/c/ Frame B743 43 B
298 B 103ms
102ms Image
image/gif 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instreamvideo.ru/c/err.gif?bid=38787&pid=739&ss=SSz84tC8IuXU&idntfy=VUf9hvCPZuAANkV&ssq=[ISV_SSQ]&err=erid&errv=405&errd=
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:13 GMT
content-type: image/gif
server: nginx/1.27.1

GET
H2 200 mvplayer.min.js Show response
cdn1.moe.video/player/ Frame 2EE3 351 KB
92 KB 197ms
16ms Script
application/x-javascript 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.moe.video/player/mvplayer.min.js
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 , Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: d718128b47ed7b0d966cf4412577a48228794b67eeff61db113468dccba168f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-cached-since: 2024-12-26T20:31:25+00:00
cache: HIT
cache-control: max-age=43200
content-encoding: gzip
expires: Fri, 27 Dec 2024 08:47:13 GMT
date: Thu, 26 Dec 2024 20:47:13 GMT
content-type: application/x-javascript
vary: Accept-Encoding
server: nginx
last-modified: Thursday, 26-Dec-2024 20:31:25 GMT
x-node: am4-up-gc95

POST
H2 200 99270249
mc.yandex.com/webvisor/ 43 B
0 71ms
69ms Fetch
image/gif 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/99270249?wv-part=1&wv-type=7&wmode=0&wv-hit=80971784&page-url=https%3A%2F%2Fhd.lordseriy.christmas%2F&rn=143838187&browser-info=we%3A1%3Aet%3A1735246034%3Aw%3A1600x1200%3Av%3A1551%3Az%3A60%3Ai%3A20241226214713%3Au%3A1735246030519732062%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1735246034&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 26-Dec-2024 20:47:13 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 43
date: Thu, 26 Dec 2024 20:47:13 GMT
x-xss-protection: 1; mode=block
last-modified: Thu, 26-Dec-2024 20:47:13 GMT
content-type: image/gif

GET
H2 200 AdRiverFPS.js Show response
content.adriver.ru/ Frame 2EE3 47 KB
47 KB 161ms
51ms Script
application/x-javascript 83.222.14.222
MASTERHOST-AS LLC...

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/AdRiverFPS.js
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.222.14.222 , Russian Federation, ASN25532 (MASTERHOST-AS LLC "MASTERHOST", RU),
Reverse DNS
Software: nginx /
Resource Hash: 507ae2ad536fedbdef871bbcf3c477ea08103556fa18fa4544951185f65c2826

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: max-age=3600
etag: "676d3010-bb51"
expires: Thu, 26 Dec 2024 21:47:13 GMT
accept-ranges: bytes
content-length: 47953
date: Thu, 26 Dec 2024 20:47:13 GMT
content-type: application/x-javascript
last-modified: Thu, 26 Dec 2024 10:29:36 GMT
server: nginx

GET
H3 200 e.gif
instreamvideo.ru/c/ Frame B743 43 B
298 B 51ms
51ms Image
image/gif 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instreamvideo.ru/c/e.gif?eid=78&bid=38787&pid=739&ll=https%3A%2F%2Fhd.lordseriy.christmas%2F&pw=420&ph=236&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SSz84tC8IuXU&idntfy=VUf9hvCPZuAANkV&ssq=0
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:13 GMT
content-type: image/gif
server: nginx/1.27.1

GET
H/1.1 200
OK 1434682 Show response
ad.mail.ru/vast/ Frame 2EE3 60 B
423 B 68ms
67ms Fetch
text/xml 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/1434682?dl=hd.lordseriy.christmas&content_id=188396652776352
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Cache-Control: private, no-cache, no-store
Timing-Allow-Origin: *
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hd.lordseriy.christmas
Date: Thu, 26 Dec 2024 20:47:13 GMT
Content-Type: text/xml
Server: nginx

GET
H/1.1 200
OK 1434682 Show response
ad.mail.ru/vast/ Frame 2EE3 59 B
422 B 255ms
60ms Fetch
text/xml 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/1434682?dl=hd.lordseriy.christmas&content_id=188396652776352
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash: a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Cache-Control: private, no-cache, no-store
Timing-Allow-Origin: *
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hd.lordseriy.christmas
Date: Thu, 26 Dec 2024 20:47:14 GMT
Content-Type: text/xml
Server: nginx

GET
H/1.1 200
OK 993463 Show response
ad.mail.ru/vast/ Frame 2EE3 61 B
424 B 139ms
69ms Fetch
text/xml 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/993463?rand=715509&sc=2776352&dl=hd.lordseriy.christmas&dd=1
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash: db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Cache-Control: private, no-cache, no-store
Timing-Allow-Origin: *
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hd.lordseriy.christmas
Date: Thu, 26 Dec 2024 20:47:14 GMT
Content-Type: text/xml
Server: nginx

GET
H/1.1 200
OK 988595 Show response
ad.mail.ru/vast/ Frame 2EE3 59 B
422 B 158ms
54ms Fetch
text/xml 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/988595?rand=5784616&sc=2776352&dl=hd.lordseriy.christmas&dd=1
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash: a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Cache-Control: private, no-cache, no-store
Timing-Allow-Origin: *
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hd.lordseriy.christmas
Date: Thu, 26 Dec 2024 20:47:14 GMT
Content-Type: text/xml
Server: nginx

GET
H/1.1 200
OK 993463 Show response
ad.mail.ru/vast/ Frame 2EE3 59 B
422 B 194ms
54ms Fetch
text/xml 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/993463?rand=3472675&sc=2776352&dl=hd.lordseriy.christmas&dd=1
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash: a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Cache-Control: private, no-cache, no-store
Timing-Allow-Origin: *
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hd.lordseriy.christmas
Date: Thu, 26 Dec 2024 20:47:14 GMT
Content-Type: text/xml
Server: nginx

GET
H/1.1 200
OK json.cgi Show response
ad.adriver.ru/cgi-bin/ Frame 2EE3 501 B
1 KB 142ms
46ms Fetch
application/json 195.209.109.11
ADRIVER LLC AdRiver

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/json.cgi?ad=719473&bt=55&pid=3198680&bid=7189165&bn=7189165&tuid=1&cfa=1&sid=1&loc=https%3A%2F%2Fhd.lordseriy.christmas%2F&custom=308%3D1735246030519732062%3B309%3D0%3B310%3DcI7jr2SP06agLQhr8dr0T%3A1735246032360
Requested by: Host: content.adriver.ru
URL: https://content.adriver.ru/AdRiverFPS.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.209.109.11 , Russian Federation, ASN52007 (ADRIVER LLC AdRiver, RU),
Reverse DNS
Software: /
Resource Hash: d5d3f27a8d3fe59aa6c8060a9ad0a381895f4cc51676e0ab57447603caa461af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin: https://hd.lordseriy.christmas
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Date: Thu, 26 Dec 2024 20:47:14 GMT
Content-Type: application/json

GET
H2

200

cs
rtb.moe.video/ Frame 2EE3
Redirect Chain

https://moevideo-sync.rutarget.ru/sync
https://rtb.moe.video/cs?b=5flcP_MzxoWQ&d=1

0
0

45ms
45ms

Fetch

46.148.230.54
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.moe.video/cs?b=5flcP_MzxoWQ&d=1

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Server

46.148.230.54 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Location: https://rtb.moe.video/cs?b=5flcP_MzxoWQ&d=1
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Date: Thu, 26 Dec 2024 20:47:14 GMT
Server: nginx
Connection: close

GET
H/1.1 200
OK rle.cgi
ad.adriver.ru/cgi-bin/ Frame 2EE3 42 B
0 136ms
46ms Fetch
image/gif 195.209.109.11
ADRIVER LLC AdRiver

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.209.109.11 , Russian Federation, ASN52007 (ADRIVER LLC AdRiver, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Date: Thu, 26 Dec 2024 20:47:14 GMT
Content-Type: image/gif

GET
H2

200

cs
rtb.moe.video/ Frame 2EE3
Redirect Chain

https://sync.bumlam.com/?src=mvn&uid=0c681268701b0bac356f
https://rtb.moe.video/cs?b=9430d806-c3ca-11ef-86e0-002590c0647c&d=3

0
0

45ms
45ms

Fetch

46.148.230.54
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.moe.video/cs?b=9430d806-c3ca-11ef-86e0-002590c0647c&d=3

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Server

46.148.230.54 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Location: https://rtb.moe.video/cs?b=9430d806-c3ca-11ef-86e0-002590c0647c&d=3
Connection: keep-alive
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Thu, 26 Dec 2024 20:47:13 GMT
Content-Type: text/html; charset=utf-8
Server: nginx

GET
H2

200

cs
rtb.moe.video/ Frame 2EE3
Redirect Chain

https://kimberlite.io/rtb/sync/moevideo
https://solta-sync.rutarget.ru/sync
https://kimberlite.io/rtb/sync/segmento?u=5flcP_MzxoWQ
https://rtb.moe.video/cs?d=4&b=Z23Az2Dd1cc

0
0

45ms
45ms

Fetch

46.148.230.54
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.moe.video/cs?d=4&b=Z23Az2Dd1cc

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Server

46.148.230.54 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

date: Thu, 26 Dec 2024 20:47:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

cache-control: no-store
location: https://rtb.moe.video/cs?d=4&b=Z23Az2Dd1cc
Connection: keep-alive
access-control-allow-credentials: true
referrer-policy: no-referrer
access-control-allow-origin: *
server-timing: app;srv=s9;dur=0.0006
Content-Length: 0
Date: Thu, 26 Dec 2024 20:47:14 GMT
Server: nginx

GET
H2

200

cs
rtb.moe.video/ Frame 2EE3
Redirect Chain

https://kimberlite.io/rtb/sync/moevideo
https://px.adhigh.net/p/cm/solta?u=Z23Az2Dd1cc
https://kimberlite.io/rtb/sync/getintent?u=xHjxiGPTgaI.AikABlGUBLkoiQ
https://rtb.moe.video/cs?d=4&b=Z23Az2Dd1cc

0
0

65ms
44ms

Fetch

46.148.230.54
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.moe.video/cs?d=4&b=Z23Az2Dd1cc

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Server

46.148.230.54 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

date: Thu, 26 Dec 2024 20:47:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

cache-control: no-store
location: https://rtb.moe.video/cs?d=4&b=Z23Az2Dd1cc
Connection: keep-alive
access-control-allow-credentials: true
referrer-policy: no-referrer
access-control-allow-origin: *
server-timing: app;srv=s11a;dur=0.0005
Content-Length: 0
Date: Thu, 26 Dec 2024 20:47:14 GMT
Server: nginx

GET
H2

200

cs
rtb.moe.video/ Frame 2EE3
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/moevideo?redirect_url=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D6%26b%3D%24%7BUUID%7D
https://rtb.moe.video/cs?d=6&b=15b76273-0e5d-4f72-6b22-51f68c73d6b7

0
0

46ms
45ms

Fetch

46.148.230.54
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.moe.video/cs?d=6&b=15b76273-0e5d-4f72-6b22-51f68c73d6b7

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Server

46.148.230.54 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

location: https://rtb.moe.video/cs?d=6&b=15b76273-0e5d-4f72-6b22-51f68c73d6b7
content-length: 94
date: Thu, 26 Dec 2024 20:47:14 GMT
content-type: text/html; charset=utf-8
server: nginx
serverid: TODO

GET
H2

200

cs
rtb.moe.video/ Frame 2EE3
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D7%26b%3D%24%7BUSER_ID%7D
https://rtb.moe.video/cs?d=7&b=9165ef9a-67e1-5269-b9cd-53c0dea0930e

0
0

49ms
49ms

Fetch

46.148.230.54
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.moe.video/cs?d=7&b=9165ef9a-67e1-5269-b9cd-53c0dea0930e

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Server

46.148.230.54 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
location: https://rtb.moe.video/cs?d=7&b=9165ef9a-67e1-5269-b9cd-53c0dea0930e
content-length: 0

GET
H2 204 match
dm-eu.hybrid.ai/ Frame 2EE3 0
0 18ms
14ms Fetch 37.230.131.16
HYBRID-Poland HYB...

General

Check archive.org

Show headers Download Go to

Full URL

https://dm-eu.hybrid.ai/match?id=117

Requested by

Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.16 Amsterdam, Netherlands, ASN200197 (HYBRID-Poland HYBRID ADTECH SP.Z.O.O., PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
access-control-allow-credentials: true
expires: -1
access-control-allow-origin: https://hd.lordseriy.christmas
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 0580
date: Thu, 26 Dec 2024 20:47:13 GMT
x-xss-protection: 1; mode=block
server: Hybrid Web Server

GET
H2

200

cs
rtb.moe.video/ Frame 2EE3
Redirect Chain

https://px.adhigh.net/p/cm/moevideo
https://rtb.moe.video/cs?d=9&b=xHjxiGPTgaI.AikABlGUBLkoiQ

0
0

45ms
45ms

Fetch

46.148.230.54
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.moe.video/cs?d=9&b=xHjxiGPTgaI.AikABlGUBLkoiQ

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Server

46.148.230.54 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

x-backend-id: f16-ru
cache-control: no-cache, no-store
location: https://rtb.moe.video/cs?d=9&b=xHjxiGPTgaI.AikABlGUBLkoiQ
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Thu, 26 Dec 2024 20:47:14 GMT
server: nginx

GET
H2

200

cs
rtb.moe.video/ Frame 2EE3
Redirect Chain

https://sync.upravel.com/moevideo/sync
https://rtb.moe.video/cs?d=10&b=fb19b462-1c8f-495b-9393-c17f0bbe89c6

0
0

45ms
45ms

Fetch

46.148.230.54
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.moe.video/cs?d=10&b=fb19b462-1c8f-495b-9393-c17f0bbe89c6

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Server

46.148.230.54 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

access-control-expose-headers: Content-Length,Content-Range
location: https://rtb.moe.video/cs?d=10&b=fb19b462-1c8f-495b-9393-c17f0bbe89c6
access-control-allow-credentials: false
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 0
date: Thu, 26 Dec 2024 20:47:14 GMT
server: nginx
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2

200

cs
rtb.moe.video/ Frame 2EE3
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=moevideo&id=0c681268701b0bac356f
https://vma.mts.ru/match/second?ssp=22&exu=0c681268701b0bac356f
https://cm.a.mts.ru/cm/tech?flowId=c128a652-29c1-46c5-aece-22212bde700f&measurement_id=MTS_DSP_web&dsp_uid=4e3a013e-68ff-4b12-875a-89173dbfe1f3&redirect_return_url=https%3A%2F%2Fredirect.frontend.w...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D22%26em%3D5%26ssp%3Dweborama%26id%3D%7BWEBO_CID%7D
https://vma.mts.ru/em?next=22&em=5&ssp=weborama&id=zHNpgJfaVvvQlmMwAQV9Bu
https://rtb.moe.video/cs?d=11&b=4e3a013e-68ff-4b12-875a-89173dbfe1f3

0
0

45ms
45ms

Fetch

46.148.230.54
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.moe.video/cs?d=11&b=4e3a013e-68ff-4b12-875a-89173dbfe1f3

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Server

46.148.230.54 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Location: https://rtb.moe.video/cs?d=11&b=4e3a013e-68ff-4b12-875a-89173dbfe1f3
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Thu, 26 Dec 2024 20:47:14 GMT
Vary: Origin
Server: nginx
Access-Control-Allow-Headers: Origin

GET
H2

200

cs
rtb.moe.video/ Frame 2EE3
Redirect Chain

https://sync.dmp.otm-r.com/match/moevideo
https://rtb.moe.video/cs?d=12&b=Njc2ZGMwY2QwZjcyMWZkNQ%3D%3D

0
0

45ms
44ms

Fetch

46.148.230.54
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.moe.video/cs?d=12&b=Njc2ZGMwY2QwZjcyMWZkNQ%3D%3D

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Server

46.148.230.54 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

access-control-allow-origin: *
location: https://rtb.moe.video/cs?d=12&b=Njc2ZGMwY2QwZjcyMWZkNQ%3D%3D
content-length: 87
date: Thu, 26 Dec 2024 20:47:14 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.10

GET
H2

200

counter
top-fwz1.mail.ru/ Frame 2EE3
Redirect Chain

https://sync.adspend.space/moevideo?uid=0c681268701b0bac356f
https://sync.adspend.space/check?r=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3Dce62c442-7970-477b-b74e-9fa906abdf48%26i%3D64431682377785435%26r%3Dhttps%253A%252F%252Fprodmp...
https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=ce62c442-7970-477b-b74e-9fa906abdf48&i=64431682377785435&r=https%3A%2F%2Fprodmp.ru%2Fadspend-sync.gif%3Fdsp_provider_id%3D2%26uid%3Dce62c442-7970-477b...
https://prodmp.ru/adspend-sync.gif?dsp_provider_id=2&uid=ce62c442-7970-477b-b74e-9fa906abdf48&r=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D13%26b%3Dce62c442-7970-477b-b74e-9fa906abdf48
https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=ce62c442-7970-477b-b74e-9fa906abdf48&r=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3Dce62c442-7970-477b-b74e-9fa906abdf48...
https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=ce62c442-7970-477b-b74e-9fa906abdf48&i=1735246034446&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpmediadesk%2Fce62c442-7970-477b-b74e-9fa906abdf48%3Fsig...
https://an.yandex.ru/mapuid/dmpmediadesk/ce62c442-7970-477b-b74e-9fa906abdf48?sign=1e1e3d48&location=https%3A%2F%2F1010--ce62c442-7970-477b-b74e-9fa906abdf48.stbid.ru%2F%3Fr%3Dhttps%25253A%25252F%2...
https://1010--ce62c442-7970-477b-b74e-9fa906abdf48.stbid.ru/?r=https%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228
https://top-fwz1.mail.ru/counter?id=3138228

43 B
0

53ms
53ms

Fetch
image/gif

95.163.52.67
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?id=3138228

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
x-content-type-options: nosniff
accept-ch-lifetime: 86400
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
date: Thu, 26 Dec 2024 20:47:14 GMT
content-type: image/gif
access-control-allow-headers: *
cache-control: private, no-cache, no-store, max-age=0
timing-allow-origin: *
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
content-length: 43
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Location: https://top-fwz1.mail.ru/counter?id=3138228
Content-Length: 0
Date: Thu, 26 Dec 2024 20:47:14 GMT
Server: nginx/1.27.0
Connection: close

GET
H2

200

cs
rtb.moe.video/ Frame 2EE3
Redirect Chain

https://ssp.al-adtech.com/api/sync/myvideo
https://rtb.moe.video/cs?d=14&b=3875a1fc-4f14-4f9b-83fd-de202c192f50

0
0

45ms
44ms

Fetch

46.148.230.54
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.moe.video/cs?d=14&b=3875a1fc-4f14-4f9b-83fd-de202c192f50

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Server

46.148.230.54 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

Location: https://rtb.moe.video/cs?d=14&b=3875a1fc-4f14-4f9b-83fd-de202c192f50
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Content-Length: 0
Date: Thu, 26 Dec 2024 20:47:14 GMT
Vary: Origin
Server: nginx/1.20.1

GET
H2

404

cs
rtb.moe.video/ Frame 2EE3
Redirect Chain

https://match.qtarget.tech/userbind?src=moevideo&id=0c681268701b0bac356f
https://const.uno/p.gif?p=35&id=&r=1&url=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D15%26b%3D
https://matching.mobilebanner.ru/p.gif?pid=target-https-qm&euid=&re=1&id=&rt=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D15%26b%3D
https://rtb.moe.video/cs?d=15&b=

0
0

45ms
45ms

Fetch

46.148.230.54
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.moe.video/cs?d=15&b=

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Server

46.148.230.54 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
location: https://rtb.moe.video/cs?d=15&b=
content-length: 0
date: Thu, 26 Dec 2024 20:47:14 GMT
server: nginx
access-control-allow-credentials: true, true

GET
H/1.1

200
OK

getintent
kimberlite.io/rtb/sync/ Frame 2EE3
Redirect Chain

https://sync.programmatica.com/match/MoeVideo?id=0c681268701b0bac356f
https://kimberlite.io/rtb/sync/programmatica?u=NzNkM2Q4MTVmYjJiYmEyNQ
https://px.adhigh.net/p/cm/solta?u=Z23Az2Dd1cc
https://kimberlite.io/rtb/sync/getintent?u=xHjxiGPTgaI.AikABlGUBLkoiQ

43 B
0

72ms
72ms

Fetch
image/gif

217.199.220.43
NETRACK-AS Start LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://kimberlite.io/rtb/sync/getintent?u=xHjxiGPTgaI.AikABlGUBLkoiQ
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: HTTP/1.1
Server: 217.199.220.43 , Russian Federation, ASN61400 (NETRACK-AS Start LLC, RU),
Reverse DNS: s3.kimberlite.io
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: *
server-timing: app;srv=s8;dur=0.0003
Content-Length: 43
Date: Thu, 26 Dec 2024 20:47:14 GMT
Content-Type: image/gif
Server: nginx

Redirect headers

x-backend-id: f16-ru
cache-control: no-cache, no-store
location: https://kimberlite.io/rtb/sync/getintent?u=xHjxiGPTgaI.AikABlGUBLkoiQ
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Thu, 26 Dec 2024 20:47:14 GMT
server: nginx

GET
H2

404

cs
rtb.moe.video/ Frame 2EE3
Redirect Chain

https://match.new-programmatic.com/userbind?src=moevideo&id=0c681268701b0bac356f
https://rtb.moe.video/cs?d=19&b=

0
0

46ms
45ms

Fetch

46.148.230.54
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.moe.video/cs?d=19&b=

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Server

46.148.230.54 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

Location: https://rtb.moe.video/cs?d=19&b=
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Thu, 26 Dec 2024 20:47:14 GMT
Vary: Origin
Server: nginx/1.22.1

GET
H2

200

cs
rtb.moe.video/ Frame 2EE3
Redirect Chain

https://www.acint.net/rmatch?dp=115&r=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D20%26b%3D%24%7BUSER_ID%7D
https://rtb.moe.video/cs?d=20&b=0400007FCEC06D675305E56C02F09BCD

0
0

50ms
50ms

Fetch

46.148.230.54
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.moe.video/cs?d=20&b=0400007FCEC06D675305E56C02F09BCD

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Server

46.148.230.54 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: https://rtb.moe.video/cs?d=20&b=0400007FCEC06D675305E56C02F09BCD
expires: Wed, 19 Apr 2000 11:43:00 GMT
content-length: 154
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
date: Thu, 26 Dec 2024 20:47:14 GMT
content-type: text/html
server: openresty

GET
H2

200

match
ads.betweendigital.com/ Frame 2EE3
Redirect Chain

https://acint.net/cmatch?dp=115
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0400007FCEC06D675305E56C02F09BCD

68 B
0

25ms
24ms

Fetch
image/png

188.42.189.197
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0400007FCEC06D675305E56C02F09BCD
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: H2
Server: 188.42.189.197 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68

Redirect headers

expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0400007FCEC06D675305E56C02F09BCD
content-length: 154
date: Thu, 26 Dec 2024 20:47:14 GMT
content-type: text/html
server: openresty

GET
H2 200 set
sync.rambler.ru/ Frame 2EE3 0
0 56ms
54ms Fetch 87.242.127.163
CLOUDRU-AS "Cloud...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.rambler.ru/set?partner_id=f14de6f1-fb82-4373-9a57-bf8347061ce2&id=0c681268701b0bac356f

Requested by

Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.242.127.163 , Russian Federation, ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-sca-elb: ext
content-length: 0
date: Thu, 26 Dec 2024 20:47:14 GMT

GET
H2

200

cs
rtb.moe.video/ Frame 2EE3
Redirect Chain

https://sync.upravel.com/moevideo_outstream/sync
https://rtb.moe.video/cs?d=22&b=fb19b462-1c8f-495b-9393-c17f0bbe89c6

0
0

46ms
46ms

Fetch

46.148.230.54
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.moe.video/cs?d=22&b=fb19b462-1c8f-495b-9393-c17f0bbe89c6

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Server

46.148.230.54 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

access-control-expose-headers: Content-Length,Content-Range
location: https://rtb.moe.video/cs?d=22&b=fb19b462-1c8f-495b-9393-c17f0bbe89c6
access-control-allow-credentials: false
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 0
date: Thu, 26 Dec 2024 20:47:14 GMT
server: nginx
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H/1.1

204
No Content

userbind
match.qtarget.tech/ Frame 2EE3
Redirect Chain

https://sync.opendsp.ru/match/Moevideo?id=0c681268701b0bac356f
https://mc.acint.net/cmatch?dp=226&euid=MjczYWMyZTMyOTg5ZTM0Nw
https://match.qtarget.tech/userbind?src=sape&id=0400007FCEC06D675305E56C02F09BCD

0
0

145ms
57ms

Fetch

95.163.92.180
DINET-AS LLC Digi...

General

Check archive.org

Show headers Download Go to

Full URL: https://match.qtarget.tech/userbind?src=sape&id=0400007FCEC06D675305E56C02F09BCD
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: HTTP/1.1
Server: 95.163.92.180 , Russian Federation, ASN12695 (DINET-AS LLC Digital Network, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Access-Control-Allow-Origin: *
Content-Length: 0
Date: Thu, 26 Dec 2024 20:47:14 GMT
Vary: Origin
Server: nginx/1.22.1
Connection: keep-alive
Access-Control-Allow-Credentials: true

Redirect headers

expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: https://match.qtarget.tech/userbind?src=sape&id=0400007FCEC06D675305E56C02F09BCD
content-length: 154
date: Thu, 26 Dec 2024 20:47:14 GMT
content-type: text/html
server: openresty

GET
H2

200

cs
rtb.moe.video/ Frame 2EE3
Redirect Chain

https://a.adspector.io/sync?ssp=22
https://rtb.moe.video/cs?d=25&b=a259530f-6729-4e22-8d0f-4df6394ff7d0

0
0

45ms
45ms

Fetch

46.148.230.54
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.moe.video/cs?d=25&b=a259530f-6729-4e22-8d0f-4df6394ff7d0

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Server

46.148.230.54 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0nCUOapLvuqYzZKwbcAkPweGTTAl2bjvruPD3KXIQRG5jZbRMudDaw3acHp2N7JTv2ODUInbbk2Ix7T8zI7IuVbx8qMP20LGwWof%2FfFCyaKIVPQrxgEF12cqNr%2FtiSwqog%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20793&min_rtt=17271&rtt_var=7333&sent=17&recv=15&lost=0&retrans=0&sent_bytes=6961&recv_bytes=5730&delivery_rate=14475&cwnd=12000&unsent_bytes=0&cid=be165314f738eeac&ts=2880&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 26 Dec 2024 20:47:14 GMT
content-type: text/plain
vary: Origin
priority: u=1,i
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location: https://rtb.moe.video/cs?d=25&b=a259530f-6729-4e22-8d0f-4df6394ff7d0
access-control-allow-credentials: true
cf-ray: 8f83ecc08e063a52-FRA
content-length: 0
server: cloudflare

GET
H2

200

cs
rtb.moe.video/ Frame 2EE3
Redirect Chain

https://otclick-adv.ru/core/match.gif?s=54&reference=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D26%26b%3D%23%7BUID%7D
https://rtb.moe.video/cs?d=26&b=VUf9hvCPZuAANkV

0
0

45ms
45ms

Fetch

46.148.230.54
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.moe.video/cs?d=26&b=VUf9hvCPZuAANkV

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Server

46.148.230.54 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
location: https://rtb.moe.video/cs?d=26&b=VUf9hvCPZuAANkV
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-length: 124
date: Thu, 26 Dec 2024 20:47:14 GMT
server: nginx/1.27.0

GET
H2

200

cs
rtb.moe.video/ Frame 2EE3
Redirect Chain

https://sync.techdsp.ru/sync?src=mvn&uid=0c681268701b0bac356f
https://x01.aidata.io/0.gif?pid=0914828&id=PFcosvbaT-qj18vUdp8AVg&dest=https%3A%2F%2Frtb.moe.video%2Fcs%3Fd%3D27%26b%3DPFcosvbaT-qj18vUdp8AVg
https://rtb.moe.video/cs?d=27&b=PFcosvbaT-qj18vUdp8AVg

0
0

45ms
45ms

Fetch

46.148.230.54
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.moe.video/cs?d=27&b=PFcosvbaT-qj18vUdp8AVg

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Server

46.148.230.54 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

date: Thu, 26 Dec 2024 20:47:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
location: https://rtb.moe.video/cs?d=27&b=PFcosvbaT-qj18vUdp8AVg
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: Thu, 26 Dec 2024 20:47:13 GMT
content-length: 0
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
date: Thu, 26 Dec 2024 20:47:14 GMT
last-modified: Thu, 26 Dec 2024 20:47:13 GMT
server: nginx

GET
H2

200

cs
rtb.moe.video/ Frame 2EE3
Redirect Chain

https://sync.upravel.com/moevideo_nord/sync
https://rtb.moe.video/cs?d=28&b=fb19b462-1c8f-495b-9393-c17f0bbe89c6

0
0

44ms
44ms

Fetch

46.148.230.54
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.moe.video/cs?d=28&b=fb19b462-1c8f-495b-9393-c17f0bbe89c6

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Server

46.148.230.54 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

access-control-expose-headers: Content-Length,Content-Range
location: https://rtb.moe.video/cs?d=28&b=fb19b462-1c8f-495b-9393-c17f0bbe89c6
access-control-allow-credentials: false
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 0
date: Thu, 26 Dec 2024 20:47:14 GMT
server: nginx
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H/1.1 200
OK cm.gif Show response
ad.mail.ru/ Frame 2EE3 43 B
451 B 160ms
56ms Fetch
image/gif 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/cm.gif?p=170&id=0c681268701b0bac356f
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Cache-Control: max-age=3600
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy: same-origin
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Expires: Thu, 26 Dec 2024 21:47:14 GMT
Cross-Origin-Embedder-Policy: require-corp
Content-Length: 43
Date: Thu, 26 Dec 2024 20:47:14 GMT
Content-Type: image/gif
Last-Modified: Thu, 26 Dec 2024 20:47:14 GMT
Server: nginx

GET
H/1.1 200
OK cm.gif Show response
ad.mail.ru/ Frame 2EE3 43 B
452 B 162ms
56ms Fetch
image/gif 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/cm.gif?p=173&id=0c681268701b0bac356f
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Cache-Control: max-age=21600
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy: same-origin
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Expires: Fri, 27 Dec 2024 02:47:14 GMT
Cross-Origin-Embedder-Policy: require-corp
Content-Length: 43
Date: Thu, 26 Dec 2024 20:47:14 GMT
Content-Type: image/gif
Last-Modified: Thu, 26 Dec 2024 20:47:14 GMT
Server: nginx

GET
H2

200

cs
rtb.moe.video/ Frame 2EE3
Redirect Chain

https://match.ohmy.bid/cm?ssp=mvban
https://rtb.moe.video/cs?d=31&b=575e70ae-4cea-4fdc-8aae-55dbc0a4c1dd

0
0

51ms
50ms

Fetch

46.148.230.54
SELECTEL JSC Sele...

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.moe.video/cs?d=31&b=575e70ae-4cea-4fdc-8aae-55dbc0a4c1dd

Requested by

Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/

Protocol

Server

46.148.230.54 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

location: https://rtb.moe.video/cs?d=31&b=575e70ae-4cea-4fdc-8aae-55dbc0a4c1dd
bidder: bid-15 1.1744.42f7ffd6
content-length: 0
date: Thu, 26 Dec 2024 20:47:14 GMT
server: nginx
access-control-allow-credentials: true

GET
H/1.1 204
No Content rle.cgi
ev.adriver.ru/cgi-bin/ Frame 2EE3 0
210 B 46ms
45ms Image
text/plain 195.209.109.27
ADRIVER LLC AdRiver

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=774375&bt=21&cid=A0KVjyUHbA9ofDVoLF50CBA&custom=180=1&pass=A0KVjyUHbA9ofDVoLF50CBA
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.209.109.27 , Russian Federation, ASN52007 (ADRIVER LLC AdRiver, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Date: Thu, 26 Dec 2024 20:47:14 GMT
Pragma: no-cache;
Connection: keep-alive

GET
H/1.1 204
No Content rle.cgi
ev.adriver.ru/cgi-bin/ Frame 2EE3 0
210 B 92ms
47ms Image
text/plain 195.209.109.27
ADRIVER LLC AdRiver

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=790715&bt=21&cid=A0KVjyUHbA9ofDVoLF50CBA&custom=180=1&pass=ieyewvtkpfkuqysbhfxwmrcwn5gemnjqinbec---
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.209.109.27 , Russian Federation, ASN52007 (ADRIVER LLC AdRiver, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Date: Thu, 26 Dec 2024 20:47:14 GMT
Pragma: no-cache;
Connection: keep-alive

POST
H/1.1 200
OK /
privacy-cs.mail.ru/fp/ Frame B743 0
0 72ms
71ms Fetch
application/octet-stream 2a00:1148:1000:101:8:3:0:17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy-cs.mail.ru/fp/?id=cI7jr2SP06agLQhr8dr0T
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/sync-loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:1148:1000:101:8:3:0:17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=7200
Timing-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 26 Dec 2024 22:47:14 GMT
Access-Control-Allow-Origin: https://hd.lordseriy.christmas
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Date: Thu, 26 Dec 2024 20:47:14 GMT
Content-Type: application/octet-stream
Server: nginx

POST
H2 200 99270249
mc.yandex.com/webvisor/ 43 B
0 65ms
63ms Fetch
image/gif 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/99270249?wv-part=2&wv-type=7&wmode=0&wv-hit=80971784&page-url=https%3A%2F%2Fhd.lordseriy.christmas%2F&rn=704378355&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1735246035%3Aw%3A1600x1200%3Av%3A1551%3Az%3A60%3Ai%3A20241226214714%3Au%3A1735246030519732062%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1735246035&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 26-Dec-2024 20:47:14 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 43
x-xss-protection: 1; mode=block
date: Thu, 26 Dec 2024 20:47:14 GMT
last-modified: Thu, 26-Dec-2024 20:47:14 GMT
content-type: image/gif

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ Frame B743 43 B
640 B 56ms
56ms Image
image/gif 81.19.89.16
RAMBLER-TELECOM-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kraken.rambler.ru/cnt/v2/?event_type=tech&event_name=ping&project_id=7627570&session_id=57827816_1735246032477&session_number=1&session_event_number=2&version=3.16.50&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.7627570.2027199106.1735246032476&adtech_uid=28316ae1-3eb2-4f89-b307-11526ef0f10a&adtech_uid_scope=lordseriy.christmas&fingerprint_ip=pA8AAENKs1cOuH7NAZvzAAA%3D&ym_uid=1735246030519732062&url=https%3A%2F%2Fhd.lordseriy.christmas%2F&request_id=1735246032.476-482776279&event_id=130660374802630&meta=%7B%22scroll%22%3A%7B%22min%22%3A0%2C%22max%22%3A236%2C%22current%22%3A0%7D%2C%22doscroll%22%3A%7B%22min%22%3A0%2C%22max%22%3A86%2C%22current%22%3A0%7D%2C%22num%22%3A1%2C%22duration%22%3A5%7D&rn=1096212900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS Rambler Internet Holding LLC, RU),

Reverse DNS

kraken.rambler.ru

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-sca-elb: t100-exd
content-length: 43
date: Thu, 26 Dec 2024 20:47:17 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: content-type

GET
H2 200 reg
stat.adlook.me/ 0
44 B 53ms
53ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=daw6H4i8c5dDNGtFcAHKe1UO9Cjxr1zwH51oVnIe5rkHvme%2BKsZpYrvrECdyoUW97RDdrDpTdtcnY%2FipRWFfB2A%2F57rCcBy3vVbKIJPsSqJyZm61Nb60g5uUs%2FnvDnddr9FLrpm6NQNtLgC9cib6XKgBodsaMhD0L%2BxSx0aGiMWo0qVYxli00y%2B%2FXbUzeKYJdt8h5LL%2BpXOnxvCeo6Qy8pwt5BMgncEpTFbdr75Pyg3p1N6K9we6Qw%3D%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524603908399325&_adlk_ts=173524603908399325
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:18 GMT
server: Microsoft-IIS/10.0

GET
H2 200 linear-vpaid-v1.js Show response
cdn.instreamvideo.ru/storage/linear/ Frame 8C13 165 KB
0 203ms
75ms Script
application/javascript 2a02:2d9:3:e::12
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js

Requested by

Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:2d9:3:e::12 , United Kingdom, ASN57304 (RETNRU-AS JSC "RetnNet", RU),

Reverse DNS

Software

nginx/1.27.3 /

Resource Hash

f9ace719aab268fea2590b8a040a9816646150476aa10d95aac31abf60a64653

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-location-name: special-1
content-encoding: br
etag: W/"674d5e82-293df"
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 02 Dec 2024 07:15:14 GMT
server: nginx/1.27.3

GET
H2 200 top100.js Show response
st.top100.ru/top100/ Frame 8C13 133 KB
0 214ms
19ms Script
application/javascript 151.236.71.248
CDNetworks GLOBAL...

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNetworks GLOBAL CLOUD NETWORK LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: cdc9f17e47e9bbe67f5eace6a2980bc26dda093b18798cf16f56636af8b14398

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-amz-content-sha256: cdc9f17e47e9bbe67f5eace6a2980bc26dda093b18798cf16f56636af8b14398
x-amz-tagging-count: 0
x-cdn-edge-id: 2315
x-cdn-edge-cache: HIT
x-cdn-request-id: 6f5acd9b0b4d0dca33aa4dab6285fa79
content-encoding: gzip
x-amz-meta-s3cmd-attrs: atime:1734617865/ctime:1734619546/gid:0/gname:root/md5:3078b8dd6174af394c940cc90f007709/mode:33188/mtime:1734617865/uid:0/uname:root
etag: W/"3078b8dd6174af394c940cc90f007709"
x-amz-request-id: 00000194045C6E5FA0E69CD4B28CF638
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: application/javascript
last-modified: Thu, 19 Dec 2024 14:45:48 GMT
server: nginx
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

GET
H2 204 cmf
sp.ohmy.bid/ Frame 3ADD 0
0 22ms
22ms Document
text/plain 167.235.9.235
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.ohmy.bid/cmf?0.027435386337030243
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 167.235.9.235 Bühl, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.235.9.235.167.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

Referer: https://hd.lordseriy.christmas/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
bidder: bid-28 1.1744.42f7ffd6
date: Thu, 26 Dec 2024 20:47:19 GMT
server: nginx

GET
H/1.1 200
OK sync-loader.js Show response
ad.mail.ru/static/ Frame 8C13 155 KB
0 109ms
108ms Script
application/javascript 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/static/sync-loader.js
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5e5ebd5298cb9dab18bda0c5076bb0c3422876cd52d442f2ff93564c071d786c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=600
Timing-Allow-Origin: *
Content-Encoding: gzip
Connection: keep-alive
Expires: Thu, 26 Dec 2024 20:57:12 GMT
Access-Control-Allow-Origin: *
Date: Thu, 26 Dec 2024 20:47:12 GMT
Content-Type: application/javascript;charset=UTF-8
Server: nginx

GET
H2 200 black.jpg
inplayer.ru/video/ Frame 8C13 2 KB
0 414ms
52ms Image
image/jpeg 2a02:2d9:3:e::32
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inplayer.ru/video/black.jpg
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:2d9:3:e::32 , United Kingdom, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 68757ecc2c822ec174f9555b734fa6f139f6db60fcffd26195ac037ffeb0ad2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

etag: "5af40ea8-787"
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1927
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/jpeg
last-modified: Thu, 10 May 2018 09:19:36 GMT
server: nginx/1.27.2

GET
H3 200 ads.xml Show response
instreamvideo.ru/c/ Frame 8C13 0
365 B 120ms
119ms XHR
text/xml 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://instreamvideo.ru/c/ads.xml?pid=739&vr=1&rid=638708536306144855&ss=SSsWSS6sn0OZ&idntfy=VUf9hvCPZuAANkV&pw=420&ph=236&dl=https%3A%2F%2Fhd.lordseriy.christmas%2F&dc=https%3A%2F%2Fhd.lordseriy.christmas%2F
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: origin-when-cross-origin
expires: Thursday, 01-Jan-1970 00:00:00 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 0
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:19 GMT
content-type: text/xml; charset=utf-8
server: nginx/1.27.1

GET
H2 200 /
www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100103-posid2155078/ Frame 8C13 43 B
415 B 63ms
62ms Image
image/gif 2001:6d0:4001::226
ADFACT JSC ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100103-posid2155078/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT JSC ADFACT, RU),

Reverse DNS

Software

ms-counter-4.4.3/1.22.1 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=2678400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:01 GMT
content-length: 43
date: Thu, 26 Dec 2024 20:47:19 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.4.3/1.22.1

GET
H2 200 tmsec=rambler_cid1100106-posid2155081
www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/ Frame 8C13 43 B
415 B 62ms
61ms Image
image/gif 2001:6d0:4001::226
ADFACT JSC ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100106-posid2155081

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT JSC ADFACT, RU),

Reverse DNS

Software

ms-counter-4.4.3/1.22.1 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=2678400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:01 GMT
content-length: 43
date: Thu, 26 Dec 2024 20:47:19 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.4.3/1.22.1

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ Frame 8C13 43 B
639 B 57ms
57ms Image
image/gif 81.19.89.16
RAMBLER-TELECOM-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=7627570&session_id=57827816_1735246032477&session_number=1&session_event_number=3&version=3.16.50&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.7627570.2027199106.1735246032476&adtech_uid=28316ae1-3eb2-4f89-b307-11526ef0f10a&adtech_uid_scope=lordseriy.christmas&fingerprint_ip=pA8AAENKs1cOuH7NAZvzAAA%3D&ym_uid=1735246030519732062&url=https%3A%2F%2Fhd.lordseriy.christmas%2F&request_id=1735246039.122-365119938&event_id=488860391238956&meta=%7B%22title%22%3A%22%22%2C%22referer%22%3A%22https%3A%2F%2Fhd.lordseriy.christmas%2F%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%22420x236%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22nl-NL%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%22-60%22%7D&rn=1595272242

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS Rambler Internet Holding LLC, RU),

Reverse DNS

kraken.rambler.ru

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-sca-elb: t100-exd
content-length: 43
date: Thu, 26 Dec 2024 20:47:19 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: content-type

GET
H2 200 reg
stat.adlook.me/ 0
44 B 52ms
52ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=HM3uaWD08E%2F%2B2G2TQhGAirj8cJm7E8EXVWSGiF375obpUd3%2FanEEPDnVS0Hp%2BvxVGGdmGTkGvPQow7kpUMmUjBW%2FP2guKwBykok2EZ%2F14bCur4UEnWmLAd9pNWcC2UfEzIqgxmx0uaPtRMFtuzJ6hbBoVZMEQYBxLSEk%2BdVqyn6m0f6g5ACxv824ibWAXkahms1Vcs1FQEbpWOcnEW%2BLxeIVNxj9bm0sp%2B0oOxsk3l7Cl1qjoN7Wsw%3D%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524604062773787&_adlk_ts=173524604062773787
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:19 GMT
server: Microsoft-IIS/10.0

GET
H2 200 linear-vpaid-v1.js Show response
cdn.instreamvideo.ru/storage/linear/ Frame 69E8 165 KB
0 203ms
75ms Script
application/javascript 2a02:2d9:3:e::12
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js

Requested by

Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:2d9:3:e::12 , United Kingdom, ASN57304 (RETNRU-AS JSC "RetnNet", RU),

Reverse DNS

Software

nginx/1.27.3 /

Resource Hash

f9ace719aab268fea2590b8a040a9816646150476aa10d95aac31abf60a64653

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-location-name: special-1
content-encoding: br
etag: W/"674d5e82-293df"
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 02 Dec 2024 07:15:14 GMT
server: nginx/1.27.3

GET
H2 200 top100.js Show response
st.top100.ru/top100/ Frame 69E8 133 KB
0 214ms
19ms Script
application/javascript 151.236.71.248
CDNetworks GLOBAL...

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNetworks GLOBAL CLOUD NETWORK LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: cdc9f17e47e9bbe67f5eace6a2980bc26dda093b18798cf16f56636af8b14398

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-amz-content-sha256: cdc9f17e47e9bbe67f5eace6a2980bc26dda093b18798cf16f56636af8b14398
x-amz-tagging-count: 0
x-cdn-edge-id: 2315
x-cdn-edge-cache: HIT
x-cdn-request-id: 6f5acd9b0b4d0dca33aa4dab6285fa79
content-encoding: gzip
x-amz-meta-s3cmd-attrs: atime:1734617865/ctime:1734619546/gid:0/gname:root/md5:3078b8dd6174af394c940cc90f007709/mode:33188/mtime:1734617865/uid:0/uname:root
etag: W/"3078b8dd6174af394c940cc90f007709"
x-amz-request-id: 00000194045C6E5FA0E69CD4B28CF638
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: application/javascript
last-modified: Thu, 19 Dec 2024 14:45:48 GMT
server: nginx
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

GET
H2 200 /
www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100103-posid2155078/ Frame 69E8 43 B
415 B 65ms
65ms Image
image/gif 2001:6d0:4001::226
ADFACT JSC ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100103-posid2155078/

Requested by

Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT JSC ADFACT, RU),

Reverse DNS

Software

ms-counter-4.4.3/1.22.1 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=2678400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:01 GMT
content-length: 43
date: Thu, 26 Dec 2024 20:47:20 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.4.3/1.22.1

GET
H2 200 tmsec=rambler_cid1100106-posid2155081
www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/ Frame 69E8 43 B
415 B 66ms
66ms Image
image/gif 2001:6d0:4001::226
ADFACT JSC ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100106-posid2155081

Requested by

Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT JSC ADFACT, RU),

Reverse DNS

Software

ms-counter-4.4.3/1.22.1 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=2678400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:01 GMT
content-length: 43
date: Thu, 26 Dec 2024 20:47:20 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.4.3/1.22.1

GET
H/1.1 200
OK sync-loader.js Show response
ad.mail.ru/static/ Frame 69E8 155 KB
0 109ms
108ms Script
application/javascript 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/static/sync-loader.js
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5e5ebd5298cb9dab18bda0c5076bb0c3422876cd52d442f2ff93564c071d786c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=600
Timing-Allow-Origin: *
Content-Encoding: gzip
Connection: keep-alive
Expires: Thu, 26 Dec 2024 20:57:12 GMT
Access-Control-Allow-Origin: *
Date: Thu, 26 Dec 2024 20:47:12 GMT
Content-Type: application/javascript;charset=UTF-8
Server: nginx

GET
H2 200 black.jpg
inplayer.ru/video/ Frame 69E8 2 KB
0 414ms
52ms Image
image/jpeg 2a02:2d9:3:e::32
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inplayer.ru/video/black.jpg
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:2d9:3:e::32 , United Kingdom, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 68757ecc2c822ec174f9555b734fa6f139f6db60fcffd26195ac037ffeb0ad2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

etag: "5af40ea8-787"
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1927
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/jpeg
last-modified: Thu, 10 May 2018 09:19:36 GMT
server: nginx/1.27.2

GET
H3 200 ads.xml Show response
instreamvideo.ru/c/ Frame 69E8 13 KB
3 KB 2213ms
2213ms XHR
text/xml 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://instreamvideo.ru/c/ads.xml?pid=741&vr=1&rid=638708536306150298&ss=SSq2SoFUAsmh&idntfy=VUf9hvCPZuAANkV&pw=420&ph=236&dl=https%3A%2F%2Fhd.lordseriy.christmas%2F&dc=https%3A%2F%2Fhd.lordseriy.christmas%2F
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: f4f1ed7df1f4e0ef3c1b76edf432b83d4281fcff90abf35c9787113d24dcd78b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: origin-when-cross-origin
expires: Thursday, 01-Jan-1970 00:00:00 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:20 GMT
content-type: text/xml; charset=utf-8
server: nginx/1.27.1

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ Frame 69E8 43 B
640 B 55ms
55ms Image
image/gif 81.19.89.16
RAMBLER-TELECOM-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=7627570&session_id=57827816_1735246032477&session_number=1&session_event_number=4&version=3.16.50&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.7627570.2027199106.1735246032476&adtech_uid=28316ae1-3eb2-4f89-b307-11526ef0f10a&adtech_uid_scope=lordseriy.christmas&fingerprint_ip=pA8AAENKs1cOuH7NAZvzAAA%3D&ym_uid=1735246030519732062&url=https%3A%2F%2Fhd.lordseriy.christmas%2F&request_id=1735246040.656-1747486370&event_id=207360406575318&meta=%7B%22title%22%3A%22%22%2C%22referer%22%3A%22https%3A%2F%2Fhd.lordseriy.christmas%2F%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%22420x236%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22nl-NL%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%22-60%22%7D&rn=96980592

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS Rambler Internet Holding LLC, RU),

Reverse DNS

kraken.rambler.ru

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-sca-elb: t100-exd
content-length: 43
date: Thu, 26 Dec 2024 20:47:20 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: content-type

POST
H2 200 99270249
mc.yandex.com/webvisor/ 43 B
0 69ms
68ms Fetch
image/gif 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/99270249?wv-part=3&wv-type=7&wmode=0&wv-hit=80971784&page-url=https%3A%2F%2Fhd.lordseriy.christmas%2F&rn=315054981&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1735246041%3Aw%3A1600x1200%3Av%3A1551%3Az%3A60%3Ai%3A20241226214720%3Au%3A1735246030519732062%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1735246041&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 26-Dec-2024 20:47:20 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 43
date: Thu, 26 Dec 2024 20:47:20 GMT
x-xss-protection: 1; mode=block
content-type: image/gif
last-modified: Thu, 26-Dec-2024 20:47:20 GMT

GET
H3 200 501998_1711094005.webp
hd.lordseriy.christmas/uploads/posts/2024-03/ 69 KB
70 KB 138ms
137ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-03/501998_1711094005.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f27f5acf4fbe1b7827472d070dbc4a1f592213b81aa051351ec71c627139f20

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=61tAZbVCIgFJeZM4PkMMoj7M9ddLlaE4pRbv5vNomM3iyFZhVj%2Bg%2FfSquy0HZSWG5rbd2RpylEMIVd9Wz%2BsmXmC6w6sgLE3IGtq%2BqNJk554lwB880S0sGf2KrY%2FdOzIhwNqEpcE%2Bcs%2Bh"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83ecf5fdf49f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19006&min_rtt=17651&rtt_var=811&sent=3623&recv=260&lost=0&retrans=0&sent_bytes=4239297&recv_bytes=38891&delivery_rate=58582&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=13291&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 70802
date: Thu, 26 Dec 2024 20:47:22 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:30 GMT
vary: Accept-Encoding
priority: u=3,i

GET
H2 200 ads.xml Show response
mediatoday.ru/c/ Frame 69E8 12 B
589 B 156ms
156ms XHR
text/xml 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://mediatoday.ru/c/ads.xml?pid=9525&vr=1&rid=638708536306150298&dl=https%3A%2F%2Fhd.lordseriy.christmas%2F&idntfy=VUf9hvCPZuAANkV&pw=420&ph=236
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: 21b398232e73bcfb7e782233055a6fbc1dbb3faf8736e512c216329555da2529

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: origin-when-cross-origin
expires: Thursday, 01-Jan-1970 00:00:00 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:22 GMT
content-type: text/xml; charset=utf-8
server: nginx/1.27.1

GET
H3 200 e.gif
instreamvideo.ru/c/ Frame 69E8 43 B
298 B 82ms
82ms Image
image/gif 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instreamvideo.ru/c/e.gif?eid=94&bid=39247&pid=741&ll=https%3A%2F%2Fhd.lordseriy.christmas%2F&pw=420&ph=236&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SSq2SoFUAsmh&idntfy=VUf9hvCPZuAANkV
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:22 GMT
content-type: image/gif
server: nginx/1.27.1

POST
H2 200 99270249
mc.yandex.com/webvisor/ 43 B
0 65ms
63ms Fetch
image/gif 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/99270249?wv-part=4&wv-type=7&wmode=0&wv-hit=80971784&page-url=https%3A%2F%2Fhd.lordseriy.christmas%2F&rn=55635080&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1735246043%3Aw%3A1600x1200%3Av%3A1551%3Az%3A60%3Ai%3A20241226214722%3Au%3A1735246030519732062%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1735246043&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 26-Dec-2024 20:47:22 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 43
x-xss-protection: 1; mode=block
date: Thu, 26 Dec 2024 20:47:22 GMT
content-type: image/gif
last-modified: Thu, 26-Dec-2024 20:47:22 GMT

GET
H2 200 reg
stat.adlook.me/ 0
44 B 52ms
51ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=jNkjkOqyctHuaJLJGhONsWcwttxVzO3ThwqhJWmGch5pzYXhEhHvBllrv2YlZ3dF3%2FKoiWBzmtK0KpV%2B4TzunhVu1fa5amSzfuQ18hYRCiIvwDuGEw7D8Yek62zr1lQKUtR%2FtY1hFIyDN1vQ%2BnPfe4nVgETwI9gnZMShjJt9ED1IESvGkD8ufIL7VN76%2Bgj6B1mwGdF%2F72aCPNK1oPwV92Cmm8wbMI95mY2hsk9wRUylHPmgT8f5MQ%3D%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=17352460443173727&_adlk_ts=17352460443173727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:23 GMT
server: Microsoft-IIS/10.0

GET
H2 200 linear-vpaid-v1.js Show response
cdn.instreamvideo.ru/storage/linear/ Frame E29E 165 KB
0 0ms
0ms Script
application/javascript 2a02:2d9:3:e::12
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:2d9:3:e::12 , United Kingdom, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS
Software: nginx/1.27.3 /
Resource Hash: f9ace719aab268fea2590b8a040a9816646150476aa10d95aac31abf60a64653

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-location-name: special-1
content-encoding: br
etag: W/"674d5e82-293df"
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 02 Dec 2024 07:15:14 GMT
server: nginx/1.27.3

GET
H2 200 top100.js Show response
st.top100.ru/top100/ Frame E29E 133 KB
0 0ms
0ms Script
application/javascript 151.236.71.248
CDNetworks GLOBAL...

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNetworks GLOBAL CLOUD NETWORK LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: cdc9f17e47e9bbe67f5eace6a2980bc26dda093b18798cf16f56636af8b14398

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-amz-content-sha256: cdc9f17e47e9bbe67f5eace6a2980bc26dda093b18798cf16f56636af8b14398
x-amz-tagging-count: 0
x-cdn-edge-id: 2315
x-cdn-edge-cache: HIT
x-cdn-request-id: 6f5acd9b0b4d0dca33aa4dab6285fa79
content-encoding: gzip
x-amz-meta-s3cmd-attrs: atime:1734617865/ctime:1734619546/gid:0/gname:root/md5:3078b8dd6174af394c940cc90f007709/mode:33188/mtime:1734617865/uid:0/uname:root
etag: W/"3078b8dd6174af394c940cc90f007709"
x-amz-request-id: 00000194045C6E5FA0E69CD4B28CF638
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: application/javascript
last-modified: Thu, 19 Dec 2024 14:45:48 GMT
server: nginx
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

GET
H/1.1 200
OK sync-loader.js Show response
ad.mail.ru/static/ Frame E29E 155 KB
0 1ms
1ms Script
application/javascript 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/static/sync-loader.js
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5e5ebd5298cb9dab18bda0c5076bb0c3422876cd52d442f2ff93564c071d786c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Cache-Control: max-age=600
Timing-Allow-Origin: *
Content-Encoding: gzip
Expires: Thu, 26 Dec 2024 20:57:12 GMT
Access-Control-Allow-Origin: *
Date: Thu, 26 Dec 2024 20:47:12 GMT
Content-Type: application/javascript;charset=UTF-8
Server: nginx

GET
H2 200 black.jpg
inplayer.ru/video/ Frame E29E 2 KB
0 1ms
1ms Image
image/jpeg 2a02:2d9:3:e::32
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inplayer.ru/video/black.jpg
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:2d9:3:e::32 , United Kingdom, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 68757ecc2c822ec174f9555b734fa6f139f6db60fcffd26195ac037ffeb0ad2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

etag: "5af40ea8-787"
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1927
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/jpeg
last-modified: Thu, 10 May 2018 09:19:36 GMT
server: nginx/1.27.2

GET
H3 200 ads.xml Show response
instreamvideo.ru/c/ Frame E29E 13 KB
3 KB 1919ms
1919ms XHR
text/xml 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://instreamvideo.ru/c/ads.xml?pid=741&vr=1&rid=638708536306154211&ss=SSieey317s6Q&idntfy=VUf9hvCPZuAANkV&pw=420&ph=236&dl=https%3A%2F%2Fhd.lordseriy.christmas%2F&dc=https%3A%2F%2Fhd.lordseriy.christmas%2F
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: fd05299a610e78152f005ce7de9bfd5859d8fb1e5dddd9c130ff613fde24bf83

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: origin-when-cross-origin
expires: Thursday, 01-Jan-1970 00:00:00 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:24 GMT
content-type: text/xml; charset=utf-8
server: nginx/1.27.1

GET
H2 200 /
www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100103-posid2155078/ Frame E29E 43 B
415 B 69ms
67ms Image
image/gif 2001:6d0:4001::226
ADFACT JSC ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100103-posid2155078/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT JSC ADFACT, RU),

Reverse DNS

Software

ms-counter-4.4.3/1.22.1 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=2678400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:01 GMT
content-length: 43
date: Thu, 26 Dec 2024 20:47:24 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.4.3/1.22.1

GET
H2 200 tmsec=rambler_cid1100106-posid2155081
www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/ Frame E29E 43 B
415 B 70ms
68ms Image
image/gif 2001:6d0:4001::226
ADFACT JSC ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100106-posid2155081

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT JSC ADFACT, RU),

Reverse DNS

Software

ms-counter-4.4.3/1.22.1 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=2678400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:01 GMT
content-length: 43
date: Thu, 26 Dec 2024 20:47:24 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.4.3/1.22.1

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ Frame E29E 43 B
640 B 55ms
55ms Image
image/gif 81.19.89.16
RAMBLER-TELECOM-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=7627570&session_id=57827816_1735246032477&session_number=1&session_event_number=5&version=3.16.50&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.7627570.2027199106.1735246032476&adtech_uid=28316ae1-3eb2-4f89-b307-11526ef0f10a&adtech_uid_scope=lordseriy.christmas&fingerprint_ip=pA8AAENKs1cOuH7NAZvzAAA%3D&ym_uid=1735246030519732062&url=https%3A%2F%2Fhd.lordseriy.christmas%2F&request_id=1735246044.351-421853889&event_id=816760443529257&meta=%7B%22title%22%3A%22%22%2C%22referer%22%3A%22https%3A%2F%2Fhd.lordseriy.christmas%2F%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%22420x236%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22nl-NL%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%22-60%22%7D&rn=249361725

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS Rambler Internet Holding LLC, RU),

Reverse DNS

kraken.rambler.ru

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-sca-elb: t100-exd
content-length: 43
date: Thu, 26 Dec 2024 20:47:24 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: content-type

POST
H2 200 99270249
mc.yandex.com/webvisor/ 43 B
0 68ms
67ms Fetch
image/gif 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/99270249?wv-part=5&wv-type=7&wmode=0&wv-hit=80971784&page-url=https%3A%2F%2Fhd.lordseriy.christmas%2F&rn=1065272061&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1735246045%3Aw%3A1600x1200%3Av%3A1551%3Az%3A60%3Ai%3A20241226214724%3Au%3A1735246030519732062%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1735246045&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 26-Dec-2024 20:47:24 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 43
date: Thu, 26 Dec 2024 20:47:24 GMT
x-xss-protection: 1; mode=block
content-type: image/gif
last-modified: Thu, 26-Dec-2024 20:47:24 GMT

POST
H2 200 1
mc.yandex.com/watch/99270249/ 43 B
503 B 68ms
67ms Ping
image/gif 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/99270249/1?page-url=https%3A%2F%2Fhd.lordseriy.christmas%2F&charset=utf-8&hittoken=1735246030_c990e5459aa5afe64651572286f4bc72cc910ffb655383a0340854c3da6c3866&browser-info=nb%3A1%3Acl%3A415%3Aar%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1551%3Acn%3A1%3Adp%3A1%3Als%3A794929952921%3Ahid%3A80971784%3Az%3A60%3Ai%3A20241226214725%3Aet%3A1735246045%3Ac%3A1%3Arn%3A288024414%3Arqn%3A2%3Au%3A1735246030519732062%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C0%2C1233%2C1233%2C0%2C981%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1735246029340%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1735246045&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(2)aw(1)rcm(1)cdl(na)eco(42009092)dss(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22ct%22%3A%5B%5D%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials: true
expires: Thu, 26-Dec-2024 20:47:25 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 43
date: Thu, 26 Dec 2024 20:47:25 GMT
x-xss-protection: 1; mode=block
content-type: image/gif
last-modified: Thu, 26-Dec-2024 20:47:25 GMT

POST
H2 200 1
mc.yandex.com/watch/93399771/ 43 B
74 B 66ms
66ms Ping
image/gif 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/93399771/1?page-url=https%3A%2F%2Fhd.lordseriy.christmas%2F&charset=utf-8&hittoken=1735246030_497f5aeccd09c4537456c340a632df58b3a8255aa0d302989f3859d984cc8727&browser-info=nb%3A1%3Acl%3A73%3Aar%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1551%3Acn%3A2%3Adp%3A1%3Als%3A616535466686%3Ahid%3A80971784%3Az%3A60%3Ai%3A20241226214725%3Aet%3A1735246046%3Ac%3A1%3Arn%3A559068473%3Arqn%3A3%3Au%3A1735246030519732062%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1735246029340%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1735246046&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(3)aw(1)rcm(1)cdl(na)eco(42009088)dss(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22ct%22%3A%5B%5D%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 26-Dec-2024 20:47:25 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 43
x-xss-protection: 1; mode=block
date: Thu, 26 Dec 2024 20:47:25 GMT
last-modified: Thu, 26-Dec-2024 20:47:25 GMT
content-type: image/gif

GET
H3 200 ads.xml Show response
mediatoday.ru/c/ Frame E29E 12 B
380 B 77ms
77ms XHR
text/xml 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://mediatoday.ru/c/ads.xml?pid=9525&vr=1&rid=638708536306154211&dl=https%3A%2F%2Fhd.lordseriy.christmas%2F&idntfy=VUf9hvCPZuAANkV&pw=420&ph=236
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: 21b398232e73bcfb7e782233055a6fbc1dbb3faf8736e512c216329555da2529

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: origin-when-cross-origin
expires: Thursday, 01-Jan-1970 00:00:00 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:26 GMT
content-type: text/xml; charset=utf-8
server: nginx/1.27.1

GET
H3 200 e.gif
instreamvideo.ru/c/ Frame E29E 43 B
298 B 68ms
68ms Image
image/gif 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://instreamvideo.ru/c/e.gif?eid=94&bid=39247&pid=741&ll=https%3A%2F%2Fhd.lordseriy.christmas%2F&pw=420&ph=236&ow=0&oh=0&sw=0&sh=0&pd=0&ss=SSieey317s6Q&idntfy=VUf9hvCPZuAANkV
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:26 GMT
content-type: image/gif
server: nginx/1.27.1

GET
H2 200 reg
stat.adlook.me/ 0
44 B 52ms
52ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=eivkgvOm%2BFW4r2l6GkIpz8PnxrUjIJCjvk70rJZBeG2IfBZohcwFX65I9XCk9f35Wq8E5vKZMx4%2F%2FUsnp0CtldWNXmfcdVF0MP6urMluiYfhpwiMMJBjrxCtzvXkpLrWZUIglUHTM8pMQYFSNkS7KGTo17VI4jmeip7ZWtvc5CekOY89gE0tOqfgEjsvDW8VNjpPA7e2zmDeXHpRKdPndqdIlswBT87O6sLltRsIuc%2FAl3aAWNGe1w%3D%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524604763930597&_adlk_ts=173524604763930597
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:26 GMT
server: Microsoft-IIS/10.0

GET
H2 200 linear-vpaid-v1.js Show response
cdn.instreamvideo.ru/storage/linear/ Frame C66E 165 KB
0 0ms
0ms Script
application/javascript 2a02:2d9:3:e::12
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:2d9:3:e::12 , United Kingdom, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS
Software: nginx/1.27.3 /
Resource Hash: f9ace719aab268fea2590b8a040a9816646150476aa10d95aac31abf60a64653

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-location-name: special-1
content-encoding: br
etag: W/"674d5e82-293df"
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
date: Thu, 26 Dec 2024 20:47:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 02 Dec 2024 07:15:14 GMT
server: nginx/1.27.3

GET
H2 200 top100.js Show response
st.top100.ru/top100/ Frame C66E 133 KB
0 0ms
0ms Script
application/javascript 151.236.71.248
CDNetworks GLOBAL...

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNetworks GLOBAL CLOUD NETWORK LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: cdc9f17e47e9bbe67f5eace6a2980bc26dda093b18798cf16f56636af8b14398

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-amz-content-sha256: cdc9f17e47e9bbe67f5eace6a2980bc26dda093b18798cf16f56636af8b14398
x-amz-tagging-count: 0
x-cdn-edge-id: 2315
x-cdn-edge-cache: HIT
x-cdn-request-id: 6f5acd9b0b4d0dca33aa4dab6285fa79
content-encoding: gzip
x-amz-meta-s3cmd-attrs: atime:1734617865/ctime:1734619546/gid:0/gname:root/md5:3078b8dd6174af394c940cc90f007709/mode:33188/mtime:1734617865/uid:0/uname:root
etag: W/"3078b8dd6174af394c940cc90f007709"
x-amz-request-id: 00000194045C6E5FA0E69CD4B28CF638
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: application/javascript
last-modified: Thu, 19 Dec 2024 14:45:48 GMT
server: nginx
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

GET
H/1.1 200
OK sync-loader.js Show response
ad.mail.ru/static/ Frame C66E 155 KB
0 1ms
1ms Script
application/javascript 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/static/sync-loader.js
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5e5ebd5298cb9dab18bda0c5076bb0c3422876cd52d442f2ff93564c071d786c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Cache-Control: max-age=600
Timing-Allow-Origin: *
Content-Encoding: gzip
Expires: Thu, 26 Dec 2024 20:57:12 GMT
Access-Control-Allow-Origin: *
Date: Thu, 26 Dec 2024 20:47:12 GMT
Content-Type: application/javascript;charset=UTF-8
Server: nginx

GET
H2 200 black.jpg
inplayer.ru/video/ Frame C66E 2 KB
0 2ms
2ms Image
image/jpeg 2a02:2d9:3:e::32
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inplayer.ru/video/black.jpg
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:2d9:3:e::32 , United Kingdom, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 68757ecc2c822ec174f9555b734fa6f139f6db60fcffd26195ac037ffeb0ad2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

etag: "5af40ea8-787"
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1927
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: image/jpeg
last-modified: Thu, 10 May 2018 09:19:36 GMT
server: nginx/1.27.2

GET
H3 200 ads.xml Show response
instreamvideo.ru/c/ Frame C66E 0
365 B 127ms
127ms XHR
text/xml 87.245.192.100
RETNRU-AS JSC "Re...

General

Check archive.org

Show headers Download Go to

Full URL: https://instreamvideo.ru/c/ads.xml?pid=734&vr=1&rid=638708536306166837&ss=SS5Vufw9IR3S&idntfy=VUf9hvCPZuAANkV&pw=420&ph=236&dl=https%3A%2F%2Fhd.lordseriy.christmas%2F&dc=https%3A%2F%2Fhd.lordseriy.christmas%2F
Requested by: Host: cdn.instreamvideo.ru
URL: https://cdn.instreamvideo.ru/storage/linear/linear-vpaid-v1.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 87.245.192.100 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv30.mt.viaprog.eu
Software: nginx/1.27.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: origin-when-cross-origin
expires: Thursday, 01-Jan-1970 00:00:00 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 0
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
date: Thu, 26 Dec 2024 20:47:27 GMT
content-type: text/xml; charset=utf-8
server: nginx/1.27.1

GET
H2 200 /
www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100103-posid2155078/ Frame C66E 43 B
415 B 85ms
83ms Image
image/gif 2001:6d0:4001::226
ADFACT JSC ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100103-posid2155078/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT JSC ADFACT, RU),

Reverse DNS

Software

ms-counter-4.4.3/1.22.1 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=2678400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:01 GMT
content-length: 43
date: Thu, 26 Dec 2024 20:47:27 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.4.3/1.22.1

GET
H2 200 tmsec=rambler_cid1100106-posid2155081
www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/ Frame C66E 43 B
415 B 86ms
83ms Image
image/gif 2001:6d0:4001::226
ADFACT JSC ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid1100106-posid2155081

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT JSC ADFACT, RU),

Reverse DNS

Software

ms-counter-4.4.3/1.22.1 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=2678400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:01 GMT
content-length: 43
date: Thu, 26 Dec 2024 20:47:27 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.4.3/1.22.1

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ Frame C66E 43 B
639 B 55ms
55ms Image
image/gif 81.19.89.16
RAMBLER-TELECOM-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=7627570&session_id=57827816_1735246032477&session_number=1&session_event_number=6&version=3.16.50&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.7627570.2027199106.1735246032476&adtech_uid=28316ae1-3eb2-4f89-b307-11526ef0f10a&adtech_uid_scope=lordseriy.christmas&fingerprint_ip=pA8AAENKs1cOuH7NAZvzAAA%3D&ym_uid=1735246030519732062&url=https%3A%2F%2Fhd.lordseriy.christmas%2F&request_id=1735246047.678-200177573&event_id=829060476799298&meta=%7B%22title%22%3A%22%22%2C%22referer%22%3A%22https%3A%2F%2Fhd.lordseriy.christmas%2F%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%22420x236%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22nl-NL%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%22-60%22%7D&rn=105920304

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS Rambler Internet Holding LLC, RU),

Reverse DNS

kraken.rambler.ru

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-sca-elb: t100-exd
content-length: 43
date: Thu, 26 Dec 2024 20:47:27 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: content-type

POST
H2 200 99270249
mc.yandex.com/webvisor/ 43 B
0 65ms
64ms Fetch
image/gif 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/99270249?wv-part=6&wv-type=7&wmode=0&wv-hit=80971784&page-url=https%3A%2F%2Fhd.lordseriy.christmas%2F&rn=708201999&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1735246049%3Aw%3A1600x1200%3Av%3A1551%3Az%3A60%3Ai%3A20241226214728%3Au%3A1735246030519732062%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1735246049&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 26-Dec-2024 20:47:28 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 43
x-xss-protection: 1; mode=block
date: Thu, 26 Dec 2024 20:47:28 GMT
last-modified: Thu, 26-Dec-2024 20:47:28 GMT
content-type: image/gif

GET
H2 200 reg
stat.adlook.me/ 0
44 B 52ms
52ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=j1Z2yqKgw5Wi8zIDb40O4gJ0kQKJB8cVrpfLdM7uPtrzEnN4akUoZZGLYipIRaT%2FKnQAKJr6vY8fnd71NuCOPdxXyAciEmnqdLCuWjNEo4A%2F2zRRupup6wQCpoRK8OFaBv1NrkMBRkQDp7RPKNuT5DP7RE8vFfZdLIoIanNA7AcUWOFwZbc2LiuJT5ytPs1SdcYeH1w%2FDq2FqpvX81gBUymXg95kmU5D2i8zEnSV8SwWisZEQ3mCZw%3D%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524604919075961&_adlk_ts=173524604919075961
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:28 GMT
server: Microsoft-IIS/10.0

GET
H2 200 mvplayer.min.js Show response
cdn1.moe.video/player/ Frame 355F 351 KB
0 0ms
0ms Script
application/x-javascript 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.moe.video/player/mvplayer.min.js
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 , Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: d718128b47ed7b0d966cf4412577a48228794b67eeff61db113468dccba168f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-cached-since: 2024-12-26T20:31:25+00:00
cache: HIT
cache-control: max-age=43200
content-encoding: gzip
expires: Fri, 27 Dec 2024 08:47:13 GMT
date: Thu, 26 Dec 2024 20:47:13 GMT
content-type: application/x-javascript
vary: Accept-Encoding
server: nginx
last-modified: Thursday, 26-Dec-2024 20:31:25 GMT
x-node: am4-up-gc95

GET
H2 200 AdRiverFPS.js Show response
content.adriver.ru/ Frame 355F 47 KB
0 0ms
0ms Script
application/x-javascript 83.222.14.222
MASTERHOST-AS LLC...

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/AdRiverFPS.js
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 83.222.14.222 , Russian Federation, ASN25532 (MASTERHOST-AS LLC "MASTERHOST", RU),
Reverse DNS
Software: nginx /
Resource Hash: 507ae2ad536fedbdef871bbcf3c477ea08103556fa18fa4544951185f65c2826

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: max-age=3600
etag: "676d3010-bb51"
expires: Thu, 26 Dec 2024 21:47:13 GMT
accept-ranges: bytes
content-length: 47953
date: Thu, 26 Dec 2024 20:47:13 GMT
content-type: application/x-javascript
last-modified: Thu, 26 Dec 2024 10:29:36 GMT
server: nginx

GET
H2 200 197143 Show response
ad.mail.ru/vast/ Frame 355F 59 B
267 B 62ms
59ms Fetch
text/xml 95.163.41.56
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/197143?pr=8757815&sc=2776352&dl=hd.lordseriy.christmas&content_id=27723982776352
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS: r.mail.ru
Software: nginx /
Resource Hash: a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: private, no-cache, no-store
timing-allow-origin: *
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordseriy.christmas
date: Thu, 26 Dec 2024 20:47:29 GMT
content-type: text/xml
server: nginx

GET
H2 200 1061630 Show response
ad.mail.ru/vast/ Frame 355F 60 B
268 B 69ms
68ms Fetch
text/xml 95.163.41.56
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/1061630?pr=5783535&sc=2776352&dl=hd.lordseriy.christmas&content_id=129923942776352
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS: r.mail.ru
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: private, no-cache, no-store
timing-allow-origin: *
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordseriy.christmas
date: Thu, 26 Dec 2024 20:47:29 GMT
content-type: text/xml
server: nginx

GET
H3 200 Bx3q-DrgJxNAfuVVPjmYDjME8to-hCCi5szsch3dVSM.xml Show response
sdk.adspector.io/vpaid/ Frame 355F 1 KB
1 KB 44ms
35ms Fetch
text/xml 172.67.161.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.adspector.io/vpaid/Bx3q-DrgJxNAfuVVPjmYDjME8to-hCCi5szsch3dVSM.xml
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 070132d8a3321b799712a5a6bd48620d5e2e4f51d587a3d3de449846909b6f87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
etag: W/"676aced0-407"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=68eU834ai6n8CculBoiOZPuMJBSvhrRGxMg8I7saTzr0JnuKkJ7teeMMWg1H0DDOosJX3mDQpsuH%2Bj29dqDNvQcMxN7alG9esgFnbfodxUjat0Zm0Xn65MgNqTZ1zTC%2BuWr5"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21882&min_rtt=17271&rtt_var=7678&sent=19&recv=17&lost=0&retrans=0&sent_bytes=7789&recv_bytes=6209&delivery_rate=14750&cwnd=12000&unsent_bytes=0&cid=be165314f738eeac&ts=18397&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 26 Dec 2024 20:47:29 GMT
content-type: text/xml
last-modified: Tue, 24 Dec 2024 15:10:08 GMT
vary: Origin
priority: u=1,i
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8f83ed217ddc3a52-FRA
access-control-allow-origin: https://hd.lordseriy.christmas
server: cloudflare

GET
H/1.1 200
OK moevideo_vast_new Show response
kimberlite.io/rtb/bid/vast/ Frame 355F 123 B
516 B 228ms
227ms Fetch
text/xml 217.199.220.43
NETRACK-AS Start LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://kimberlite.io/rtb/bid/vast/moevideo_vast_new
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 217.199.220.43 , Russian Federation, ASN61400 (NETRACK-AS Start LLC, RU),
Reverse DNS: s3.kimberlite.io
Software: nginx /
Resource Hash: 7be888fe96032d9c836dc482383d6fe897ebbbec7b19a5c67671d74cdf13281f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordseriy.christmas
server-timing: app;srv=s8a;dur=0.1565
Content-Length: 123
Date: Thu, 26 Dec 2024 20:47:29 GMT
Content-Type: text/xml
Server: nginx

GET
H2 200 174627 Show response
ad.mail.ru/vast/ Frame 355F 59 B
268 B 55ms
54ms Fetch
text/xml 95.163.41.56
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/174627?rand=3917595&sc=2776352&dl=hd.lordseriy.christmas
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS: r.mail.ru
Software: nginx /
Resource Hash: a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: private, no-cache, no-store
timing-allow-origin: *
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordseriy.christmas
date: Thu, 26 Dec 2024 20:47:29 GMT
content-type: text/xml
server: nginx

GET
H2 200 1434682 Show response
ad.mail.ru/vast/ Frame 355F 59 B
267 B 56ms
54ms Fetch
text/xml 95.163.41.56
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/1434682?dl=hd.lordseriy.christmas&content_id=188396652776352
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS: r.mail.ru
Software: nginx /
Resource Hash: a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: private, no-cache, no-store
timing-allow-origin: *
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordseriy.christmas
date: Thu, 26 Dec 2024 20:47:29 GMT
content-type: text/xml
server: nginx

GET
H2 200 pl15526 Show response
ssp.bidvol.com/vast/ Frame 355F 27 B
503 B 324ms
232ms Fetch
text/xml 65.109.111.89
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.bidvol.com/vast/pl15526?domain=hd.lordseriy.christmas&page=https%3A%2F%2Fhd.lordseriy.christmas%2F
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 65.109.111.89 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.89.111.109.65.clients.your-server.de
Software: nginx/1.22.0 /
Resource Hash: fd8b5f56a42ba9c68188da914e3e00e6f1b1328baf2fec87206dbda14340f737

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

surrogate-control: no-store
x-request-id: 20180653-f05e-43da-b07f-230ec3d2ad30
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 27
date: Thu, 26 Dec 2024 20:47:29 GMT
content-type: text/xml; charset=utf-8
server: nginx/1.22.0

GET
H2 200 1434682 Show response
ad.mail.ru/vast/ Frame 355F 59 B
267 B 112ms
53ms Fetch
text/xml 95.163.41.56
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/1434682?dl=hd.lordseriy.christmas&content_id=188396652776352
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS: r.mail.ru
Software: nginx /
Resource Hash: a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: private, no-cache, no-store
timing-allow-origin: *
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordseriy.christmas
date: Thu, 26 Dec 2024 20:47:29 GMT
content-type: text/xml
server: nginx

GET
H2 200 988595 Show response
ad.mail.ru/vast/ Frame 355F 59 B
267 B 55ms
54ms Fetch
text/xml 95.163.41.56
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/988595?rand=2465400&sc=2776352&dl=hd.lordseriy.christmas&dd=1
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS: r.mail.ru
Software: nginx /
Resource Hash: a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: private, no-cache, no-store
timing-allow-origin: *
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordseriy.christmas
date: Thu, 26 Dec 2024 20:47:29 GMT
content-type: text/xml
server: nginx

GET
H2 204 moevideo-lowprice-bid Show response
bid.adx.com.ru/ Frame 355F 0
118 B 300ms
53ms Fetch 83.222.105.230
MNOGOBYTE-AS Mnog...

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.adx.com.ru/moevideo-lowprice-bid?vpaid=true&referer=hd.lordseriy.christmas
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 83.222.105.230 , Russian Federation, ASN42632 (MNOGOBYTE-AS MnogoByte LLC, RU),
Reverse DNS
Software: nginx/1.26.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

access-control-allow-origin: https://hd.lordseriy.christmas
date: Thu, 26 Dec 2024 20:47:29 GMT
server: nginx/1.26.0
access-control-allow-credentials: true

GET
H2 204 moevideo-vast-midprice-bid Show response
bid.adx.com.ru/ Frame 355F 0
117 B 300ms
54ms Fetch 83.222.105.230
MNOGOBYTE-AS Mnog...

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.adx.com.ru/moevideo-vast-midprice-bid?vpaid=true&referer=hd.lordseriy.christmas
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 83.222.105.230 , Russian Federation, ASN42632 (MNOGOBYTE-AS MnogoByte LLC, RU),
Reverse DNS
Software: nginx/1.26.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

access-control-allow-origin: https://hd.lordseriy.christmas
date: Thu, 26 Dec 2024 20:47:29 GMT
server: nginx/1.26.0
access-control-allow-credentials: true

GET
H/1.1 204
No Content 6716655db13381b469b0cdb6 Show response
ssp.al-adtech.com/api/vast/ Frame 355F 0
225 B 57ms
56ms Fetch 45.139.25.118
PROCLOUD KVIKTEL LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.al-adtech.com/api/vast/6716655db13381b469b0cdb6?domain=hd.lordseriy.christmas&placementtype=5
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.139.25.118 Moscow, Russian Federation, ASN34959 (PROCLOUD KVIKTEL LLC, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Access-Control-Allow-Origin: https://hd.lordseriy.christmas
Date: Thu, 26 Dec 2024 20:47:29 GMT
Vary: Origin
Server: nginx/1.20.1
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 362146 Show response
ad.mail.ru/vast/ Frame 355F 59 B
267 B 60ms
59ms Fetch
text/xml 95.163.41.56
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/362146?rand=6104567&sc=2776352&dl=hd.lordseriy.christmas&content_id=28898852776352
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS: r.mail.ru
Software: nginx /
Resource Hash: a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: private, no-cache, no-store
timing-allow-origin: *
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordseriy.christmas
date: Thu, 26 Dec 2024 20:47:29 GMT
content-type: text/xml
server: nginx

GET
H2 200 993463 Show response
ad.mail.ru/vast/ Frame 355F 59 B
267 B 57ms
57ms Fetch
text/xml 95.163.41.56
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/993463?rand=560948&sc=2776352&dl=hd.lordseriy.christmas&dd=1
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS: r.mail.ru
Software: nginx /
Resource Hash: a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

cache-control: private, no-cache, no-store
timing-allow-origin: *
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordseriy.christmas
date: Thu, 26 Dec 2024 20:47:29 GMT
content-type: text/xml
server: nginx

GET
H2 200 wrapper.vpaid.js Show response
cdn3.moe.video/adspector/ Frame FD58 9 KB
3 KB 171ms
14ms Script
application/x-javascript 5.101.37.37
EdgeAmLLC "EDGEAM...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.moe.video/adspector/wrapper.vpaid.js
Requested by: Host: cdn1.moe.video
URL: https://cdn1.moe.video/player/mvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 , Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: ae2d1b77848448cd8b8415517eaa913063281b4ca88f1608ccc8341e5380d650

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-cached-since: 2024-12-26T20:03:10+00:00
cache: HIT
cache-control: max-age=345600
content-encoding: gzip
access-control-allow-credentials: true
expires: Mon, 30 Dec 2024 20:47:29 GMT
date: Thu, 26 Dec 2024 20:47:29 GMT
content-type: application/x-javascript
vary: Accept-Encoding
server: nginx
last-modified: Thursday, 26-Dec-2024 20:03:10 GMT
x-node: am4-up-gc95

GET
H3 200 ubundle.js Show response
sdk.adspector.io/vpaidp/ Frame FD58 142 KB
46 KB 28ms
28ms Script
application/javascript 172.67.161.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.adspector.io/vpaidp/ubundle.js
Requested by: Host: cdn3.moe.video
URL: https://cdn3.moe.video/adspector/wrapper.vpaid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efbe41e526cbbf9bf73db6aa626adda114759637e9a16f6f81667c375ddb698a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"6749ac45-239ce"
age: 3718
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=20EGJQ0xSO68V06aaXcnWc2cbMvOryjcJb0QfYaTOEeoWpbMV%2BK2Cya7p4242ide%2BnXs8yF7WrJStdW00AE%2FFBn28Jo2gdKIPpxIWKEexJnhE3nIMfnD5PNl%2FPby9xr8JCcs"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23292&min_rtt=17271&rtt_var=8577&sent=22&recv=19&lost=0&retrans=0&sent_bytes=9098&recv_bytes=6581&delivery_rate=38754&cwnd=12000&unsent_bytes=0&cid=be165314f738eeac&ts=18606&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 26 Dec 2024 20:47:29 GMT
content-type: application/javascript
last-modified: Fri, 29 Nov 2024 11:57:57 GMT
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8f83ed22dece3a52-FRA
server: cloudflare

OPTIONS
H3 204 ctx
a.adspector.io/ Frame 0
0 55ms
34ms Preflight
text/plain 172.67.161.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.adspector.io/ctx?vid=Bx3q-DrgJxNAfuVVPjmYDjME8to-hCCi5szsch3dVSM&origin=https%3A%2F%2Fhd.lordseriy.christmas&origins=https%3A%2F%2Fhd.lordseriy.christmas*https%3A%2F%2Fhd.lordseriy.christmas&width=0&height=0&v=2.1.6&h=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://hd.lordseriy.christmas
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,cf-ipcountry
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://hd.lordseriy.christmas
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f83ed236c1b2bd6-FRA
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 26 Dec 2024 20:47:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=1,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Klwu4xqFQBeVVtHU9bi4WmH8zd%2FLTzx1b2cLqsYpXAEaflNsmKjgBk1oCkp0%2BpioTkTB6uhOw5h7Qg0S1aFjg5oJk8vS9rQSiQka5XQUNBPgqEWlRaZdwdUnklp3gAu6nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=17996&min_rtt=17993&rtt_var=6753&sent=9&recv=6&lost=0&retrans=0&sent_bytes=2232&recv_bytes=4198&delivery_rate=78678&cwnd=12000&unsent_bytes=0&cid=86f70b6b4b78ac74&ts=36&x=1" cfExtPri cfHdrFlush;dur=0

GET
H3 429 ctx Show response
a.adspector.io/ Frame FD58 0
765 B 36ms
35ms XHR
text/plain 172.67.161.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.adspector.io/ctx?vid=Bx3q-DrgJxNAfuVVPjmYDjME8to-hCCi5szsch3dVSM&origin=https%3A%2F%2Fhd.lordseriy.christmas&origins=https%3A%2F%2Fhd.lordseriy.christmas*https%3A%2F%2Fhd.lordseriy.christmas&width=0&height=0&v=2.1.6&h=
Requested by: Host: sdk.adspector.io
URL: https://sdk.adspector.io/vpaidp/ubundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.161.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json; charset=utf-8
Referer

Response headers

access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6339ItCx%2BdnZDBGq3PrYz9tQXEALTOOS82Ljt1NRaIWBs4LuyF97xzyOYxKJtdLPMJ72QS%2FRj4M6U8okkBexuiDv8xscIBsfGxo8QsHyaJ1sLVJhW7Uqv945Mt2FYFPzzA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18629&min_rtt=17271&rtt_var=1813&sent=66&recv=41&lost=0&retrans=0&sent_bytes=57710&recv_bytes=8035&delivery_rate=1084177&cwnd=40800&unsent_bytes=0&cid=be165314f738eeac&ts=18745&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 26 Dec 2024 20:47:29 GMT
content-type: text/plain
priority: u=1,i
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
x-error: limit
cf-ray: 8f83ed23af783a52-FRA
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 0
server: cloudflare

POST
H2 200 99270249
mc.yandex.com/webvisor/ 43 B
0 68ms
67ms Fetch
image/gif 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/99270249?wv-part=7&wv-type=7&wmode=0&wv-hit=80971784&page-url=https%3A%2F%2Fhd.lordseriy.christmas%2F&rn=445334533&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1735246051%3Aw%3A1600x1200%3Av%3A1551%3Az%3A60%3Ai%3A20241226214730%3Au%3A1735246030519732062%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1735246051&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 26-Dec-2024 20:47:30 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 43
x-xss-protection: 1; mode=block
date: Thu, 26 Dec 2024 20:47:30 GMT
last-modified: Thu, 26-Dec-2024 20:47:30 GMT
content-type: image/gif

GET
H3 200 4640303_1733915844.webp
hd.lordseriy.christmas/uploads/posts/2024-12/ 68 KB
68 KB 86ms
86ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hd.lordseriy.christmas/uploads/posts/2024-12/4640303_1733915844.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1db39b6771a9fbb95394aa916d09558442747821d5d9611c5235091737a1b77

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3d1oWaXzuy9rZ8I0YzIgUOiziLHgCCseWp2DNUT79jrZIFkgPj4NhfGY54%2FL8Fe012MaP%2Fn%2B15sU5l%2FHvnmPv8wO%2FlrztyNbgvpYO8RL4wfPXQzTD8jU9tGYxk9w28RIsnEOhS5ctd53"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f83ed407b759f36-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19276&min_rtt=17651&rtt_var=658&sent=3685&recv=267&lost=0&retrans=0&sent_bytes=4312436&recv_bytes=40263&delivery_rate=539618&cwnd=525600&unsent_bytes=0&cid=7fdac26912339378&ts=25156&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 69382
date: Thu, 26 Dec 2024 20:47:34 GMT
content-type: image/webp
last-modified: Sun, 15 Dec 2024 05:43:34 GMT
vary: Accept-Encoding
priority: u=3,i

POST
H2 200 99270249
mc.yandex.com/webvisor/ 43 B
0 70ms
69ms Fetch
image/gif 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/99270249?wv-part=8&wv-type=7&wmode=0&wv-hit=80971784&page-url=https%3A%2F%2Fhd.lordseriy.christmas%2F&rn=18470522&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1735246055%3Aw%3A1600x1200%3Av%3A1551%3Az%3A60%3Ai%3A20241226214734%3Au%3A1735246030519732062%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1735246055&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 26-Dec-2024 20:47:34 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 43
x-xss-protection: 1; mode=block
date: Thu, 26 Dec 2024 20:47:34 GMT
content-type: image/gif
last-modified: Thu, 26-Dec-2024 20:47:34 GMT

GET
H2 200 reg
stat.adlook.me/ 0
44 B 52ms
51ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=zoPOSdavZGEGh5qW6han1HD9v5DpmLmYSLpT%2BPRdJbaZfAWJcjyWNeaJD1ARGC7k9CRp7a3ODtY8qhTua6CabM0BCQ%2FqctGjyDsuzfnCn2H8PGIVL2cBB0TstI2VAXKhxleHcHHxXII3%2FGiSicAAPC91eSGkdTqpYuydUKE1K2lb8jtCUJwvmQKSy%2FtQWlcxxiWOsqKC2CoMZRXT5ZcFnFIpgK3IX1B8odxK6SVQdA6TZD5JdXkTAA%3D%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524605546620544&_adlk_ts=173524605546620544
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:34 GMT
server: Microsoft-IIS/10.0

GET
H2 200 reg
stat.adlook.me/ 0
21 B 53ms
53ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=oif1twe6tToe9okJgoZG2hAQm%2BgJuE755GdGv9gvVHFaMmgAEvV5UmA8AQlq2i7PxHtU7jsNOOItVLdD1mmTIBMXGKehXBkgkXvMH0ZkgZwV616hdYr%2FTwglAdYIYFiLheil%2FlwdTCnySvnnqE1GlkpWdS9d4CjQI%2FSjWGWExhK1BZsktgOG65WZ2j7TAnewCUsD1N6Kj4TYV6SdPEADSAVjUr95p0pC0axFGIBfAm%2FQJ6IJhZcPnQ%3D%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524605546634318&_adlk_ts=173524605546634318
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:34 GMT
server: Microsoft-IIS/10.0

GET
H2 200 vdisp-vk.js Show response
cdn.adlook.me/js/ Frame 76DB 20 KB
6 KB 56ms
56ms Script
application/javascript 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adlook.me/js/vdisp-vk.js
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 1c82f40d83012f64efaed45cb80e6aa206d7c89b8df0a8d41ea890cff5f8e3fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-powered-by: ASP.NET
cache: HIT
x-node: m9p-up-gc30
content-encoding: gzip
etag: "07ff3daa43adb1:0"
accept-ranges: bytes
content-length: 6417
date: Thu, 26 Dec 2024 20:47:35 GMT
content-type: application/javascript,application/javascript;charset=utf-8
last-modified: Tue, 19 Nov 2024 17:02:46 GMT
server: nginx
x-cached-since: 2024-12-26T20:43:17+00:00
vary: Accept-Encoding

GET
H/1.1 200
OK sync-loader.js Show response
ad.mail.ru/static/ Frame 3241 155 KB
0 0ms
0ms Script
application/javascript 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/static/sync-loader.js
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/vdisp-vk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5e5ebd5298cb9dab18bda0c5076bb0c3422876cd52d442f2ff93564c071d786c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Cache-Control: max-age=600
Timing-Allow-Origin: *
Content-Encoding: gzip
Expires: Thu, 26 Dec 2024 20:57:12 GMT
Access-Control-Allow-Origin: *
Date: Thu, 26 Dec 2024 20:47:12 GMT
Content-Type: application/javascript;charset=UTF-8
Server: nginx

GET
H/1.1 200
OK vk-adman.js Show response
ad.mail.ru/static/ Frame 3241 236 KB
62 KB 218ms
112ms Script
application/javascript 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/static/vk-adman.js
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2d6b347dfe5bacf35d249d6552d1722cddb95ce7ca212fa74c7847dce4406352

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=600
Timing-Allow-Origin: *
Content-Encoding: gzip
Connection: keep-alive
Expires: Thu, 26 Dec 2024 20:57:35 GMT
Access-Control-Allow-Origin: *
Date: Thu, 26 Dec 2024 20:47:35 GMT
Content-Type: application/javascript;charset=UTF-8
Server: nginx

GET
H2 200 reg
stat.adlook.me/ 0
21 B 53ms
53ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_creativeView&sc=m2AjqQo2CLtKLzTXzj2dz8Vr1MDgROWKB4W6mEvoXO2bjr8Ivt74G1JTZFaPG9ewpZYYYAwIskjav2r3sPmpfeJWWIXLN0f64nOWIyBO7DkJaYqEIP3M%2BaqF2FKqU2IjVfJw5AYrUf4Hc4QjLYxw66Ihgezk0X8MKqTRhIWCUOLH82ZPaa0WmtEZLrMHyEc2N%2FujGXpHkMtmKH83qfszxMAXfTOUL576%2FTE%2FFOlrB4jhtbFsOWD8%2BwJSUD0%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524605564176253&_adlk_ts=173524605564176253
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:34 GMT
server: Microsoft-IIS/10.0

GET
H2 200 reg
stat.adlook.me/ 0
21 B 53ms
52ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_start&sc=6gmfFShi8OJLfcwQVRgaKODVkTEyTC2pK6NWPM71rHBRcZ%2FUh1cPo8m94x2OjegltJLOOvzBjfpwIWfxbOnRBhJF6nsOGQ3biJ2x71u0yKgkoN%2B65%2Fkanf2Co90mb8Sy8nGpK5qNbU%2F5%2F9qKUnKYFIsxRAC6wqv0Am5IKU9boSa%2BIfpNuS2%2FANo8JGcGVJ4WheYFoj%2FczstsXB4orPKDkWXiXWvZ17Ag63SdDxCKcZuZgigW&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524605564298182&_adlk_ts=173524605564298182
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:34 GMT
server: Microsoft-IIS/10.0

POST
H/1.1 200
OK tech
ad.mail.ru/adman3/stats/ Frame 3241 0
0 154ms
52ms Fetch
application/octet-stream 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/adman3/stats/tech
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/vk-adman.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Date: Thu, 26 Dec 2024 20:47:36 GMT
Content-Type: application/octet-stream
Server: nginx
Connection: keep-alive

HEAD render-runner.js
ad.mail.ru/static/ Frame 3241 0
0

POST tech
ad.mail.ru/adman3/stats/ Frame 3241 0
0

GET
H/1.1 200
OK 1491097 Show response
ad.mail.ru/vp/ Frame 3241 0
481 B 78ms
78ms Fetch
application/json 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vp/1491097?version=3.2.19&app_name=adman3&plu=https%3A%2F%2Fhd.lordseriy.christmas%2F&fpid=cI7jr2SP06agLQhr8dr0T&targetRef=https%3A%2F%2Fhd.lordseriy.christmas%2F
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/vk-adman.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Cache-Control: private, no-cache, no-store
Timing-Allow-Origin: *
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hd.lordseriy.christmas
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Date: Thu, 26 Dec 2024 20:47:35 GMT
Content-Type: application/json; charset=utf-8
Server: nginx

POST tech
ad.mail.ru/adman3/stats/ Frame 3241 0
0

GET
H2 200 reg
stat.adlook.me/ 0
44 B 52ms
52ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=9kOsdd7L7bHuLbsJnHF72iq65kz%2FxisiVvWbb8NGg9MxOYdGBPVVIrfwEUM4hysZU13m33gU7IEAfy2mB1gQOHN%2Fof2VOpQQzo%2FhWBOjqjZHjGVZt4SMwoJ0sSPDqlBWA8JcXzr9fu7xQwIj2bbJONnxBjAaRh7OIsoA096%2BxDwC9N7m0vbK%2BlI0sv87y1ljOajE4epXX41gjTl4OLyTxzTNA7chx2VRXIBNS8W6ixF9T1YBFsbw4g%3D%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524605609638638&_adlk_ts=173524605609638638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:35 GMT
server: Microsoft-IIS/10.0

GET
H2 200 vdisp-vk.js Show response
cdn.adlook.me/js/ Frame 3144 20 KB
0 56ms
56ms Script
application/javascript 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adlook.me/js/vdisp-vk.js
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 1c82f40d83012f64efaed45cb80e6aa206d7c89b8df0a8d41ea890cff5f8e3fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-powered-by: ASP.NET
cache: HIT
x-node: m9p-up-gc30
content-encoding: gzip
etag: "07ff3daa43adb1:0"
accept-ranges: bytes
content-length: 6417
date: Thu, 26 Dec 2024 20:47:35 GMT
content-type: application/javascript,application/javascript;charset=utf-8
last-modified: Tue, 19 Nov 2024 17:02:46 GMT
server: nginx
x-cached-since: 2024-12-26T20:43:17+00:00
vary: Accept-Encoding

GET
H/1.1 200
OK sync-loader.js Show response
ad.mail.ru/static/ Frame EFD7 155 KB
0 0ms
0ms Script
application/javascript 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/static/sync-loader.js
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/vdisp-vk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5e5ebd5298cb9dab18bda0c5076bb0c3422876cd52d442f2ff93564c071d786c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Cache-Control: max-age=600
Timing-Allow-Origin: *
Content-Encoding: gzip
Expires: Thu, 26 Dec 2024 20:57:12 GMT
Access-Control-Allow-Origin: *
Date: Thu, 26 Dec 2024 20:47:12 GMT
Content-Type: application/javascript;charset=UTF-8
Server: nginx

GET
H/1.1 200
OK vk-adman.js Show response
ad.mail.ru/static/ Frame EFD7 236 KB
0 218ms
112ms Script
application/javascript 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/static/vk-adman.js
Requested by: Host: hd.lordseriy.christmas
URL: https://hd.lordseriy.christmas/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2d6b347dfe5bacf35d249d6552d1722cddb95ce7ca212fa74c7847dce4406352

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=600
Timing-Allow-Origin: *
Content-Encoding: gzip
Connection: keep-alive
Expires: Thu, 26 Dec 2024 20:57:35 GMT
Access-Control-Allow-Origin: *
Date: Thu, 26 Dec 2024 20:47:35 GMT
Content-Type: application/javascript;charset=UTF-8
Server: nginx

POST
H/1.1 200
OK tech
ad.mail.ru/adman3/stats/ Frame EFD7 0
0 54ms
53ms Fetch
application/octet-stream 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/adman3/stats/tech
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/vk-adman.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Date: Thu, 26 Dec 2024 20:47:36 GMT
Content-Type: application/octet-stream
Server: nginx
Connection: keep-alive

HEAD
H/1.1 200
OK render-runner.js
ad.mail.ru/static/ Frame EFD7 0
0 58ms
58ms Fetch
application/javascript 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/static/render-runner.js
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/vk-adman.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Cache-Control: max-age=600
Timing-Allow-Origin: *
Content-Encoding: gzip
Connection: keep-alive
Expires: Thu, 26 Dec 2024 20:57:36 GMT
Access-Control-Allow-Origin: *
Date: Thu, 26 Dec 2024 20:47:36 GMT
Content-Type: application/javascript;charset=UTF-8
Server: nginx

POST
H/1.1 200
OK tech
ad.mail.ru/adman3/stats/ Frame EFD7 0
0 58ms
58ms Fetch
application/octet-stream 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/adman3/stats/tech
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/vk-adman.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Date: Thu, 26 Dec 2024 20:47:36 GMT
Content-Type: application/octet-stream
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK 1706500 Show response
ad.mail.ru/vp/ Frame EFD7 0
481 B 82ms
82ms Fetch
application/json 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vp/1706500?version=3.2.19&app_name=adman3&plu=https%3A%2F%2Fhd.lordseriy.christmas%2F&fpid=cI7jr2SP06agLQhr8dr0T&targetRef=https%3A%2F%2Fhd.lordseriy.christmas%2F
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/vk-adman.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Cache-Control: private, no-cache, no-store
Timing-Allow-Origin: *
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hd.lordseriy.christmas
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Date: Thu, 26 Dec 2024 20:47:36 GMT
Content-Type: application/json; charset=utf-8
Server: nginx

GET
H2 200 reg
stat.adlook.me/ 0
21 B 52ms
52ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_creativeView&sc=UdXCDmpurw5JlVPPjkzbv8u%2BAegWSgYIld3zw6U%2FSaBCbA6hlvMfOZW2qTz2dypn1SUVbVvOGVESgir7nwjlZw0CNEKKokhuutNdXt3U%2BOTZAE6yxnCl%2BlAkCb92gOP6pbheNKF0EDnwhKre5OAWSvLkxZRsx2C5r07BMVD2K4jgOohGg1RbN74ggLtrJawFpz6GQaYf2sKNQg9LQfk8jjMcz9ZkVQq70uaBRCj%2BrrJUru2QOLt2t3KuSkc%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524605615624107&_adlk_ts=173524605615624107
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:35 GMT
server: Microsoft-IIS/10.0

GET
H2 200 reg
stat.adlook.me/ 0
21 B 53ms
52ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_start&sc=LdS8uZSXNUT2J7raWmXayBCBTNQ31speoR5ma5CBqRQVy7j3rGBStw5N6AlgqV%2B7QwtHSW2K3gcubz4vZ1InSHmPOjqEMujiyNx3xRQ%2BQTwmRDAVZEP9TpPfDCJpiYAZbVGBiKL%2BxtdkcSFb3zEk7kLZSmULXlYF7jh%2F3ez9DSuwrJJ1S3kv9Zw03zL0UbpW5PVz%2Bs7t%2FhpgF666SLTDOgLK2R1y%2BCKnXW5sPrFqPQY3rCKH&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524605615679392&_adlk_ts=173524605615679392
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:35 GMT
server: Microsoft-IIS/10.0

GET
H/1.1 200
OK render-runner.js Show response
ad.mail.ru/static/ Frame EFD7 15 KB
6 KB 80ms
56ms Script
application/javascript 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/static/render-runner.js
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/vk-adman.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3883d8944138bcd2285a14029a10199d7495ab94f2fd8700b52a31dc671d6735

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=600
Timing-Allow-Origin: *
Content-Encoding: gzip
Connection: keep-alive
Expires: Thu, 26 Dec 2024 20:57:36 GMT
Access-Control-Allow-Origin: *
Date: Thu, 26 Dec 2024 20:47:36 GMT
Content-Type: application/javascript;charset=UTF-8
Server: nginx

POST
H/1.1 200
OK tech
ad.mail.ru/adman3/stats/ Frame EFD7 0
0 61ms
60ms Fetch
application/octet-stream 2a00:1148:db00::17
VK-AS LLC VK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/adman3/stats/tech
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/vk-adman.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://hd.lordseriy.christmas/

Response headers

Transfer-Encoding: chunked
Date: Thu, 26 Dec 2024 20:47:36 GMT
Content-Type: application/octet-stream
Server: nginx
Connection: keep-alive

GET
H2 200 reg
stat.adlook.me/ 0
21 B 52ms
51ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=SoS5a5OgWi75uEIzXRzOO3F9XOTwka7NvqZCddL6EfhHngSpK07ZKnM9Vw%2F3%2BNUPOxi4Kvu3cDjbSaGJ5d5w%2BIxMp0bGPaIB3%2Fc1Rjchmejj8WMr%2FketvfbO3rP9Kle8YDpDdmAQyDeM03dbc2DdLOT8m5PrHsheXgn3Yuk8MWbBIo%2BqR3ORVJ1ABuLP%2F8VNH5RDSLsVxqYMoWWuJZ%2BVJVWgQ0Sya%2ByCTsKv8bh2rJpez%2BeEAuPixw%3D%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524605633858025&_adlk_ts=173524605633858025
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:35 GMT
server: Microsoft-IIS/10.0

GET
H2 200 reg
stat.adlook.me/ 0
21 B 52ms
52ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=EcA0mURFCGHRlKPtcwXBVl5Gu%2Funw8OFV%2Fyxoz72yFEU8wAHUHVweBqze0Mnc8erC5QGw1ZfruV6cMp4eVdVg7HCxm%2F80080Ct6p9yTZbwMg7IdjMh6cdZVEYJW%2B3s8LIn6ytReoiCxYuTPceLXfKM%2BUEkLjypXw0LE7xY3GSQZTbsLnUjzOKFzkty0om7n%2F1Ql91DFQuB3eJ9KMaB66It1X1zRlt3WBWcn6QTjmGHMwxd8DqELeeA%3D%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524605633841944&_adlk_ts=173524605633841944
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:35 GMT
server: Microsoft-IIS/10.0

GET
H2 200 vdisp.js Show response
cdn.adlook.me/js/ Frame BF63 19 KB
6 KB 56ms
56ms Script
application/javascript 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adlook.me/js/vdisp.js
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: da321a8f8071a3654a264f38bc8475c4cbd907bea64c33af85c1a3a578642232

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-powered-by: ASP.NET
cache: HIT
x-node: m9p-up-gc30
content-encoding: gzip
etag: "0edaa53b9b0da1:0"
accept-ranges: bytes
content-length: 6344
date: Thu, 26 Dec 2024 20:47:36 GMT
content-type: application/javascript,application/javascript;charset=utf-8
last-modified: Tue, 28 May 2024 04:41:38 GMT
server: nginx
x-cached-since: 2024-12-26T20:38:50+00:00
vary: Accept-Encoding

GET
H2 200 context.js Show response
yandex.ru/ads/system/ Frame 457D 375 KB
107 KB 68ms
67ms Script
text/javascript 5.255.255.77
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/vdisp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.255.255.77 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

5598496c0070ad6290337c4c0e51bede2a51b21d810110c58fe03b90b4bd9f8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-robots-tag: noindex, noarchive, nofollow
x-yandex-req-id: 1735246056464922-8539766017337744543-balancer-l7leveler-kubr-yp-vla-99-BAL
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
timing-allow-origin: *
content-encoding: br
cache-control: private, max-age=3600
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
etag: "eab942d434078a975bdead8faa886417-1183758"
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Thu, 26 Dec 2024 21:47:36 GMT
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8

GET
H2 200 reg
stat.adlook.me/ 0
21 B 73ms
73ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_creativeView&sc=Io866ck4KzM159aqeBfLOGpnww0t5Fc14S%2BIPDmJhrjza1AxYE4wmOnMaUdivSMrnouryrv3DCqjksdD1Ag%2BOT3Lue6wHZknkpqYWU8MV%2BFp5Wg0klB3N0QiKgeGK7L84DHEBbo%2FD%2BWnZDlRX9t%2FzvrSUin%2FZ4MdSoI00VwQhSfUTV7TteecskV6x6TY%2FN4kCNXBdAbH29cJAmKKFykzu1CW0iZKHXv9hq1zkN1DFTy4lIci0%2BVm7Pf1eWg%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524605645872804&_adlk_ts=173524605645872804
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:35 GMT
server: Microsoft-IIS/10.0

GET
H2 200 reg
stat.adlook.me/ 0
21 B 75ms
75ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_start&sc=%2F2kFOf6j6F2LovU%2B7AiEFMYB2NtQhE%2Ft0aGzB%2B%2FR8hbrysabHQMocsuUX4acMCWKnwRs9shUxd8HCGCvZvjx7QofXjEisHWIJUtiNvl3OHHHqDcxa3696M0dQrYF2HZkxzICEqpDGWmQwrSH63MtZpv2xQ%2F%2FaP3Uh8Qj9fNCrCR3fWUP771otXeP96HfhICFjh8yMZcw3SkS4eZNUFth78JtI5GJDuYNy2mnrF%2BF8%2FxVaAs7X72M5g%3D%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524605645996877&_adlk_ts=173524605645996877
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:35 GMT
server: Microsoft-IIS/10.0

POST
H2 200 99270249
mc.yandex.com/webvisor/ 43 B
0 130ms
127ms Fetch
image/gif 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/99270249?wv-part=9&wv-type=7&wmode=0&wv-hit=80971784&page-url=https%3A%2F%2Fhd.lordseriy.christmas%2F&rn=845041836&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1735246057%3Aw%3A1600x1200%3Av%3A1551%3Az%3A60%3Ai%3A20241226214736%3Au%3A1735246030519732062%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1735246057&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 26-Dec-2024 20:47:37 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 43
x-xss-protection: 1; mode=block
date: Thu, 26 Dec 2024 20:47:37 GMT
last-modified: Thu, 26-Dec-2024 20:47:37 GMT
content-type: image/gif

GET text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ Frame 457D 0
0

GET cc3eb7227602aea2a356.js
yastatic.net/partner-code-bundles/1183758/ Frame 457D 0
0

GET 5956674fd0fdd7c45be0.js
yastatic.net/partner-code-bundles/1183758/ Frame 457D 0
0

GET 57bcfd9e2482bf6eab12.js
yastatic.net/partner-code-bundles/1183758/ Frame 457D 0
0

GET 28c60da322306eea85f3.js
yastatic.net/partner-code-bundles/1183758/ Frame 457D 0
0

GET host.js
yastatic.net/safeframe-bundles/0.83/ Frame 457D 0
0

GET 454b3fa45c64f15c3946.js
yastatic.net/partner-code-bundles/1183758/ Frame 457D 0
0

GET
H2 403 13185303 Show response
yandex.ru/ads/meta/ Frame 457D 27 B
990 B 76ms
76ms XHR
text/html 5.255.255.77
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/13185303?target-ref=https%3A%2F%2Fhd.lordseriy.christmas%2F&pcode-version=1183758&pcodever=1183758&comboblock-unencoded-vast=1&ad-session-id=2323111735246056929&target-id=44723333&pcode-test-ids=1111484%2C0%2C6%3B1173006%2C0%2C99%3B1135992%2C0%2C34%3B1184115%2C0%2C93%3B1139808%2C0%2C19%3B1164346%2C0%2C72%3B1175803%2C0%2C82%3B1175948%2C0%2C84%3B1184151%2C0%2C28%3B1174873%2C0%2C71%3B1139870%2C0%2C74%3B1175871%2C0%2C98%3B1178012%2C0%2C48%3B1174799%2C0%2C29%3B1183758%2C0%2C97&pcode-flags-map=eJyVWG1zm7gW%2Fi98DlkEEoh%2Bk%2BGANQaJSsJJutPRkNrdzTaJ9%2Balu7ed%2Fvc7AuIY2tq9n2xJnEfnHJ2XR%2FrqrZm2pWILW4EozdJ78%2FtX73N3%2B7z13nhhgKl35j1tH5%2F4xnvj0YAGCfa%2BvT%2FrxS4Ua2zFtQEByi6urBQZTACMauEQAKEIxyTcI%2BhWreHKcqGNAlbbWuaghM1B81JMkB4%2FdLdbe7%2F9ZwpHwhDRPVyrwa65UVwwa9b2bQvqyjZMsXqCtf337xlKHKZkQOE5SMuFNSWzOu8RB924KG0NOWe24BXoCeDH3YPtbm9noClNUA9qSmlH4FJIBVbzd3BcI4oDFPTCSllQPLdG2jXT5pQYipJX7xq2qMCuQWkup%2B5EiEY0iObSOBw0rtvK8AUT7lxbwQsOueXCgCpYdlRzktIwGTRwrluselu1LaSye99msl7IYyhxkuIgeTFfwIVVYFolLCsMKJtVPFtZs1SyLZdH4y1BKMBpD6RrpowLiRYsXDZ2UbFs1UfvIcLv3l13c3v%2B8Oydef%2Ft7jfbf88fnn%2B7uev%2B2D5Opv7o7vqZzZft%2FfB59%2FnmaTf8vTs%2FGGzub8ZZh7xH8M68h%2B7L7e7Ln%2BPyl4fh9%2FmhO7%2Ff%2FvP43Qd%2Fdbu7m1F098n9vp%2BYSmg4%2BEyDsTkUrK2MbVgJVrT1AtQxjycERckQcFdMG2Z4ZguA3C4qma0sz%2B3Fkhv4gb%2BUz%2F0QpygMsI%2B8s8k4nI2j2Rj3Y%2BaHBAVBEo7yzCeU4hj5CO0n4gSRxG3wflKO0hjFvdKFtpWUjS345TEzKYkiFPUSLqrKxlidKd4cTSuaRGE6VL2c6z6lhgjMpCi4qpmZZ9cMIA1JRIdd83cghqKyggrMKTlEw3RS3ZZM5JU7BrEalXCZxXLTiqN5mUZJSIZCqVkN9oqJHC5tLmvGj%2BuQBEmcToyXDQhlFrZR0NgaDLOLtlodBUkJHqsCGFbaJbD8eDyiIKAkHooR01ciGzL3UOSr97h9chF4sG6dXjkzzFaS5d7ZdA1EDs5Zs%2FlxYTbreuLPAH66BRfc2GGC5YW8nC3XYBRfMZvJ1hXT2Wom5YqDrZnJlq7b%2FPirRsmaa%2Fhu4z7Rnfmjln21nX01rcBWil5hl1N%2F7h6fHp0zXRt7%2F21yEogm6VhDddM3obERXnCzlK2xCnKuIDNWiurqdJcKwiSgQ60pjH2JKtY0lVxzYbnUFkSeMZWfgEnDgOyzY4%2BjNZjDhpMpYIav3fGxbNkr7T7OKsbrU0EYptGB6QW%2FtJecyZpbBW9b0EYfF49CkpC9eNZqI2tbydLygk2rKCbbrrtGsZ9uu48%2BTrrIv07ijd99vI5xuu3IhrhimpCOxnFE%2FA%2BbOPVxSj%2F66SalPgo%2BdKjboO5660pmBmEYxRj54YJgHwcR8RdkkfphmBKCAHLIC%2B%2FMS8mWRhva%2BQRvsY83Ueh3CcI%2Buu66a5p8QCTduE0hwjgKqY%2FjJPIxQcxfxDH2F1EMRVhkuAjSSV1GQYRTSn9keAMqAzGJj%2BA8CMivSWdFOa0AKUoQStLQe4POvCgIUhriAHlv0LefALqcfSFEQ6IeP0GcxCMzzLQaCWXJ6%2Fo4fQtwGsbxTEyDWoPyNc9PCJMgHLvaPt%2F6VvyzDhxHaYCTiMzOgEQ4HFTveXrt%2BFupWGWZ0BenAp%2BkBIV7HRpXkqxRLFuB0tPdowCFYRwT4rkTQDHGIZmrQjEdLVK1LSpWnsgbmiZ0pDINZAP9bAV%2F6wpd3qe2695NxTKoZ9H0PVhK4tEPJRi7XtkcajnymsWVNazk%2BTSqECEBcXeOx79%2Fc0D%2B55vNdud%2F%2FuRvNzf3u%2B0wPv%2FrcXfvTQMtjQP0ej9ieT7cPrRj7327blV1UJpMeZQGIwc4sjLZGF7zd2CzJWQrm7dNxTNm4BfciVCAoletQPR10iyhBgt1Y64syxyFsQ0TUP2fVB2hELmLxERHRwpy3ZyQi8noq71c2RPXWo5eOyGfpPGwL1waUIJVNteNi1KhG6mMPZndCAd4JEVw2fSOdDvr4apnlnLagO7CmXSY0le3Fm1V6UwBiBeSli2ZKMFKxUGYkyQRoRhTEu%2Fx1jyzGfCqDx1WZXYJvFyeuP%2FFcRSGB%2FFXyEvrbgM1F78mn6R4SLwDc0Y7MlZVC5atdP%2FPSnWKwqGYUoq%2Ba9BZJd3NsDVGClucOOSEoOAVQrZmfCionC2OibmCfkqPJAqCeJKVmYIchOGsGpjCD9v5x92D393e%2Bg%2Fb%2FzxvHT2aPmSQNH11tZD2Aha1o1SGO45PT17U0St3UXVjgSltM1nJqTEfnh%2Bfdnd20z18mu2f0oDOk3qhmMiHe0k5hXm6nQdbhAefOH%2FopuLGRRrLWdOTpXV46mBesh60BpHBiwqMLWzN9IqLExokJMWDAQpquYbDDCqUrN3lxPmzj5fjUBQjgvbGQCZru2B5Cc4izQ2469IJczBNooPcG6ozsxV7d%2BXeUZQ5rkGU0rFQz9yhl%2Br05uTlpciFpXv6Ghp%2ByRp9woc0GNu046aufDL3ZuWuAtpI5X770SnjXwh%2Bk8kc1rN8cm9FCaEzl%2FdT395%2F%2Bx9X5Nh6&pcode-icookie=JcCl7odmx0W3J1HCHie98W0xwosq6bfh3ifMNMEJKBJtpoiUa1l7OngFPJKoIxS9NRTutbHAs7s5F67txcxkQNwtn4U%3D&disable-base64=1&duid=MTczNTI0NjAzMDUxOTczMjA2Mg%3D%3D&imp-id=1&ecma-version=es2017&charset=utf-8&test-tag=7696581395458&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fhd.lordseriy.christmas&top-ancestor-undetermined=0&layout-config=%7B%22win_width%22%3A420%2C%22win_height%22%3A236%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Atrue%2C%22w%22%3A420%2C%22h%22%3A236%2C%22width%22%3A420%2C%22height%22%3A236%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A0%2C%22ad_no%22%3A0%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A0%7D&grab-orig-len=76&grab=eyJncmFiX3ZlcnNpb24iOjJ9Ckw21zYyTkw2t7KzTkwueK-2BtZqicnWZpqvveBme7cVfEr-_w%3D%3D&uniformat=true&callback=Ya%5B1471720181961%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.255.255.77 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech .maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net .captcha.yandex.net yastatic.net .maps.yandex.net .yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://hd.lordseriy.christmas/

Response headers

x-yandex-req-id: 1735246056960446-11633463822272217315-balancer-l7leveler-kubr-yp-vla-99-BAL
content-encoding: gzip
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Thu, 26 Dec 2024 20:47:36 GMT
date: Thu, 26 Dec 2024 20:47:36 GMT
last-modified: Thu, 26 Dec 2024 20:47:36 GMT
content-type: text/html; charset=windows-1251
content-security-policy: upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordseriy.christmas
x-xss-protection: 1; mode=block

GET
H2 200 reg
stat.adlook.me/ 0
44 B 53ms
52ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=j0xd5fIibVDXI5g0v0BslJ%2B6RTFML4NzzLNPfDxB%2BrMJGbisHFpsvpqsXjm6w89wQvCV5ElrUYKNk0rBcvJTKGr0rD9t9ZyFKwNsSIufc7H5wKkNV5Ep4%2Bts2MUgE8ImICtjHq2D83dOYh6ZVPUZqJ3MdtP0O%2BkZg4H0SGjsHvCVQsE1bQ1TSmAV9JoSgPsKdj4UZkJySUrmPlyyjHDaBdiHhStx4WjK24Zwh7LicdA63yJgd3WJ2Q%3D%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524605712089584&_adlk_ts=173524605712089584
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:36 GMT
server: Microsoft-IIS/10.0

GET
H2 200 vdisp.js Show response
cdn.adlook.me/js/ Frame 17C1 19 KB
0 56ms
56ms Script
application/javascript 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adlook.me/js/vdisp.js
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: da321a8f8071a3654a264f38bc8475c4cbd907bea64c33af85c1a3a578642232

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-powered-by: ASP.NET
cache: HIT
x-node: m9p-up-gc30
content-encoding: gzip
etag: "0edaa53b9b0da1:0"
accept-ranges: bytes
content-length: 6344
date: Thu, 26 Dec 2024 20:47:36 GMT
content-type: application/javascript,application/javascript;charset=utf-8
last-modified: Tue, 28 May 2024 04:41:38 GMT
server: nginx
x-cached-since: 2024-12-26T20:38:50+00:00
vary: Accept-Encoding

GET
H2 200 context.js Show response
yandex.ru/ads/system/ Frame 425E 375 KB
0 68ms
67ms Script
text/javascript 5.255.255.77
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/vdisp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.255.255.77 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

5598496c0070ad6290337c4c0e51bede2a51b21d810110c58fe03b90b4bd9f8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-robots-tag: noindex, noarchive, nofollow
x-yandex-req-id: 1735246056464922-8539766017337744543-balancer-l7leveler-kubr-yp-vla-99-BAL
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
timing-allow-origin: *
content-encoding: br
cache-control: private, max-age=3600
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
etag: "eab942d434078a975bdead8faa886417-1183758"
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Thu, 26 Dec 2024 21:47:36 GMT
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ Frame 425E 25 KB
25 KB 161ms
161ms Font
font/woff2 2a02:6b8:20::215
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

etag: "7f0cdaf91230f9789ca4162aedff612e"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sat, 27 Dec 2025 02:36:49 GMT
date: Thu, 26 Dec 2024 20:47:18 GMT
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
content-type: font/woff2
vary: Accept-Encoding
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin: *
cache-control: public, max-age=31556952
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
x-nginx-request-id: e3394aa3f20ed273
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26004

GET
H2 200 cc3eb7227602aea2a356.js Show response
yastatic.net/partner-code-bundles/1183758/ Frame 425E 20 KB
6 KB 166ms
165ms Script
text/javascript 2a02:6b8:20::215
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/1183758/cc3eb7227602aea2a356.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

0043f89180ccb535cc29be0ebcb83346e380b2e9f94078e1c5fdf598567831b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

x-robots-tag: noindex, noarchive, nofollow
content-encoding: br
etag: "1ea1abdc6b2ca5332bd9171ae9ac75d4"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sun, 27 Dec 2054 03:23:37 GMT
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 25 Dec 2024 15:06:32 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6391

GET
H2 200 5956674fd0fdd7c45be0.js Show response
yastatic.net/partner-code-bundles/1183758/ Frame 425E 17 KB
5 KB 167ms
166ms Script
text/javascript 2a02:6b8:20::215
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/1183758/5956674fd0fdd7c45be0.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

fa8ce0f9f5d78718935551066be8ab1e59b330c14c95c5e0a876ccc3ab6e5391

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

x-robots-tag: noindex, noarchive, nofollow
content-encoding: br
etag: "456399b9c1ec47d1dbc61770ec223f7c"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sun, 27 Dec 2054 03:23:37 GMT
date: Thu, 26 Dec 2024 20:47:12 GMT
last-modified: Wed, 25 Dec 2024 15:06:27 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=43200000; includeSubDomains;
cache-control: public, max-age=946708560
timing-allow-origin: *
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5312

GET
H2 200 57bcfd9e2482bf6eab12.js Show response
yastatic.net/partner-code-bundles/1183758/ Frame 425E 24 KB
8 KB 170ms
169ms Script
text/javascript 2a02:6b8:20::215
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/1183758/57bcfd9e2482bf6eab12.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

80fc30ac502073424612abfe45f0db2859aa92ce62a411b63367a7a380fe95c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

x-robots-tag: noindex, noarchive, nofollow
content-encoding: br
etag: "f2e736a01ad7eff0b8295ee7196506bb"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sun, 27 Dec 2054 03:23:37 GMT
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 25 Dec 2024 15:06:27 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
cache-control: public, max-age=946708560
timing-allow-origin: *
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7953

GET 28c60da322306eea85f3.js
yastatic.net/partner-code-bundles/1183758/ Frame 425E 0
0

GET host.js
yastatic.net/safeframe-bundles/0.83/ Frame 425E 0
0

GET 454b3fa45c64f15c3946.js
yastatic.net/partner-code-bundles/1183758/ Frame 425E 0
0

GET
H2 403 13185303 Show response
yandex.ru/ads/meta/ Frame 425E 27 B
528 B 74ms
74ms XHR
text/html 5.255.255.77
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/13185303?target-ref=https%3A%2F%2Fhd.lordseriy.christmas%2F&pcode-version=1183758&pcodever=1183758&comboblock-unencoded-vast=1&ad-session-id=2323111735246056929&target-id=60040250&pcode-test-ids=1111484%2C0%2C6%3B1173006%2C0%2C99%3B1135992%2C0%2C34%3B1184115%2C0%2C93%3B1139808%2C0%2C19%3B1164346%2C0%2C72%3B1175803%2C0%2C82%3B1175948%2C0%2C84%3B1184151%2C0%2C28%3B1174873%2C0%2C71%3B1139870%2C0%2C74%3B1175871%2C0%2C98%3B1178012%2C0%2C48%3B1174799%2C0%2C29%3B1183758%2C0%2C97&pcode-flags-map=eJyVWG1zm7gW%2Fi98DlkEEoh%2Bk%2BGANQaJSsJJutPRkNrdzTaJ9%2Balu7ed%2Fvc7AuIY2tq9n2xJnEfnHJ2XR%2FrqrZm2pWILW4EozdJ78%2FtX73N3%2B7z13nhhgKl35j1tH5%2F4xnvj0YAGCfa%2BvT%2FrxS4Ua2zFtQEByi6urBQZTACMauEQAKEIxyTcI%2BhWreHKcqGNAlbbWuaghM1B81JMkB4%2FdLdbe7%2F9ZwpHwhDRPVyrwa65UVwwa9b2bQvqyjZMsXqCtf337xlKHKZkQOE5SMuFNSWzOu8RB924KG0NOWe24BXoCeDH3YPtbm9noClNUA9qSmlH4FJIBVbzd3BcI4oDFPTCSllQPLdG2jXT5pQYipJX7xq2qMCuQWkup%2B5EiEY0iObSOBw0rtvK8AUT7lxbwQsOueXCgCpYdlRzktIwGTRwrluselu1LaSye99msl7IYyhxkuIgeTFfwIVVYFolLCsMKJtVPFtZs1SyLZdH4y1BKMBpD6RrpowLiRYsXDZ2UbFs1UfvIcLv3l13c3v%2B8Oydef%2Ft7jfbf88fnn%2B7uev%2B2D5Opv7o7vqZzZft%2FfB59%2FnmaTf8vTs%2FGGzub8ZZh7xH8M68h%2B7L7e7Ln%2BPyl4fh9%2FmhO7%2Ff%2FvP43Qd%2Fdbu7m1F098n9vp%2BYSmg4%2BEyDsTkUrK2MbVgJVrT1AtQxjycERckQcFdMG2Z4ZguA3C4qma0sz%2B3Fkhv4gb%2BUz%2F0QpygMsI%2B8s8k4nI2j2Rj3Y%2BaHBAVBEo7yzCeU4hj5CO0n4gSRxG3wflKO0hjFvdKFtpWUjS345TEzKYkiFPUSLqrKxlidKd4cTSuaRGE6VL2c6z6lhgjMpCi4qpmZZ9cMIA1JRIdd83cghqKyggrMKTlEw3RS3ZZM5JU7BrEalXCZxXLTiqN5mUZJSIZCqVkN9oqJHC5tLmvGj%2BuQBEmcToyXDQhlFrZR0NgaDLOLtlodBUkJHqsCGFbaJbD8eDyiIKAkHooR01ciGzL3UOSr97h9chF4sG6dXjkzzFaS5d7ZdA1EDs5Zs%2FlxYTbreuLPAH66BRfc2GGC5YW8nC3XYBRfMZvJ1hXT2Wom5YqDrZnJlq7b%2FPirRsmaa%2Fhu4z7Rnfmjln21nX01rcBWil5hl1N%2F7h6fHp0zXRt7%2F21yEogm6VhDddM3obERXnCzlK2xCnKuIDNWiurqdJcKwiSgQ60pjH2JKtY0lVxzYbnUFkSeMZWfgEnDgOyzY4%2BjNZjDhpMpYIav3fGxbNkr7T7OKsbrU0EYptGB6QW%2FtJecyZpbBW9b0EYfF49CkpC9eNZqI2tbydLygk2rKCbbrrtGsZ9uu48%2BTrrIv07ijd99vI5xuu3IhrhimpCOxnFE%2FA%2BbOPVxSj%2F66SalPgo%2BdKjboO5660pmBmEYxRj54YJgHwcR8RdkkfphmBKCAHLIC%2B%2FMS8mWRhva%2BQRvsY83Ueh3CcI%2Buu66a5p8QCTduE0hwjgKqY%2FjJPIxQcxfxDH2F1EMRVhkuAjSSV1GQYRTSn9keAMqAzGJj%2BA8CMivSWdFOa0AKUoQStLQe4POvCgIUhriAHlv0LefALqcfSFEQ6IeP0GcxCMzzLQaCWXJ6%2Fo4fQtwGsbxTEyDWoPyNc9PCJMgHLvaPt%2F6VvyzDhxHaYCTiMzOgEQ4HFTveXrt%2BFupWGWZ0BenAp%2BkBIV7HRpXkqxRLFuB0tPdowCFYRwT4rkTQDHGIZmrQjEdLVK1LSpWnsgbmiZ0pDINZAP9bAV%2F6wpd3qe2695NxTKoZ9H0PVhK4tEPJRi7XtkcajnymsWVNazk%2BTSqECEBcXeOx79%2Fc0D%2B55vNdud%2F%2FuRvNzf3u%2B0wPv%2FrcXfvTQMtjQP0ej9ieT7cPrRj7327blV1UJpMeZQGIwc4sjLZGF7zd2CzJWQrm7dNxTNm4BfciVCAoletQPR10iyhBgt1Y64syxyFsQ0TUP2fVB2hELmLxERHRwpy3ZyQi8noq71c2RPXWo5eOyGfpPGwL1waUIJVNteNi1KhG6mMPZndCAd4JEVw2fSOdDvr4apnlnLagO7CmXSY0le3Fm1V6UwBiBeSli2ZKMFKxUGYkyQRoRhTEu%2Fx1jyzGfCqDx1WZXYJvFyeuP%2FFcRSGB%2FFXyEvrbgM1F78mn6R4SLwDc0Y7MlZVC5atdP%2FPSnWKwqGYUoq%2Ba9BZJd3NsDVGClucOOSEoOAVQrZmfCionC2OibmCfkqPJAqCeJKVmYIchOGsGpjCD9v5x92D393e%2Bg%2Fb%2FzxvHT2aPmSQNH11tZD2Aha1o1SGO45PT17U0St3UXVjgSltM1nJqTEfnh%2Bfdnd20z18mu2f0oDOk3qhmMiHe0k5hXm6nQdbhAefOH%2FopuLGRRrLWdOTpXV46mBesh60BpHBiwqMLWzN9IqLExokJMWDAQpquYbDDCqUrN3lxPmzj5fjUBQjgvbGQCZru2B5Cc4izQ2469IJczBNooPcG6ozsxV7d%2BXeUZQ5rkGU0rFQz9yhl%2Br05uTlpciFpXv6Ghp%2ByRp9woc0GNu046aufDL3ZuWuAtpI5X770SnjXwh%2Bk8kc1rN8cm9FCaEzl%2FdT395%2F%2Bx9X5Nh6&pcode-icookie=JcCl7odmx0W3J1HCHie98W0xwosq6bfh3ifMNMEJKBJtpoiUa1l7OngFPJKoIxS9NRTutbHAs7s5F67txcxkQNwtn4U%3D&disable-base64=1&duid=MTczNTI0NjAzMDUxOTczMjA2Mg%3D%3D&imp-id=2&ecma-version=es2017&charset=utf-8&test-tag=7696581395458&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fhd.lordseriy.christmas&top-ancestor-undetermined=0&layout-config=%7B%22win_width%22%3A420%2C%22win_height%22%3A236%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Atrue%2C%22w%22%3A420%2C%22h%22%3A236%2C%22width%22%3A420%2C%22height%22%3A236%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A0%2C%22ad_no%22%3A0%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A0%7D&grab-orig-len=76&grab=eyJncmFiX3ZlcnNpb24iOjJ9Ckw21zYyTkw2t7KzTkwueK-2BtZqicnWZpqvveBme7cVfEr-_w%3D%3D&uniformat=true&callback=Ya%5B2771783892291%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.255.255.77 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech .maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net .captcha.yandex.net yastatic.net .maps.yandex.net .yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://hd.lordseriy.christmas/

Response headers

x-yandex-req-id: 1735246057204697-10266577220522167361-balancer-l7leveler-kubr-yp-vla-99-BAL
content-encoding: gzip
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Thu, 26 Dec 2024 20:47:37 GMT
date: Thu, 26 Dec 2024 20:47:37 GMT
last-modified: Thu, 26 Dec 2024 20:47:37 GMT
content-type: text/html; charset=windows-1251
content-security-policy: upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordseriy.christmas
x-xss-protection: 1; mode=block

GET
H2 200 reg
stat.adlook.me/ 0
21 B 52ms
52ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_creativeView&sc=nsc7RehY2viikqIduA0ar1G0lCAK2ueUZQ9z57c6ZPR%2FX752eYwlBouQkGuN68GBdRvJ%2F8dTc0jTGHln4qyTsPC%2FS%2BnXtCISkkhqBVGTuo6Lmy3f%2BuAcvFQ9ed8kTvwivp%2FU%2FkVofNb%2BdeY0mGygOBs98zy7N2n0IjW32AKi99gs1YNRMvT9UJVDDSZRVKO5yz3puHs1vWQVMLOutB1uYd82ntEENj3hzMnGWygJMEjMmGR9Ubv3kdZldnI%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524605718126314&_adlk_ts=173524605718126314
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:36 GMT
server: Microsoft-IIS/10.0

GET
H2 200 reg
stat.adlook.me/ 0
21 B 53ms
53ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_start&sc=8LOsJKvyNdPRmPtaAeVueZ9PCtSGNq3GWweuKUbDrfiBcsEdUuwNjTFkNo95PD5oI8v48R4aoabkQB6xDAO254J8GOtgZsO%2BogwbUA2cK8btoH3GgeC2QrTcbUNtN7KUIHFDdiGQN3J3Pp9jpJYT%2FsCE1mrNHygFXnYIDRGd2oGSc1nSQ0oq%2FxWzRd%2BJEwXQ97%2BX%2B832tEgiiCNdzn50F3j9vrNRY2LZgyKaGNmDheTktnclxGd%2FLQ%3D%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524605718298383&_adlk_ts=173524605718298383
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:36 GMT
server: Microsoft-IIS/10.0

GET
H2 200 reg
stat.adlook.me/ 0
21 B 53ms
53ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=Xs2YqbM64K3UAA%2Bg%2B%2BeajXM81DZOkWoS09Dr%2F1Vvo7POOdzTJKooiTyy6%2F7yOX2NJ027jR%2B1C2xjRJ1mgWDO63XrTfw9BchWZoCx24oh2MCCcsRdmWK72x%2FxG7DWf4Bej2RRpFoniUoj5%2BxliiuB4u0NC7NEZiqGTRPe1tr95wqfCecxn8nzFu0Kwi%2FFjwBmqijman97yvRVYIWu%2Byvgdt0jZmIJ0%2BfalKixSk%2F3gz0%2F0uGCwQwxPA%3D%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524605735572185&_adlk_ts=173524605735572185
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:36 GMT
server: Microsoft-IIS/10.0

GET
H2 200 vdisp.js Show response
cdn.adlook.me/js/ Frame 4FFB 19 KB
0 0ms
0ms Script
application/javascript 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adlook.me/js/vdisp.js
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: da321a8f8071a3654a264f38bc8475c4cbd907bea64c33af85c1a3a578642232

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-powered-by: ASP.NET
cache: HIT
x-node: m9p-up-gc30
content-encoding: gzip
etag: "0edaa53b9b0da1:0"
accept-ranges: bytes
content-length: 6344
date: Thu, 26 Dec 2024 20:47:36 GMT
content-type: application/javascript,application/javascript;charset=utf-8
last-modified: Tue, 28 May 2024 04:41:38 GMT
server: nginx
x-cached-since: 2024-12-26T20:38:50+00:00
vary: Accept-Encoding

GET
H2 200 context.js Show response
yandex.ru/ads/system/ Frame 7166 375 KB
0 0ms
0ms Script
text/javascript 5.255.255.77
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/vdisp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.255.255.77 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

5598496c0070ad6290337c4c0e51bede2a51b21d810110c58fe03b90b4bd9f8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-robots-tag: noindex, noarchive, nofollow
x-yandex-req-id: 1735246056464922-8539766017337744543-balancer-l7leveler-kubr-yp-vla-99-BAL
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
timing-allow-origin: *
content-encoding: br
cache-control: private, max-age=3600
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
etag: "eab942d434078a975bdead8faa886417-1183758"
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Thu, 26 Dec 2024 21:47:36 GMT
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ Frame 7166 25 KB
0 0ms
0ms Font
font/woff2 2a02:6b8:20::215
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software: /
Resource Hash: 033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin: *
cache-control: public, max-age=31556952
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
etag: "7f0cdaf91230f9789ca4162aedff612e"
x-nginx-request-id: e3394aa3f20ed273
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sat, 27 Dec 2025 02:36:49 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26004
date: Thu, 26 Dec 2024 20:47:18 GMT
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
content-type: font/woff2
vary: Accept-Encoding

GET
H2 200 cc3eb7227602aea2a356.js Show response
yastatic.net/partner-code-bundles/1183758/ Frame 7166 20 KB
0 1ms
1ms Script
text/javascript 2a02:6b8:20::215
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://yastatic.net/partner-code-bundles/1183758/cc3eb7227602aea2a356.js
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software: /
Resource Hash: 0043f89180ccb535cc29be0ebcb83346e380b2e9f94078e1c5fdf598567831b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

x-robots-tag: noindex, noarchive, nofollow
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin: *
content-encoding: br
cache-control: public, max-age=946708560
etag: "1ea1abdc6b2ca5332bd9171ae9ac75d4"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sun, 27 Dec 2054 03:23:37 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6391
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 25 Dec 2024 15:06:32 GMT

GET
H2 200 5956674fd0fdd7c45be0.js Show response
yastatic.net/partner-code-bundles/1183758/ Frame 7166 17 KB
0 2ms
1ms Script
text/javascript 2a02:6b8:20::215
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://yastatic.net/partner-code-bundles/1183758/5956674fd0fdd7c45be0.js
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software: /
Resource Hash: fa8ce0f9f5d78718935551066be8ab1e59b330c14c95c5e0a876ccc3ab6e5391

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

x-robots-tag: noindex, noarchive, nofollow
cache-control: public, max-age=946708560
timing-allow-origin: *
content-encoding: br
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: "456399b9c1ec47d1dbc61770ec223f7c"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sun, 27 Dec 2054 03:23:37 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5312
date: Thu, 26 Dec 2024 20:47:12 GMT
last-modified: Wed, 25 Dec 2024 15:06:27 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 57bcfd9e2482bf6eab12.js Show response
yastatic.net/partner-code-bundles/1183758/ Frame 7166 24 KB
0 2ms
2ms Script
text/javascript 2a02:6b8:20::215
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://yastatic.net/partner-code-bundles/1183758/57bcfd9e2482bf6eab12.js
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software: /
Resource Hash: 80fc30ac502073424612abfe45f0db2859aa92ce62a411b63367a7a380fe95c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

x-robots-tag: noindex, noarchive, nofollow
cache-control: public, max-age=946708560
timing-allow-origin: *
content-encoding: br
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: "f2e736a01ad7eff0b8295ee7196506bb"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sun, 27 Dec 2054 03:23:37 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7953
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 25 Dec 2024 15:06:27 GMT

GET
H2 200 28c60da322306eea85f3.js Show response
yastatic.net/partner-code-bundles/1183758/ Frame 7166 616 KB
119 KB 60ms
56ms Script
text/javascript 2a02:6b8:20::215
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/1183758/28c60da322306eea85f3.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

950d3ea33a52e3b63868c32fe075b221b10ca5aa31a98b180d7182213c7b8ea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

x-robots-tag: noindex, noarchive, nofollow
content-encoding: br
etag: "ce8d6aaf666b3d56031852fe861f259c"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sun, 27 Dec 2054 03:23:37 GMT
date: Thu, 26 Dec 2024 20:47:12 GMT
last-modified: Wed, 25 Dec 2024 15:06:26 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=43200000; includeSubDomains;
cache-control: public, max-age=946708560
timing-allow-origin: *
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 121976

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ Frame 7166 33 KB
9 KB 71ms
68ms Script
text/javascript 2a02:6b8:20::215
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

x-robots-tag: noindex, noarchive, nofollow
content-encoding: br
etag: "f80882bf67cf261aa08d636da095149a"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sun, 27 Dec 2054 03:23:37 GMT
date: Thu, 26 Dec 2024 20:47:12 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
cache-control: public, max-age=946708560
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8878

GET
H2 200 454b3fa45c64f15c3946.js Show response
yastatic.net/partner-code-bundles/1183758/ Frame 7166 114 KB
24 KB 73ms
70ms Script
text/javascript 2a02:6b8:20::215
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/1183758/454b3fa45c64f15c3946.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

f44fd5d3e4ef91db81aa29db7216c4ab17feada8c779fc168e3d13364136610a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

x-robots-tag: noindex, noarchive, nofollow
content-encoding: br
etag: "9c35ad150317f2afb3591b412dfad6a4"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sun, 27 Dec 2054 03:23:37 GMT
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 25 Dec 2024 15:06:27 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
cache-control: public, max-age=946708560
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24474

GET
H2 403 13185303 Show response
yandex.ru/ads/meta/ Frame 7166 27 B
245 B 76ms
76ms XHR
text/html 5.255.255.77
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/13185303?target-ref=https%3A%2F%2Fhd.lordseriy.christmas%2F&pcode-version=1183758&pcodever=1183758&comboblock-unencoded-vast=1&ad-session-id=2323111735246056929&target-id=23757484&pcode-test-ids=1111484%2C0%2C6%3B1173006%2C0%2C99%3B1135992%2C0%2C34%3B1184115%2C0%2C93%3B1139808%2C0%2C19%3B1164346%2C0%2C72%3B1175803%2C0%2C82%3B1175948%2C0%2C84%3B1184151%2C0%2C28%3B1174873%2C0%2C71%3B1139870%2C0%2C74%3B1175871%2C0%2C98%3B1178012%2C0%2C48%3B1174799%2C0%2C29%3B1183758%2C0%2C97&pcode-flags-map=eJyVWG1zm7gW%2Fi98DlkEEoh%2Bk%2BGANQaJSsJJutPRkNrdzTaJ9%2Balu7ed%2Fvc7AuIY2tq9n2xJnEfnHJ2XR%2FrqrZm2pWILW4EozdJ78%2FtX73N3%2B7z13nhhgKl35j1tH5%2F4xnvj0YAGCfa%2BvT%2FrxS4Ua2zFtQEByi6urBQZTACMauEQAKEIxyTcI%2BhWreHKcqGNAlbbWuaghM1B81JMkB4%2FdLdbe7%2F9ZwpHwhDRPVyrwa65UVwwa9b2bQvqyjZMsXqCtf337xlKHKZkQOE5SMuFNSWzOu8RB924KG0NOWe24BXoCeDH3YPtbm9noClNUA9qSmlH4FJIBVbzd3BcI4oDFPTCSllQPLdG2jXT5pQYipJX7xq2qMCuQWkup%2B5EiEY0iObSOBw0rtvK8AUT7lxbwQsOueXCgCpYdlRzktIwGTRwrluselu1LaSye99msl7IYyhxkuIgeTFfwIVVYFolLCsMKJtVPFtZs1SyLZdH4y1BKMBpD6RrpowLiRYsXDZ2UbFs1UfvIcLv3l13c3v%2B8Oydef%2Ft7jfbf88fnn%2B7uev%2B2D5Opv7o7vqZzZft%2FfB59%2FnmaTf8vTs%2FGGzub8ZZh7xH8M68h%2B7L7e7Ln%2BPyl4fh9%2FmhO7%2Ff%2FvP43Qd%2Fdbu7m1F098n9vp%2BYSmg4%2BEyDsTkUrK2MbVgJVrT1AtQxjycERckQcFdMG2Z4ZguA3C4qma0sz%2B3Fkhv4gb%2BUz%2F0QpygMsI%2B8s8k4nI2j2Rj3Y%2BaHBAVBEo7yzCeU4hj5CO0n4gSRxG3wflKO0hjFvdKFtpWUjS345TEzKYkiFPUSLqrKxlidKd4cTSuaRGE6VL2c6z6lhgjMpCi4qpmZZ9cMIA1JRIdd83cghqKyggrMKTlEw3RS3ZZM5JU7BrEalXCZxXLTiqN5mUZJSIZCqVkN9oqJHC5tLmvGj%2BuQBEmcToyXDQhlFrZR0NgaDLOLtlodBUkJHqsCGFbaJbD8eDyiIKAkHooR01ciGzL3UOSr97h9chF4sG6dXjkzzFaS5d7ZdA1EDs5Zs%2FlxYTbreuLPAH66BRfc2GGC5YW8nC3XYBRfMZvJ1hXT2Wom5YqDrZnJlq7b%2FPirRsmaa%2Fhu4z7Rnfmjln21nX01rcBWil5hl1N%2F7h6fHp0zXRt7%2F21yEogm6VhDddM3obERXnCzlK2xCnKuIDNWiurqdJcKwiSgQ60pjH2JKtY0lVxzYbnUFkSeMZWfgEnDgOyzY4%2BjNZjDhpMpYIav3fGxbNkr7T7OKsbrU0EYptGB6QW%2FtJecyZpbBW9b0EYfF49CkpC9eNZqI2tbydLygk2rKCbbrrtGsZ9uu48%2BTrrIv07ijd99vI5xuu3IhrhimpCOxnFE%2FA%2BbOPVxSj%2F66SalPgo%2BdKjboO5660pmBmEYxRj54YJgHwcR8RdkkfphmBKCAHLIC%2B%2FMS8mWRhva%2BQRvsY83Ueh3CcI%2Buu66a5p8QCTduE0hwjgKqY%2FjJPIxQcxfxDH2F1EMRVhkuAjSSV1GQYRTSn9keAMqAzGJj%2BA8CMivSWdFOa0AKUoQStLQe4POvCgIUhriAHlv0LefALqcfSFEQ6IeP0GcxCMzzLQaCWXJ6%2Fo4fQtwGsbxTEyDWoPyNc9PCJMgHLvaPt%2F6VvyzDhxHaYCTiMzOgEQ4HFTveXrt%2BFupWGWZ0BenAp%2BkBIV7HRpXkqxRLFuB0tPdowCFYRwT4rkTQDHGIZmrQjEdLVK1LSpWnsgbmiZ0pDINZAP9bAV%2F6wpd3qe2695NxTKoZ9H0PVhK4tEPJRi7XtkcajnymsWVNazk%2BTSqECEBcXeOx79%2Fc0D%2B55vNdud%2F%2FuRvNzf3u%2B0wPv%2FrcXfvTQMtjQP0ej9ieT7cPrRj7327blV1UJpMeZQGIwc4sjLZGF7zd2CzJWQrm7dNxTNm4BfciVCAoletQPR10iyhBgt1Y64syxyFsQ0TUP2fVB2hELmLxERHRwpy3ZyQi8noq71c2RPXWo5eOyGfpPGwL1waUIJVNteNi1KhG6mMPZndCAd4JEVw2fSOdDvr4apnlnLagO7CmXSY0le3Fm1V6UwBiBeSli2ZKMFKxUGYkyQRoRhTEu%2Fx1jyzGfCqDx1WZXYJvFyeuP%2FFcRSGB%2FFXyEvrbgM1F78mn6R4SLwDc0Y7MlZVC5atdP%2FPSnWKwqGYUoq%2Ba9BZJd3NsDVGClucOOSEoOAVQrZmfCionC2OibmCfkqPJAqCeJKVmYIchOGsGpjCD9v5x92D393e%2Bg%2Fb%2FzxvHT2aPmSQNH11tZD2Aha1o1SGO45PT17U0St3UXVjgSltM1nJqTEfnh%2Bfdnd20z18mu2f0oDOk3qhmMiHe0k5hXm6nQdbhAefOH%2FopuLGRRrLWdOTpXV46mBesh60BpHBiwqMLWzN9IqLExokJMWDAQpquYbDDCqUrN3lxPmzj5fjUBQjgvbGQCZru2B5Cc4izQ2469IJczBNooPcG6ozsxV7d%2BXeUZQ5rkGU0rFQz9yhl%2Br05uTlpciFpXv6Ghp%2ByRp9woc0GNu046aufDL3ZuWuAtpI5X770SnjXwh%2Bk8kc1rN8cm9FCaEzl%2FdT395%2F%2Bx9X5Nh6&pcode-icookie=JcCl7odmx0W3J1HCHie98W0xwosq6bfh3ifMNMEJKBJtpoiUa1l7OngFPJKoIxS9NRTutbHAs7s5F67txcxkQNwtn4U%3D&disable-base64=1&duid=MTczNTI0NjAzMDUxOTczMjA2Mg%3D%3D&imp-id=3&ecma-version=es2017&charset=utf-8&test-tag=7696581395458&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fhd.lordseriy.christmas&top-ancestor-undetermined=0&layout-config=%7B%22win_width%22%3A420%2C%22win_height%22%3A236%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Atrue%2C%22w%22%3A420%2C%22h%22%3A236%2C%22width%22%3A420%2C%22height%22%3A236%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A0%2C%22ad_no%22%3A0%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A0%7D&grab-orig-len=76&grab=eyJncmFiX3ZlcnNpb24iOjJ9Ckw21zYyTkw2t7KzTkwueK-2BtZqicnWZpqvveBme7cVfEr-_w%3D%3D&uniformat=true&callback=Ya%5B4432299534522%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.255.255.77 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech .maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net .captcha.yandex.net yastatic.net .maps.yandex.net .yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://hd.lordseriy.christmas/

Response headers

x-yandex-req-id: 1735246057440308-1696571384698154301-balancer-l7leveler-kubr-yp-vla-99-BAL
content-encoding: gzip
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Thu, 26 Dec 2024 20:47:37 GMT
date: Thu, 26 Dec 2024 20:47:37 GMT
last-modified: Thu, 26 Dec 2024 20:47:37 GMT
content-type: text/html; charset=windows-1251
content-security-policy: upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordseriy.christmas
x-xss-protection: 1; mode=block

GET
H2 200 reg
stat.adlook.me/ 0
21 B 52ms
52ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_creativeView&sc=0gRYKd%2F5DmfieiPXAywq43MrzJy3ZAYrF6b3KIo9lVBHtgM%2BdXcZL1zRnAfD3hBlkoeEO9mPQzLeO5l3SPwESYp%2B25Y3yvpPw51dfHw30GsMtaoNQOQqn84%2BlcYKW%2FAswT2D%2BI9a%2FB3GKi0%2BBI%2FBDDq9Z0ukK0XrZlXvUQqE%2FWxl6ReelToVxwFjNWFtR%2BIHjteEz6SRVQ9t2%2BviuhyDB086PAZqgqYqETs5DZISgu1vROtn0JXK6K9%2Fte0%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524605741915434&_adlk_ts=173524605741915434
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:36 GMT
server: Microsoft-IIS/10.0

GET
H2 200 reg
stat.adlook.me/ 0
21 B 53ms
53ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_start&sc=KvTn8py%2FSPgncGTw3ZcP2EX%2BwmxgZNuSwFAT1yJNh5fOXWBzNrQeNc7WwzSDkbyByWos%2FqHT%2F4fW9lweYBxkEqrYaEGg80PLQi%2FoQsGTEA0bFUlqVR2cYnxVNHvGU11YSN8VHMdDimwynetwd4c3NW%2B6RVu8Ck71L6TJqfTBLGwCPWKcbM6XQl1HoCSGPIiPS2CzjxnZqNXq1Uqc%2BWHjrhahjsCFvv5XyhMT2MNdkCW0h68g3bR9zQ%3D%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524605742039401&_adlk_ts=173524605742039401
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:36 GMT
server: Microsoft-IIS/10.0

GET watch.js
mc.yandex.ru/metrika/ Frame 7166 0
0

GET
H2 200 reg
stat.adlook.me/ 0
21 B 51ms
51ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_request&sc=f1nyC4xtGistq46x5sNmz%2Fv%2FFmpRVVoku6HcDDWz%2FXwN5PnumccU6CWv7NMlh1QSahqJoEK8V4NZckCOsOe8RpKfkgRF7KTyV2z9SnmLZ3Jne%2F%2FWIsyzQv6QwxD0x7krV2e%2FTVqOdwF9dOq3fpkRqj5D7OaF4nZtxdM2FLSEp0dYetODhU%2BkBABZXkYTERSs0iKGunExHm9oyQkmAdsuUSzRwT6C%2Bo8siS0nzQXZIRpoJkFzG2Isjg%3D%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524605760144512&_adlk_ts=173524605760144512
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:36 GMT
server: Microsoft-IIS/10.0

GET
H2 200 vdisp.js Show response
cdn.adlook.me/js/ Frame 2C3C 19 KB
0 0ms
0ms Script
application/javascript 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adlook.me/js/vdisp.js
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: da321a8f8071a3654a264f38bc8475c4cbd907bea64c33af85c1a3a578642232

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-powered-by: ASP.NET
cache: HIT
x-node: m9p-up-gc30
content-encoding: gzip
etag: "0edaa53b9b0da1:0"
accept-ranges: bytes
content-length: 6344
date: Thu, 26 Dec 2024 20:47:36 GMT
content-type: application/javascript,application/javascript;charset=utf-8
last-modified: Tue, 28 May 2024 04:41:38 GMT
server: nginx
x-cached-since: 2024-12-26T20:38:50+00:00
vary: Accept-Encoding

GET
H2 200 context.js Show response
yandex.ru/ads/system/ Frame 6BCF 375 KB
0 0ms
0ms Script
text/javascript 5.255.255.77
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/vdisp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.255.255.77 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

5598496c0070ad6290337c4c0e51bede2a51b21d810110c58fe03b90b4bd9f8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

x-robots-tag: noindex, noarchive, nofollow
x-yandex-req-id: 1735246056464922-8539766017337744543-balancer-l7leveler-kubr-yp-vla-99-BAL
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
timing-allow-origin: *
content-encoding: br
cache-control: private, max-age=3600
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
etag: "eab942d434078a975bdead8faa886417-1183758"
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Thu, 26 Dec 2024 21:47:36 GMT
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ Frame 6BCF 25 KB
0 0ms
0ms Font
font/woff2 2a02:6b8:20::215
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin: *
cache-control: public, max-age=31556952
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
etag: "7f0cdaf91230f9789ca4162aedff612e"
x-nginx-request-id: e3394aa3f20ed273
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sat, 27 Dec 2025 02:36:49 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26004
date: Thu, 26 Dec 2024 20:47:18 GMT
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
content-type: font/woff2
vary: Accept-Encoding

GET
H2 200 cc3eb7227602aea2a356.js Show response
yastatic.net/partner-code-bundles/1183758/ Frame 6BCF 20 KB
0 1ms
1ms Script
text/javascript 2a02:6b8:20::215
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://yastatic.net/partner-code-bundles/1183758/cc3eb7227602aea2a356.js
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software: /
Resource Hash: 0043f89180ccb535cc29be0ebcb83346e380b2e9f94078e1c5fdf598567831b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

x-robots-tag: noindex, noarchive, nofollow
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin: *
content-encoding: br
cache-control: public, max-age=946708560
etag: "1ea1abdc6b2ca5332bd9171ae9ac75d4"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sun, 27 Dec 2054 03:23:37 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6391
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 25 Dec 2024 15:06:32 GMT

GET
H2 200 5956674fd0fdd7c45be0.js Show response
yastatic.net/partner-code-bundles/1183758/ Frame 6BCF 17 KB
0 2ms
1ms Script
text/javascript 2a02:6b8:20::215
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://yastatic.net/partner-code-bundles/1183758/5956674fd0fdd7c45be0.js
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software: /
Resource Hash: fa8ce0f9f5d78718935551066be8ab1e59b330c14c95c5e0a876ccc3ab6e5391

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

x-robots-tag: noindex, noarchive, nofollow
cache-control: public, max-age=946708560
timing-allow-origin: *
content-encoding: br
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: "456399b9c1ec47d1dbc61770ec223f7c"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sun, 27 Dec 2054 03:23:37 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5312
date: Thu, 26 Dec 2024 20:47:12 GMT
last-modified: Wed, 25 Dec 2024 15:06:27 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 57bcfd9e2482bf6eab12.js Show response
yastatic.net/partner-code-bundles/1183758/ Frame 6BCF 24 KB
0 2ms
2ms Script
text/javascript 2a02:6b8:20::215
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://yastatic.net/partner-code-bundles/1183758/57bcfd9e2482bf6eab12.js
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software: /
Resource Hash: 80fc30ac502073424612abfe45f0db2859aa92ce62a411b63367a7a380fe95c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

x-robots-tag: noindex, noarchive, nofollow
cache-control: public, max-age=946708560
timing-allow-origin: *
content-encoding: br
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: "f2e736a01ad7eff0b8295ee7196506bb"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sun, 27 Dec 2054 03:23:37 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7953
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 25 Dec 2024 15:06:27 GMT

GET
H2 200 28c60da322306eea85f3.js Show response
yastatic.net/partner-code-bundles/1183758/ Frame 6BCF 616 KB
0 60ms
56ms Script
text/javascript 2a02:6b8:20::215
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/1183758/28c60da322306eea85f3.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

950d3ea33a52e3b63868c32fe075b221b10ca5aa31a98b180d7182213c7b8ea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

x-robots-tag: noindex, noarchive, nofollow
content-encoding: br
etag: "ce8d6aaf666b3d56031852fe861f259c"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sun, 27 Dec 2054 03:23:37 GMT
date: Thu, 26 Dec 2024 20:47:12 GMT
last-modified: Wed, 25 Dec 2024 15:06:26 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=43200000; includeSubDomains;
cache-control: public, max-age=946708560
timing-allow-origin: *
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 121976

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ Frame 6BCF 33 KB
0 71ms
68ms Script
text/javascript 2a02:6b8:20::215
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

x-robots-tag: noindex, noarchive, nofollow
content-encoding: br
etag: "f80882bf67cf261aa08d636da095149a"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sun, 27 Dec 2054 03:23:37 GMT
date: Thu, 26 Dec 2024 20:47:12 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
cache-control: public, max-age=946708560
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8878

GET
H2 200 454b3fa45c64f15c3946.js Show response
yastatic.net/partner-code-bundles/1183758/ Frame 6BCF 114 KB
0 73ms
70ms Script
text/javascript 2a02:6b8:20::215
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/1183758/454b3fa45c64f15c3946.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

f44fd5d3e4ef91db81aa29db7216c4ab17feada8c779fc168e3d13364136610a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://hd.lordseriy.christmas
Referer: https://hd.lordseriy.christmas/

Response headers

x-robots-tag: noindex, noarchive, nofollow
content-encoding: br
etag: "9c35ad150317f2afb3591b412dfad6a4"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sun, 27 Dec 2054 03:23:37 GMT
date: Thu, 26 Dec 2024 20:47:12 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 25 Dec 2024 15:06:27 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
cache-control: public, max-age=946708560
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24474

GET
H2 403 13325526 Show response
yandex.ru/ads/meta/ Frame 6BCF 27 B
156 B 75ms
75ms XHR
text/html 5.255.255.77
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/13325526?target-ref=https%3A%2F%2Fhd.lordseriy.christmas%2F&pcode-version=1183758&pcodever=1183758&comboblock-unencoded-vast=1&ad-session-id=2323111735246056929&target-id=43707646&pcode-test-ids=1111484%2C0%2C6%3B1173006%2C0%2C99%3B1135992%2C0%2C34%3B1184115%2C0%2C93%3B1139808%2C0%2C19%3B1164346%2C0%2C72%3B1175803%2C0%2C82%3B1175948%2C0%2C84%3B1184151%2C0%2C28%3B1174873%2C0%2C71%3B1139870%2C0%2C74%3B1175871%2C0%2C98%3B1178012%2C0%2C48%3B1174799%2C0%2C29%3B1183758%2C0%2C97&pcode-flags-map=eJyVWG1zm7gW%2Fi98DlkEEoh%2Bk%2BGANQaJSsJJutPRkNrdzTaJ9%2Balu7ed%2Fvc7AuIY2tq9n2xJnEfnHJ2XR%2FrqrZm2pWILW4EozdJ78%2FtX73N3%2B7z13nhhgKl35j1tH5%2F4xnvj0YAGCfa%2BvT%2FrxS4Ua2zFtQEByi6urBQZTACMauEQAKEIxyTcI%2BhWreHKcqGNAlbbWuaghM1B81JMkB4%2FdLdbe7%2F9ZwpHwhDRPVyrwa65UVwwa9b2bQvqyjZMsXqCtf337xlKHKZkQOE5SMuFNSWzOu8RB924KG0NOWe24BXoCeDH3YPtbm9noClNUA9qSmlH4FJIBVbzd3BcI4oDFPTCSllQPLdG2jXT5pQYipJX7xq2qMCuQWkup%2B5EiEY0iObSOBw0rtvK8AUT7lxbwQsOueXCgCpYdlRzktIwGTRwrluselu1LaSye99msl7IYyhxkuIgeTFfwIVVYFolLCsMKJtVPFtZs1SyLZdH4y1BKMBpD6RrpowLiRYsXDZ2UbFs1UfvIcLv3l13c3v%2B8Oydef%2Ft7jfbf88fnn%2B7uev%2B2D5Opv7o7vqZzZft%2FfB59%2FnmaTf8vTs%2FGGzub8ZZh7xH8M68h%2B7L7e7Ln%2BPyl4fh9%2FmhO7%2Ff%2FvP43Qd%2Fdbu7m1F098n9vp%2BYSmg4%2BEyDsTkUrK2MbVgJVrT1AtQxjycERckQcFdMG2Z4ZguA3C4qma0sz%2B3Fkhv4gb%2BUz%2F0QpygMsI%2B8s8k4nI2j2Rj3Y%2BaHBAVBEo7yzCeU4hj5CO0n4gSRxG3wflKO0hjFvdKFtpWUjS345TEzKYkiFPUSLqrKxlidKd4cTSuaRGE6VL2c6z6lhgjMpCi4qpmZZ9cMIA1JRIdd83cghqKyggrMKTlEw3RS3ZZM5JU7BrEalXCZxXLTiqN5mUZJSIZCqVkN9oqJHC5tLmvGj%2BuQBEmcToyXDQhlFrZR0NgaDLOLtlodBUkJHqsCGFbaJbD8eDyiIKAkHooR01ciGzL3UOSr97h9chF4sG6dXjkzzFaS5d7ZdA1EDs5Zs%2FlxYTbreuLPAH66BRfc2GGC5YW8nC3XYBRfMZvJ1hXT2Wom5YqDrZnJlq7b%2FPirRsmaa%2Fhu4z7Rnfmjln21nX01rcBWil5hl1N%2F7h6fHp0zXRt7%2F21yEogm6VhDddM3obERXnCzlK2xCnKuIDNWiurqdJcKwiSgQ60pjH2JKtY0lVxzYbnUFkSeMZWfgEnDgOyzY4%2BjNZjDhpMpYIav3fGxbNkr7T7OKsbrU0EYptGB6QW%2FtJecyZpbBW9b0EYfF49CkpC9eNZqI2tbydLygk2rKCbbrrtGsZ9uu48%2BTrrIv07ijd99vI5xuu3IhrhimpCOxnFE%2FA%2BbOPVxSj%2F66SalPgo%2BdKjboO5660pmBmEYxRj54YJgHwcR8RdkkfphmBKCAHLIC%2B%2FMS8mWRhva%2BQRvsY83Ueh3CcI%2Buu66a5p8QCTduE0hwjgKqY%2FjJPIxQcxfxDH2F1EMRVhkuAjSSV1GQYRTSn9keAMqAzGJj%2BA8CMivSWdFOa0AKUoQStLQe4POvCgIUhriAHlv0LefALqcfSFEQ6IeP0GcxCMzzLQaCWXJ6%2Fo4fQtwGsbxTEyDWoPyNc9PCJMgHLvaPt%2F6VvyzDhxHaYCTiMzOgEQ4HFTveXrt%2BFupWGWZ0BenAp%2BkBIV7HRpXkqxRLFuB0tPdowCFYRwT4rkTQDHGIZmrQjEdLVK1LSpWnsgbmiZ0pDINZAP9bAV%2F6wpd3qe2695NxTKoZ9H0PVhK4tEPJRi7XtkcajnymsWVNazk%2BTSqECEBcXeOx79%2Fc0D%2B55vNdud%2F%2FuRvNzf3u%2B0wPv%2FrcXfvTQMtjQP0ej9ieT7cPrRj7327blV1UJpMeZQGIwc4sjLZGF7zd2CzJWQrm7dNxTNm4BfciVCAoletQPR10iyhBgt1Y64syxyFsQ0TUP2fVB2hELmLxERHRwpy3ZyQi8noq71c2RPXWo5eOyGfpPGwL1waUIJVNteNi1KhG6mMPZndCAd4JEVw2fSOdDvr4apnlnLagO7CmXSY0le3Fm1V6UwBiBeSli2ZKMFKxUGYkyQRoRhTEu%2Fx1jyzGfCqDx1WZXYJvFyeuP%2FFcRSGB%2FFXyEvrbgM1F78mn6R4SLwDc0Y7MlZVC5atdP%2FPSnWKwqGYUoq%2Ba9BZJd3NsDVGClucOOSEoOAVQrZmfCionC2OibmCfkqPJAqCeJKVmYIchOGsGpjCD9v5x92D393e%2Bg%2Fb%2FzxvHT2aPmSQNH11tZD2Aha1o1SGO45PT17U0St3UXVjgSltM1nJqTEfnh%2Bfdnd20z18mu2f0oDOk3qhmMiHe0k5hXm6nQdbhAefOH%2FopuLGRRrLWdOTpXV46mBesh60BpHBiwqMLWzN9IqLExokJMWDAQpquYbDDCqUrN3lxPmzj5fjUBQjgvbGQCZru2B5Cc4izQ2469IJczBNooPcG6ozsxV7d%2BXeUZQ5rkGU0rFQz9yhl%2Br05uTlpciFpXv6Ghp%2ByRp9woc0GNu046aufDL3ZuWuAtpI5X770SnjXwh%2Bk8kc1rN8cm9FCaEzl%2FdT395%2F%2Bx9X5Nh6&pcode-icookie=JcCl7odmx0W3J1HCHie98W0xwosq6bfh3ifMNMEJKBJtpoiUa1l7OngFPJKoIxS9NRTutbHAs7s5F67txcxkQNwtn4U%3D&disable-base64=1&duid=MTczNTI0NjAzMDUxOTczMjA2Mg%3D%3D&imp-id=1&ecma-version=es2017&charset=utf-8&test-tag=7696581395458&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fhd.lordseriy.christmas&top-ancestor-undetermined=0&layout-config=%7B%22win_width%22%3A420%2C%22win_height%22%3A236%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Atrue%2C%22w%22%3A420%2C%22h%22%3A236%2C%22width%22%3A420%2C%22height%22%3A236%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A0%2C%22ad_no%22%3A0%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A0%7D&grab-orig-len=76&grab=eyJncmFiX3ZlcnNpb24iOjJ9Ckw21zYyTkw2t7KzTkwueK-2BtZqicnWZpqvveBme7cVfEr-_w%3D%3D&uniformat=true&callback=Ya%5B3304576545368%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

5.255.255.77 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech .maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net .captcha.yandex.net yastatic.net .maps.yandex.net .yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://hd.lordseriy.christmas/

Response headers

x-yandex-req-id: 1735246057676787-1028937471282446704-balancer-l7leveler-kubr-yp-vla-99-BAL
content-encoding: gzip
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Thu, 26 Dec 2024 20:47:37 GMT
date: Thu, 26 Dec 2024 20:47:37 GMT
last-modified: Thu, 26 Dec 2024 20:47:37 GMT
content-type: text/html; charset=windows-1251
content-security-policy: upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
timing-allow-origin: *
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
access-control-allow-credentials: true
access-control-allow-origin: https://hd.lordseriy.christmas
x-xss-protection: 1; mode=block

GET
H2 200 reg
stat.adlook.me/ 0
21 B 52ms
52ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_creativeView&sc=6sPOr9n8d6E72h3K3TjaeZgeJE3TVSCpuYtjJY8O1%2Frjg3zofEjlN4upqDAuMuGtb1zAQq4qxqE7xYrXneQFqVDaCsNuWdoiHFNW2OTBgIHvLst%2FV8Y9IT1S5s5BT%2F%2F%2BWXCqDOe3Bg3ZQlTCg7TMG5OQ3J7DtpLd60wZESp%2FE33dtxXQDy2uM1MuXBPVO6LX8LdRP0odAvRe3wn0LZ0A0i3hIAeM4CrA11nuodmTPX00LIMrfi6zDhtDaq8%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524605766248361&_adlk_ts=173524605766248361
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:36 GMT
server: Microsoft-IIS/10.0

GET
H2 200 reg
stat.adlook.me/ 0
21 B 54ms
53ms Image
text/plain 78.140.242.74
AS-ITGLOBALCOM-RU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.adlook.me/reg?st=vast.supply,vast.demand,nroa.demand&ev=cli_start&sc=CD3w%2FvV%2BDDU8R3Dv%2FzOfmwAUJFfuMvJnetxziIA%2BDLR7gT6MvOpYGx3TmxT9L%2F1SQavLEirTG5uWUjVhuQeFdRGvDVpSPh%2F7%2FE%2Bz%2FaeZB5%2BaiQx12nzGpCO9WEXZ8kwJN7NcY0jbWnc8d1ZdsyEL%2FCTFC9flDHYSalv%2BZZ%2BnPZL05fFkpRJUC5%2BxPU2zm%2BGpzMMK0XkN96q8w5ni%2BS6swEqTMAP2NRgg4n7fid94XRbshstzlmmJZQ%3D%3D&r=https%3A%2F%2Fhd.lordseriy.christmas%2F&eo=&cb=173524605766288673&_adlk_ts=173524605766288673
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.242.74 Moscow, Russian Federation, ASN209974 (AS-ITGLOBALCOM-RU ITGLOBALCOM RUS LLC, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://hd.lordseriy.christmas/

Response headers

date: Thu, 26 Dec 2024 20:47:36 GMT
server: Microsoft-IIS/10.0

GET watch.js
mc.yandex.ru/metrika/ Frame 6BCF 0
0

POST
H2 200 99270249
mc.yandex.com/webvisor/ 43 B
0 68ms
64ms Fetch
image/gif 2a02:6b8::1:119
YANDEX YANDEX LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/99270249?wv-part=10&wv-type=7&wmode=0&wv-hit=80971784&page-url=https%3A%2F%2Fhd.lordseriy.christmas%2F&rn=342391653&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1735246059%3Aw%3A1600x1200%3Av%3A1551%3Az%3A60%3Ai%3A20241226214738%3Au%3A1735246030519732062%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1735246059&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://hd.lordseriy.christmas/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 26-Dec-2024 20:47:38 GMT
access-control-allow-origin: https://hd.lordseriy.christmas
content-length: 43
date: Thu, 26 Dec 2024 20:47:38 GMT
x-xss-protection: 1; mode=block
content-type: image/gif
last-modified: Thu, 26-Dec-2024 20:47:38 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.adlook.me
URL: https://cdn.adlook.me/vast/vk-vdisp/vk-vdisp-25-1.xml

Domain: cdn.adlook.me
URL: https://cdn.adlook.me/vast/vk-vdisp/vk-vdisp-40-1.xml

Domain: cdn.adlook.me
URL: https://cdn.adlook.me/vast/ya-vdisp/y5zona-ru-ya-vdisp-1.xml

Domain: cdn.adlook.me
URL: https://cdn.adlook.me/vast/ya-vdisp/y5zona-ru-ya-vdisp-2.xml

Domain: cdn.adlook.me
URL: https://cdn.adlook.me/vast/ya-vdisp/y5zona-ru-ya-vdisp-3.xml

Domain: cdn.adlook.me
URL: https://cdn.adlook.me/vast/ya-vdisp/lordseriyl-ru-ya-vdisp-1.xml

Domain: gomatching.gomatching-54-prod.svc.cluster.local
URL: https://gomatching.gomatching-54-prod.svc.cluster.local/match/AdLook?id=

Domain: rtb.com.ru
URL: https://rtb.com.ru/otmrtb-sync?uid=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D

Domain: 7452824949490489945-otm.ops.beeline.ru
URL: https://7452824949490489945-otm.ops.beeline.ru/p?ssp=otm&id=7452824949490489945

Domain: sync.upravel.com
URL: https://sync.upravel.com/https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fmgcomm%3Fid%3D%7BUID%7D

Domain: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Domain: ad.mail.ru
URL: https://ad.mail.ru/static/render-runner.js

Domain: ad.mail.ru
URL: https://ad.mail.ru/adman3/stats/tech

Domain: ad.mail.ru
URL: https://ad.mail.ru/adman3/stats/tech

Domain: yastatic.net
URL: https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Domain: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1183758/cc3eb7227602aea2a356.js

Domain: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1183758/5956674fd0fdd7c45be0.js

Domain: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1183758/57bcfd9e2482bf6eab12.js

Domain: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1183758/28c60da322306eea85f3.js

Domain: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Domain: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1183758/454b3fa45c64f15c3946.js

Domain: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1183758/28c60da322306eea85f3.js

Domain: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Domain: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1183758/454b3fa45c64f15c3946.js

Domain: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Domain: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

163 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.instreamvideo.ru/core/	1970-01-21 11:36:46	Name: idntfy Value: VUf9hvCPZuAANkV
.mediatoday.ru/core/	1970-01-21 11:36:46	Name: idntfy Value: VUf9hvCPZuAANkV
.otclick-adv.ru/core/	1970-01-21 11:36:46	Name: idntfy Value: VUf9hvCPZuAANkV
.catsnetwork.ru/core	1970-01-21 11:36:46	Name: idntfy Value: VUf9hvCPZuAANkV
kimberlite.io/rtb	1970-01-21 02:00:46	Name: n Value: 1
kimberlite.io/rtb	1970-01-21 02:10:50	Name: da Value: UX4CYAAAAAHG83ZVAAAAAQtEsPgAAAABQHY_DAAAAAFnkJYmAAAAAQ
kimberlite.io/rtb	1970-01-21 02:10:50	Name: as Value: 14oEL2dtwNI4WsfhZ23A0EmLGAVnbcDScXJpLGdtwM8hVx6-Z23A0ITyfwhnbcDP-WrUeGdtwNL3tRJ3Z23Azw
.instreamvideo.ru/c/	1970-01-21 11:36:46	Name: idntfy Value: VUf9hvCPZuAANkV
.mediatoday.ru/c/	1970-01-21 11:36:46	Name: idntfy Value: VUf9hvCPZuAANkV
.otclick-adv.ru/c/	1970-01-21 11:36:46	Name: idntfy Value: VUf9hvCPZuAANkV
hd.lordseriy.christmas/	1969-12-31 23:59:59	Name: PHPSESSID Value: f467a65253840a9137013aa391212b6c
.yandex.ru/	1970-01-21 10:46:22	Name: yashr Value: 592293421735246030
.lordseriy.christmas/	1970-01-21 10:46:22	Name: _ym_uid Value: 1735246030519732062
.lordseriy.christmas/	1970-01-21 10:46:22	Name: _ym_d Value: 1735246030
.mc.yandex.com/	1970-01-21 02:00:46	Name: sync_cookie_csrf Value: 1695500381fake
.lordseriy.christmas/	1970-01-21 02:01:58	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-21 02:00:46	Name: sync_cookie_csrf Value: 2497270038fake
.mc.yandex.com/	1970-01-21 02:02:12	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 10:46:22	Name: yandexuid Value: 8144876071735246030
.yandex.ru/	1970-01-21 10:46:22	Name: yuidss Value: 8144876071735246030
.yandex.ru/	1970-01-21 11:36:46	Name: i Value: Z3HH2Kn6TLuve4xNCR2hrDH1rnI2k6wFeEmCs3XGGXdxRQISnIQHbiPjR1iv0aBTT7S72COJcs+f/T41awuDZ4RzXeQ=
.yandex.ru/	1970-01-21 11:36:46	Name: yp Value: 1735332430.yu.8106809461735246030
.yandex.com/	1970-01-21 11:36:46	Name: i Value: hgyJhIN48LI2iMFGU6ow/E1YpFvpTHRYxNcg0XuyO3Q2pA8F6bkCj3y7oeDyah5X5PqSNyrIYBSgLiSE4mGl6W7mFAM=
.yandex.com/	1970-01-21 10:46:22	Name: yashr Value: 7796082931735246030
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1435584131735246030
.yandex.com/	1970-01-21 10:46:22	Name: yandexuid Value: 8144876071735246030
.yandex.com/	1970-01-21 10:46:22	Name: yuidss Value: 8144876071735246030
.yandex.com/	1970-01-21 10:46:22	Name: ymex Value: 1766782030.yrts.1735246030
.yandex.com/	1970-01-21 10:46:22	Name: receive-cookie-deprecation Value: 1
ads.adlook.me/	1970-01-21 10:44:56	Name: adlm_userId Value: 02858148e65c4fe2b8e1b07dc3891da5
.yandex.com/	1970-01-21 11:36:46	Name: bh Value: KgI/MGDOgbe7Bg==
.lordseriy.christmas/	1970-01-21 02:00:47	Name: _ym_visorc Value: w
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 660123211735246030
.yandex.ru/	1970-01-21 10:46:22	Name: ymex Value: 1737838030.oyu.8106809461735246030#1766782030.yrts.1735246030
.yandex.ru/	1970-01-21 10:46:22	Name: receive-cookie-deprecation Value: 1
.bumlam.com/	1970-01-21 11:36:46	Name: suuid3 Value: IiQ5NDMwZDgwNi1jM2NhLTExZWYtODZlMC0wMDI1OTBjMDY0N2M*
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp14v6 Value: 1735246030
.acint.net/	1970-01-21 02:00:46	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-21 11:36:46	Name: aid Value: fwAABGdtwM5s5QVTzZvwAjxzk3ZZIg2l08PGgLYLYaJyr7IH
.betweendigital.com/	1970-01-21 10:46:22	Name: dc Value: lux1
.betweendigital.com/	1970-01-21 10:46:22	Name: ss Value: 1
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp14v4 Value: 1735246030
.betweendigital.com/	1970-01-21 10:46:22	Name: tuuid Value: 9165ef9a-67e1-5269-b9cd-53c0dea0930e
.otm-r.com/	1970-01-21 02:03:38	Name: otcm_all Value: sp4cem
.otm-r.com/	1970-01-21 10:46:22	Name: mpid Value: Njc2ZGMwY2QwZjcyMWZkNQ==
sync.opendsp.ru/	1969-12-31 23:59:59	Name: chk Value: 1
.adhigh.net/	1970-01-21 10:46:22	Name: gi_u Value: xHjxiGPTgaI.AikABlGUBLkoiQ
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.adhigh.net/	1970-01-21 10:46:22	Name: adlook_sync Value: L7UC
.opendsp.ru/	1970-01-21 11:36:46	Name: pid Value: MjczYWMyZTMyOTg5ZTM0Nw
.gonet-ads.com/	1970-01-21 10:46:22	Name: pid Value: NmQwOWIxYzg5MzZhOTNkNQ
.adhigh.net/	1970-01-21 10:46:22	Name: otm_video_sync Value: L7UC
.ssp-rtb.sape.ru/	1970-01-21 11:36:46	Name: sspuid Value: CkIDK2dtwM97+gDKBke9AuOWcARU6tLVAe2BUMFnbazvv2mw
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp17v2 Value: 1735246031
kimberlite.io/	1970-01-21 04:10:22	Name: u Value: Z23Az2Dd1cc~flthuphsj2yzwkrDrr0HcqydT00
ads.adlook.me/	1970-01-21 11:36:46	Name: adlk_cmatch Value: btw%3A4b0be5f4-444e-5269-9026-d5a2f74b156c%2Calab%3Abd085086-5b59-450a-801e-4a8ea946b539
.adhigh.net/	1970-01-21 10:46:22	Name: sape_sync Value: L7UC
.adspector.io/	1970-01-21 11:36:46	Name: adspectorutid Value: Mwxl9UVIoiawJY74R1ADv9F5jyB9y9Y8_QH5yrbl3wIyUsfYBkZnuuUUNCoG-bi-3W9UtesANSnBgoYUSxhc2w
.dmg.digitaltarget.ru/	1970-01-21 11:36:46	Name: viuserid Value: Sfy3BrNVdNMVyyB7u5bN
.weborama.fr/	1970-01-21 11:26:41	Name: AFFICHE_W Value: XbIMn5Wp20td71
.acint.net/	1970-01-21 02:20:55	Name: cSyncDp104v2 Value: 1735246031
.mts.ru/	1970-01-21 10:33:24	Name: dspid Value: 4e3a013e-68ff-4b12-875a-89173dbfe1f3
.buzzoola.com/	1970-01-21 02:43:58	Name: uuid Value: 15b76273-0e5d-4f72-6b22-51f68c73d6b7
.yandex.ru/	1970-01-21 11:36:46	Name: bh Value: YM+Bt7sGahncyumIDvKst6UL+/rw5w3r//32D6SYzYcI
.alfasense.com/	1970-01-21 10:33:24	Name: uuid Value: 9bcbd7a3-facb-4b60-b647-17c6aa9df82e
.ohmy.bid/	1970-01-21 02:43:58	Name: uid Value: 575e70ae-4cea-4fdc-8aae-55dbc0a4c1dd.676dc0cf.ccadfaa836b62958
.utraff.com/	1970-01-21 11:36:46	Name: utid Value: p_VAmqdTQ1g_0Zll9LWGh5nAJJXWSnP9N8pybclE_b3EyO23h2YwORddX90aatEoEcjLUGhbfWAoGoQH-ZLhfg
.moe.video/	1970-01-21 11:36:46	Name: uid Value: 0c681268701b0bac356f
.mts.ru/	1970-01-21 11:36:46	Name: ma_last_sync Value: 1735246031433
.mts.ru/	1970-01-21 11:36:46	Name: ma_id Value: 8504670341735246031434
sync.otm-r.com/	1970-01-21 02:45:24	Name: mpid Value: Njc2ZGMwY2UwNzhjOWE1OQ==
.suprion.ru/	1970-01-21 11:36:46	Name: KsId Value: 1C9rIe8LPfT4Vr
sync.dsp.solta.io/	1969-12-31 23:59:59	Name: chk Value: 1
.dsp.solta.io/	1970-01-21 11:36:46	Name: pid Value: MmExYTQwY2VlM2UxZDhmYw
.weborama-tech.ru/	1970-01-21 11:26:41	Name: AFFICHE_W Value: im-UyoB45v@K90
.aidata.io/	1970-01-21 11:36:46	Name: __upin Value: 3fFichlD25pd8kOpsSRBrA
.aidata.io/	1970-01-21 11:36:46	Name: __upints Value: 1735246031
sync.programmatica.com/	1969-12-31 23:59:59	Name: chk Value: 1
.rutarget.ru/	1970-01-21 06:19:58	Name: userId Value: 5flcP_MzxoWQ
x01.aidata.io/	1970-01-21 02:05:05	Name: gi Value: 1
.programmatica.com/	1970-01-21 11:36:46	Name: pid Value: NzNkM2Q4MTVmYjJiYmEyNQ
.adhigh.net/	1970-01-21 10:46:22	Name: aidata_sync Value: L7UC
x01.aidata.io/	1970-01-21 02:05:05	Name: livin Value: 1
.upravel.com/	1970-01-21 02:00:46	Name: session_tptc Value: 1735246032007
x01.aidata.io/	1970-01-21 02:10:50	Name: otm Value: 1
.agency2.ru/	1970-01-21 10:33:24	Name: uuid Value: 2f08e60d-d5da-47e2-b6d3-0f56a8302672
.upravel.com/	1970-01-21 11:36:46	Name: user_id Value: fb19b462-1c8f-495b-9393-c17f0bbe89c6
.adx.com.ru/	1970-01-21 10:46:22	Name: user Value: 676dc0d07011cb00016c3e36
x01.aidata.io/	1970-01-21 02:10:50	Name: mgcom Value: 1
.tns-counter.ru/	1970-01-21 10:46:22	Name: guid Value: 6131683C676DC0D0X1735246032
.lordseriy.christmas/	1970-01-21 10:46:22	Name: adtech_uid Value: 28316ae1-3eb2-4f89-b307-11526ef0f10a%3Alordseriy.christmas
.lordseriy.christmas/	1970-01-21 10:46:22	Name: top100_id Value: t1.7627570.2027199106.1735246032476
x01.aidata.io/	1970-01-21 02:10:50	Name: segmento Value: 1
.ufouxbwn.com/	1970-01-21 11:36:46	Name: cookie_work Value: 1735246032
x01.aidata.io/	1970-01-21 02:10:50	Name: yaya Value: 1
x01.aidata.io/	1970-01-21 02:10:50	Name: altg Value: 1
x01.aidata.io/	1970-01-21 02:10:50	Name: lotame Value: 1
.sbermarketing.ru/	1970-01-21 10:46:21	Name: dmpuid Value: _ww4PRzbSqej2Al379SBXA
x01.aidata.io/	1970-01-21 02:05:05	Name: mytarget Value: 1
hd.lordseriy.christmas/	1970-01-21 11:36:46	Name: fid Value: 9bf334d2-904d-44d6-888d-ee2873456d49
hd.lordseriy.christmas/	1969-12-31 23:59:59	Name: _ac_cid Value: 0400007FCEC06D675305E56C02F09BCD
hd.lordseriy.christmas/	1970-01-21 11:36:46	Name: _ac_oid Value: 7940a256e92ed9cc81d903c23035db11%3A1735249633379
.acint.net/	1970-01-21 02:02:12	Name: cSyncDp45v5 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp53v5 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp62v2 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp67v3 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp68v3 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp71v2 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp80v2 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp85v2 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp95v4 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp98v3 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp107v2 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp110v3 Value: 1735246033
.acint.net/	1970-01-21 02:22:22	Name: cSyncDp125v4 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp126v3 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp127v2 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp129v2 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp136v3 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp146v2 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp148v2 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp149v3 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp151v2 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp251v2 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp186v2 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp217v2 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp226v1 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp235v2 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp239v3 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp243v2 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp260v2 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp244v2 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp248v3 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp261v1 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp289v2 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp293v1 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp296v2 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp312v1 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp313v1 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp331v1 Value: 1735246033
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp351v1 Value: 1735246033
.moe.video/	1970-01-21 02:20:55	Name: rtb Value: "1,2,3,4,6,7,8,9,10,11,12,13,14,15,17,18,19,20,21,22,24,25,26,27,28,29,30,31"
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp7v3 Value: 1735246034
.betweendigital.com/	1970-01-21 10:46:22	Name: ut Value: Z23A0gAAaXhaNp4uaf1g9E5uuo2_uodZlZkPYw==
.adhigh.net/	1970-01-21 10:46:22	Name: moevideo_sync Value: L7UC
.acint.net/	1970-01-21 02:43:58	Name: cSyncDp241v2 Value: 1735246034
.hd.lordseriy.christmas/	1970-01-21 11:36:46	Name: adrdel Value: 1735246034095
.lordseriy.christmas/	1970-01-21 11:36:46	Name: adrdel Value: 1735246034095
.hd.lordseriy.christmas/	1970-01-21 11:36:46	Name: adrcid Value: A0KVjyUHbA9ofDVoLF50CBA
.lordseriy.christmas/	1970-01-21 11:36:46	Name: adrcid Value: A0KVjyUHbA9ofDVoLF50CBA
.hd.lordseriy.christmas/	1970-01-21 11:36:46	Name: acs_3 Value: %7B%22hash%22%3A%22efc4edc6204628178e8c6c2658f73159fe6d444f%22%2C%22nextSyncTime%22%3A1735332434098%2C%22syncLog%22%3A%7B%22224%22%3A1735246034098%2C%221228%22%3A1735246034098%7D%7D
.lordseriy.christmas/	1970-01-21 11:36:46	Name: acs_3 Value: %7B%22hash%22%3A%22efc4edc6204628178e8c6c2658f73159fe6d444f%22%2C%22nextSyncTime%22%3A1735332434098%2C%22syncLog%22%3A%7B%22224%22%3A1735246034098%2C%221228%22%3A1735246034098%7D%7D
.adriver.ru/	1970-01-21 11:36:46	Name: cid Value: AWje7oQcXFqJsHfkL7D7gpg
sync.adspend.space/	1970-01-21 10:46:22	Name: as-user Value: ce62c442-7970-477b-b74e-9fa906abdf48
.adhigh.net/	1970-01-21 10:46:22	Name: solta_sync Value: L7UC
sync.techdsp.ru/	1970-01-21 10:46:22	Name: uid Value: PFcosvbaT-qj18vUdp8AVg
prodmp.ru/	1970-01-21 03:27:10	Name: rai Value: a648afa208a1ccd26855ed5064dffd2d
top-fwz1.mail.ru/	1970-01-21 10:47:48	Name: PVID Value: 0DBtLj3TapoT002CeD0Mi62T:::0-0-0-c88198e-0-c881992:CAASEOdv9vLkuBfNnX_KSTKR5-saYPkR5n6c2mAmW0QHqCSiCrKa4ciAQiH_pSVm4S5nWpFP0deJW7EESquaX2vVI-QK0XvyuSqf2xt-mKLirtmJZmLk6BoZHJSk0urfkmh4AJ7uoofAqluNUa3ByvpaY1_YcA
.mail.ru/	1970-01-21 10:47:48	Name: VID Value: 0DBtLj3TapoT002CeD0Mi62T:::0-0-0-c88198e-0-c881992:CAASEOdv9vLkuBfNnX_KSTKR5-saYPkR5n6c2mAmW0QHqCSiCrKa4ciAQiH_pSVm4S5nWpFP0deJW7EESquaX2vVI-QK0XvyuSqf2xt-mKLirtmJZmLk6BoZHJSk0urfkmh4AJ7uoofAqluNUa3ByvpaY1_YcA
hd.lordseriy.christmas/	1970-01-21 02:02:12	Name: _ohmybid_cmf Value: 2
.lordseriy.christmas/	1970-01-21 10:46:22	Name: t3_sid_7627570 Value: s1.57827816.1735246032477.1735246047679.1.6
.bidvol.com/	1970-01-21 11:36:46	Name: bvuid Value: xkm3vi0z6x
hd.lordseriy.christmas/	1970-01-21 02:10:50	Name: domain_sid Value: cI7jr2SP06agLQhr8dr0T%3A1735246056156

44 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://hd.lordseriy.christmas/ Message: Access to XMLHttpRequest at 'https://cdn.adlook.me/vast/vk-vdisp/vk-vdisp-25-1.xml' from origin 'https://hd.lordseriy.christmas' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://cdn.adlook.me/vast/vk-vdisp/vk-vdisp-25-1.xml Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hd.lordseriy.christmas/ Message: Access to XMLHttpRequest at 'https://cdn.adlook.me/vast/vk-vdisp/vk-vdisp-40-1.xml' from origin 'https://hd.lordseriy.christmas' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://cdn.adlook.me/vast/vk-vdisp/vk-vdisp-40-1.xml Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hd.lordseriy.christmas/ Message: Access to XMLHttpRequest at 'https://cdn.adlook.me/vast/ya-vdisp/y5zona-ru-ya-vdisp-1.xml' from origin 'https://hd.lordseriy.christmas' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://cdn.adlook.me/vast/ya-vdisp/y5zona-ru-ya-vdisp-1.xml Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hd.lordseriy.christmas/ Message: Access to XMLHttpRequest at 'https://cdn.adlook.me/vast/ya-vdisp/lordseriyl-ru-ya-vdisp-1.xml' from origin 'https://hd.lordseriy.christmas' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://cdn.adlook.me/vast/ya-vdisp/lordseriyl-ru-ya-vdisp-1.xml Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://gomatching.gomatching-54-prod.svc.cluster.local/match/AdLook?id= Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: https://hd.lordseriy.christmas/ Message: Access to XMLHttpRequest at 'https://cdn.adlook.me/vast/ya-vdisp/y5zona-ru-ya-vdisp-3.xml' from origin 'https://hd.lordseriy.christmas' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://cdn.adlook.me/vast/ya-vdisp/y5zona-ru-ya-vdisp-3.xml Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://hd.lordseriy.christmas/ Message: Access to XMLHttpRequest at 'https://cdn.adlook.me/vast/ya-vdisp/y5zona-ru-ya-vdisp-2.xml' from origin 'https://hd.lordseriy.christmas' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://cdn.adlook.me/vast/ya-vdisp/y5zona-ru-ya-vdisp-2.xml Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://match.ohmy.bid/cm?ssp=adlook&redirect_url=https://ads.adlook.me/csync?pid=ohmy&uid=02858148e65c4fe2b8e1b07dc3891da5 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://rtb.com.ru/otmrtb-sync?uid=Njc2ZGMwY2UwNzhjOWE1OQ%3D%3D Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	info	URL: https://ad.mail.ru/static/sync-loader.js(Line 4) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://ad.mail.ru/static/sync-loader.js(Line 4) Message: Failed to create WebGPU Context Provider
other	warning	URL: https://ad.mail.ru/static/sync-loader.js(Line 4) Message: Failed to parse video contentType: video/ogg; codecs=theora
rendering	warning	URL: https://hd.lordseriy.christmas/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A0EB00541F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://hd.lordseriy.christmas/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0301D00541F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://hd.lordseriy.christmas/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0405801541F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://rtb.moe.video/cs?d=19&b= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://rtb.moe.video/cs?d=15&b= Message: Failed to load resource: the server responded with a status of 404 ()
javascript	info	URL: https://ad.mail.ru/static/sync-loader.js(Line 4) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://ad.mail.ru/static/sync-loader.js(Line 4) Message: Failed to create WebGPU Context Provider
rendering	warning	URL: https://hd.lordseriy.christmas/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A070EB00541F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
javascript	info	URL: https://ad.mail.ru/static/sync-loader.js(Line 4) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://ad.mail.ru/static/sync-loader.js(Line 4) Message: Failed to create WebGPU Context Provider
rendering	warning	URL: https://hd.lordseriy.christmas/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A070EB00541F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://hd.lordseriy.christmas/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A0EB00541F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
javascript	info	URL: https://ad.mail.ru/static/sync-loader.js(Line 4) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://ad.mail.ru/static/sync-loader.js(Line 4) Message: Failed to create WebGPU Context Provider
rendering	warning	URL: https://hd.lordseriy.christmas/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A0EB00541F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
javascript	info	URL: https://ad.mail.ru/static/sync-loader.js(Line 4) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://ad.mail.ru/static/sync-loader.js(Line 4) Message: Failed to create WebGPU Context Provider
network	error	URL: https://a.adspector.io/ctx?vid=Bx3q-DrgJxNAfuVVPjmYDjME8to-hCCi5szsch3dVSM&origin=https%3A%2F%2Fhd.lordseriy.christmas&origins=https%3A%2F%2Fhd.lordseriy.christmashttps%3A%2F%2Fhd.lordseriy.christmas&width=0&height=0&v=2.1.6&h= Message*: Failed to load resource: the server responded with a status of 429 ()
javascript	info	URL: https://ad.mail.ru/static/sync-loader.js(Line 4) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://ad.mail.ru/static/sync-loader.js(Line 4) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://ad.mail.ru/static/sync-loader.js(Line 4) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://ad.mail.ru/static/sync-loader.js(Line 4) Message: Failed to create WebGPU Context Provider
network	error	URL: https://yandex.ru/ads/meta/13185303?target-ref=https%3A%2F%2Fhd.lordseriy.christmas%2F&pcode-version=1183758&pcodever=1183758&comboblock-unencoded-vast=1&ad-session-id=2323111735246056929&target-id=44723333&pcode-test-ids=1111484%2C0%2C6%3B1173006%2C0%2C99%3B1135992%2C0%2C34%3B1184115%2C0%2C93%3B1139808%2C0%2C19%3B1164346%2C0%2C72%3B1175803%2C0%2C82%3B1175948%2C0%2C84%3B1184151%2C0%2C28%3B1174873%2C0%2C71%3B1139870%2C0%2C74%3B1175871%2C0%2C98%3B1178012%2C0%2C48%3B1174799%2C0%2C29%3B1183758%2C0%2C97&pcode-flags-map=eJyVWG1zm7gW%2Fi98DlkEEoh%2Bk%2BGANQaJSsJJutPRkNrdzTaJ9%2Balu7ed%2Fvc7AuIY2tq9n2xJnEfnHJ2XR%2FrqrZm2pWILW4EozdJ78%2FtX73N3%2B7z13nhhgKl35j1tH5%2F4xnvj0YAGCfa%2BvT%2FrxS4Ua2zFtQEByi6urBQZTACMauEQAKEIxyTcI%2BhWreHKcqGNAlbbWuaghM1B81JMkB4%2FdLdbe7%2F9ZwpHwhDRPVyrwa65UVwwa9b2bQvqyjZMsXqCtf337xlKHKZkQOE5SMuFNSWzOu8RB924KG0NOWe24BXoCeDH3YPtbm9noClNUA9qSmlH4FJIBVbzd3BcI4oDFPTCSllQPLdG2jXT5pQYipJX7xq2qMCuQWkup%2B5EiEY0iObSOBw0rtvK8AUT7lxbwQsOueXCgCpYdlRzktIwGTRwrluselu1LaSye99msl7IYyhxkuIgeTFfwIVVYFolLCsMKJtVPFtZs1SyLZdH4y1BKMBpD6RrpowLiRYsXDZ2UbFs1UfvIcLv3l13c3v%2B8Oydef%2Ft7jfbf88fnn%2B7uev%2B2D5Opv7o7vqZzZft%2FfB59%2FnmaTf8vTs%2FGGzub8ZZh7xH8M68h%2B7L7e7Ln%2BPyl4fh9%2FmhO7%2Ff%2FvP43Qd%2Fdbu7m1F098n9vp%2BYSmg4%2BEyDsTkUrK2MbVgJVrT1AtQxjycERckQcFdMG2Z4ZguA3C4qma0sz%2B3Fkhv4gb%2BUz%2F0QpygMsI%2B8s8k4nI2j2Rj3Y%2BaHBAVBEo7yzCeU4hj5CO0n4gSRxG3wflKO0hjFvdKFtpWUjS345TEzKYkiFPUSLqrKxlidKd4cTSuaRGE6VL2c6z6lhgjMpCi4qpmZZ9cMIA1JRIdd83cghqKyggrMKTlEw3RS3ZZM5JU7BrEalXCZxXLTiqN5mUZJSIZCqVkN9oqJHC5tLmvGj%2BuQBEmcToyXDQhlFrZR0NgaDLOLtlodBUkJHqsCGFbaJbD8eDyiIKAkHooR01ciGzL3UOSr97h9chF4sG6dXjkzzFaS5d7ZdA1EDs5Zs%2FlxYTbreuLPAH66BRfc2GGC5YW8nC3XYBRfMZvJ1hXT2Wom5YqDrZnJlq7b%2FPirRsmaa%2Fhu4z7Rnfmjln21nX01rcBWil5hl1N%2F7h6fHp0zXRt7%2F21yEogm6VhDddM3obERXnCzlK2xCnKuIDNWiurqdJcKwiSgQ60pjH2JKtY0lVxzYbnUFkSeMZWfgEnDgOyzY4%2BjNZjDhpMpYIav3fGxbNkr7T7OKsbrU0EYptGB6QW%2FtJecyZpbBW9b0EYfF49CkpC9eNZqI2tbydLygk2rKCbbrrtGsZ9uu48%2BTrrIv07ijd99vI5xuu3IhrhimpCOxnFE%2FA%2BbOPVxSj%2F66SalPgo%2BdKjboO5660pmBmEYxRj54YJgHwcR8RdkkfphmBKCAHLIC%2B%2FMS8mWRhva%2BQRvsY83Ueh3CcI%2Buu66a5p8QCTduE0hwjgKqY%2FjJPIxQcxfxDH2F1EMRVhkuAjSSV1GQYRTSn9keAMqAzGJj%2BA8CMivSWdFOa0AKUoQStLQe4POvCgIUhriAHlv0LefALqcfSFEQ6IeP0GcxCMzzLQaCWXJ6%2Fo4fQtwGsbxTEyDWoPyNc9PCJMgHLvaPt%2F6VvyzDhxHaYCTiMzOgEQ4HFTveXrt%2BFupWGWZ0BenAp%2BkBIV7HRpXkqxRLFuB0tPdowCFYRwT4rkTQDHGIZmrQjEdLVK1LSpWnsgbmiZ0pDINZAP9bAV%2F6wpd3qe2695NxTKoZ9H0PVhK4tEPJRi7XtkcajnymsWVNazk%2BTSqECEBcXeOx79%2Fc0D%2B55vNdud%2F%2FuRvNzf3u%2B0wPv%2FrcXfvTQMtjQP0ej9ieT7cPrRj7327blV1UJpMeZQGIwc4sjLZGF7zd2CzJWQrm7dNxTNm4BfciVCAoletQPR10iyhBgt1Y64syxyFsQ0TUP2fVB2hELmLxERHRwpy3ZyQi8noq71c2RPXWo5eOyGfpPGwL1waUIJVNteNi1KhG6mMPZndCAd4JEVw2fSOdDvr4apnlnLagO7CmXSY0le3Fm1V6UwBiBeSli2ZKMFKxUGYkyQRoRhTEu%2Fx1jyzGfCqDx1WZXYJvFyeuP%2FFcRSGB%2FFXyEvrbgM1F78mn6R4SLwDc0Y7MlZVC5atdP%2FPSnWKwqGYUoq%2Ba9BZJd3NsDVGClucOOSEoOAVQrZmfCionC2OibmCfkqPJAqCeJKVmYIchOGsGpjCD9v5x92D393e%2Bg%2Fb%2FzxvHT2aPmSQNH11tZD2Aha1o1SGO45PT17U0St3UXVjgSltM1nJqTEfnh%2Bfdnd20z18mu2f0oDOk3qhmMiHe0k5hXm6nQdbhAefOH%2FopuLGRRrLWdOTpXV46mBesh60BpHBiwqMLWzN9IqLExokJMWDAQpquYbDDCqUrN3lxPmzj5fjUBQjgvbGQCZru2B5Cc4izQ2469IJczBNooPcG6ozsxV7d%2BXeUZQ5rkGU0rFQz9yhl%2Br05uTlpciFpXv6Ghp%2ByRp9woc0GNu046aufDL3ZuWuAtpI5X770SnjXwh%2Bk8kc1rN8cm9FCaEzl%2FdT395%2F%2Bx9X5Nh6&pcode-icookie=JcCl7odmx0W3J1HCHie98W0xwosq6bfh3ifMNMEJKBJtpoiUa1l7OngFPJKoIxS9NRTutbHAs7s5F67txcxkQNwtn4U%3D&disable-base64=1&duid=MTczNTI0NjAzMDUxOTczMjA2Mg%3D%3D&imp-id=1&ecma-version=es2017&charset=utf-8&test-tag=7696581395458&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fhd.lordseriy.christmas&top-ancestor-undetermined=0&layout-config=%7B%22win_width%22%3A420%2C%22win_height%22%3A236%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Atrue%2C%22w%22%3A420%2C%22h%22%3A236%2C%22width%22%3A420%2C%22height%22%3A236%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A0%2C%22ad_no%22%3A0%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A0%7D&grab-orig-len=76&grab=eyJncmFiX3ZlcnNpb24iOjJ9Ckw21zYyTkw2t7KzTkwueK-2BtZqicnWZpqvveBme7cVfEr-_w%3D%3D&uniformat=true&callback=Ya%5B1471720181961%5D Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://yandex.ru/ads/meta/13185303?target-ref=https%3A%2F%2Fhd.lordseriy.christmas%2F&pcode-version=1183758&pcodever=1183758&comboblock-unencoded-vast=1&ad-session-id=2323111735246056929&target-id=60040250&pcode-test-ids=1111484%2C0%2C6%3B1173006%2C0%2C99%3B1135992%2C0%2C34%3B1184115%2C0%2C93%3B1139808%2C0%2C19%3B1164346%2C0%2C72%3B1175803%2C0%2C82%3B1175948%2C0%2C84%3B1184151%2C0%2C28%3B1174873%2C0%2C71%3B1139870%2C0%2C74%3B1175871%2C0%2C98%3B1178012%2C0%2C48%3B1174799%2C0%2C29%3B1183758%2C0%2C97&pcode-flags-map=eJyVWG1zm7gW%2Fi98DlkEEoh%2Bk%2BGANQaJSsJJutPRkNrdzTaJ9%2Balu7ed%2Fvc7AuIY2tq9n2xJnEfnHJ2XR%2FrqrZm2pWILW4EozdJ78%2FtX73N3%2B7z13nhhgKl35j1tH5%2F4xnvj0YAGCfa%2BvT%2FrxS4Ua2zFtQEByi6urBQZTACMauEQAKEIxyTcI%2BhWreHKcqGNAlbbWuaghM1B81JMkB4%2FdLdbe7%2F9ZwpHwhDRPVyrwa65UVwwa9b2bQvqyjZMsXqCtf337xlKHKZkQOE5SMuFNSWzOu8RB924KG0NOWe24BXoCeDH3YPtbm9noClNUA9qSmlH4FJIBVbzd3BcI4oDFPTCSllQPLdG2jXT5pQYipJX7xq2qMCuQWkup%2B5EiEY0iObSOBw0rtvK8AUT7lxbwQsOueXCgCpYdlRzktIwGTRwrluselu1LaSye99msl7IYyhxkuIgeTFfwIVVYFolLCsMKJtVPFtZs1SyLZdH4y1BKMBpD6RrpowLiRYsXDZ2UbFs1UfvIcLv3l13c3v%2B8Oydef%2Ft7jfbf88fnn%2B7uev%2B2D5Opv7o7vqZzZft%2FfB59%2FnmaTf8vTs%2FGGzub8ZZh7xH8M68h%2B7L7e7Ln%2BPyl4fh9%2FmhO7%2Ff%2FvP43Qd%2Fdbu7m1F098n9vp%2BYSmg4%2BEyDsTkUrK2MbVgJVrT1AtQxjycERckQcFdMG2Z4ZguA3C4qma0sz%2B3Fkhv4gb%2BUz%2F0QpygMsI%2B8s8k4nI2j2Rj3Y%2BaHBAVBEo7yzCeU4hj5CO0n4gSRxG3wflKO0hjFvdKFtpWUjS345TEzKYkiFPUSLqrKxlidKd4cTSuaRGE6VL2c6z6lhgjMpCi4qpmZZ9cMIA1JRIdd83cghqKyggrMKTlEw3RS3ZZM5JU7BrEalXCZxXLTiqN5mUZJSIZCqVkN9oqJHC5tLmvGj%2BuQBEmcToyXDQhlFrZR0NgaDLOLtlodBUkJHqsCGFbaJbD8eDyiIKAkHooR01ciGzL3UOSr97h9chF4sG6dXjkzzFaS5d7ZdA1EDs5Zs%2FlxYTbreuLPAH66BRfc2GGC5YW8nC3XYBRfMZvJ1hXT2Wom5YqDrZnJlq7b%2FPirRsmaa%2Fhu4z7Rnfmjln21nX01rcBWil5hl1N%2F7h6fHp0zXRt7%2F21yEogm6VhDddM3obERXnCzlK2xCnKuIDNWiurqdJcKwiSgQ60pjH2JKtY0lVxzYbnUFkSeMZWfgEnDgOyzY4%2BjNZjDhpMpYIav3fGxbNkr7T7OKsbrU0EYptGB6QW%2FtJecyZpbBW9b0EYfF49CkpC9eNZqI2tbydLygk2rKCbbrrtGsZ9uu48%2BTrrIv07ijd99vI5xuu3IhrhimpCOxnFE%2FA%2BbOPVxSj%2F66SalPgo%2BdKjboO5660pmBmEYxRj54YJgHwcR8RdkkfphmBKCAHLIC%2B%2FMS8mWRhva%2BQRvsY83Ueh3CcI%2Buu66a5p8QCTduE0hwjgKqY%2FjJPIxQcxfxDH2F1EMRVhkuAjSSV1GQYRTSn9keAMqAzGJj%2BA8CMivSWdFOa0AKUoQStLQe4POvCgIUhriAHlv0LefALqcfSFEQ6IeP0GcxCMzzLQaCWXJ6%2Fo4fQtwGsbxTEyDWoPyNc9PCJMgHLvaPt%2F6VvyzDhxHaYCTiMzOgEQ4HFTveXrt%2BFupWGWZ0BenAp%2BkBIV7HRpXkqxRLFuB0tPdowCFYRwT4rkTQDHGIZmrQjEdLVK1LSpWnsgbmiZ0pDINZAP9bAV%2F6wpd3qe2695NxTKoZ9H0PVhK4tEPJRi7XtkcajnymsWVNazk%2BTSqECEBcXeOx79%2Fc0D%2B55vNdud%2F%2FuRvNzf3u%2B0wPv%2FrcXfvTQMtjQP0ej9ieT7cPrRj7327blV1UJpMeZQGIwc4sjLZGF7zd2CzJWQrm7dNxTNm4BfciVCAoletQPR10iyhBgt1Y64syxyFsQ0TUP2fVB2hELmLxERHRwpy3ZyQi8noq71c2RPXWo5eOyGfpPGwL1waUIJVNteNi1KhG6mMPZndCAd4JEVw2fSOdDvr4apnlnLagO7CmXSY0le3Fm1V6UwBiBeSli2ZKMFKxUGYkyQRoRhTEu%2Fx1jyzGfCqDx1WZXYJvFyeuP%2FFcRSGB%2FFXyEvrbgM1F78mn6R4SLwDc0Y7MlZVC5atdP%2FPSnWKwqGYUoq%2Ba9BZJd3NsDVGClucOOSEoOAVQrZmfCionC2OibmCfkqPJAqCeJKVmYIchOGsGpjCD9v5x92D393e%2Bg%2Fb%2FzxvHT2aPmSQNH11tZD2Aha1o1SGO45PT17U0St3UXVjgSltM1nJqTEfnh%2Bfdnd20z18mu2f0oDOk3qhmMiHe0k5hXm6nQdbhAefOH%2FopuLGRRrLWdOTpXV46mBesh60BpHBiwqMLWzN9IqLExokJMWDAQpquYbDDCqUrN3lxPmzj5fjUBQjgvbGQCZru2B5Cc4izQ2469IJczBNooPcG6ozsxV7d%2BXeUZQ5rkGU0rFQz9yhl%2Br05uTlpciFpXv6Ghp%2ByRp9woc0GNu046aufDL3ZuWuAtpI5X770SnjXwh%2Bk8kc1rN8cm9FCaEzl%2FdT395%2F%2Bx9X5Nh6&pcode-icookie=JcCl7odmx0W3J1HCHie98W0xwosq6bfh3ifMNMEJKBJtpoiUa1l7OngFPJKoIxS9NRTutbHAs7s5F67txcxkQNwtn4U%3D&disable-base64=1&duid=MTczNTI0NjAzMDUxOTczMjA2Mg%3D%3D&imp-id=2&ecma-version=es2017&charset=utf-8&test-tag=7696581395458&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fhd.lordseriy.christmas&top-ancestor-undetermined=0&layout-config=%7B%22win_width%22%3A420%2C%22win_height%22%3A236%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Atrue%2C%22w%22%3A420%2C%22h%22%3A236%2C%22width%22%3A420%2C%22height%22%3A236%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A0%2C%22ad_no%22%3A0%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A0%7D&grab-orig-len=76&grab=eyJncmFiX3ZlcnNpb24iOjJ9Ckw21zYyTkw2t7KzTkwueK-2BtZqicnWZpqvveBme7cVfEr-_w%3D%3D&uniformat=true&callback=Ya%5B2771783892291%5D Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://yandex.ru/ads/meta/13185303?target-ref=https%3A%2F%2Fhd.lordseriy.christmas%2F&pcode-version=1183758&pcodever=1183758&comboblock-unencoded-vast=1&ad-session-id=2323111735246056929&target-id=23757484&pcode-test-ids=1111484%2C0%2C6%3B1173006%2C0%2C99%3B1135992%2C0%2C34%3B1184115%2C0%2C93%3B1139808%2C0%2C19%3B1164346%2C0%2C72%3B1175803%2C0%2C82%3B1175948%2C0%2C84%3B1184151%2C0%2C28%3B1174873%2C0%2C71%3B1139870%2C0%2C74%3B1175871%2C0%2C98%3B1178012%2C0%2C48%3B1174799%2C0%2C29%3B1183758%2C0%2C97&pcode-flags-map=eJyVWG1zm7gW%2Fi98DlkEEoh%2Bk%2BGANQaJSsJJutPRkNrdzTaJ9%2Balu7ed%2Fvc7AuIY2tq9n2xJnEfnHJ2XR%2FrqrZm2pWILW4EozdJ78%2FtX73N3%2B7z13nhhgKl35j1tH5%2F4xnvj0YAGCfa%2BvT%2FrxS4Ua2zFtQEByi6urBQZTACMauEQAKEIxyTcI%2BhWreHKcqGNAlbbWuaghM1B81JMkB4%2FdLdbe7%2F9ZwpHwhDRPVyrwa65UVwwa9b2bQvqyjZMsXqCtf337xlKHKZkQOE5SMuFNSWzOu8RB924KG0NOWe24BXoCeDH3YPtbm9noClNUA9qSmlH4FJIBVbzd3BcI4oDFPTCSllQPLdG2jXT5pQYipJX7xq2qMCuQWkup%2B5EiEY0iObSOBw0rtvK8AUT7lxbwQsOueXCgCpYdlRzktIwGTRwrluselu1LaSye99msl7IYyhxkuIgeTFfwIVVYFolLCsMKJtVPFtZs1SyLZdH4y1BKMBpD6RrpowLiRYsXDZ2UbFs1UfvIcLv3l13c3v%2B8Oydef%2Ft7jfbf88fnn%2B7uev%2B2D5Opv7o7vqZzZft%2FfB59%2FnmaTf8vTs%2FGGzub8ZZh7xH8M68h%2B7L7e7Ln%2BPyl4fh9%2FmhO7%2Ff%2FvP43Qd%2Fdbu7m1F098n9vp%2BYSmg4%2BEyDsTkUrK2MbVgJVrT1AtQxjycERckQcFdMG2Z4ZguA3C4qma0sz%2B3Fkhv4gb%2BUz%2F0QpygMsI%2B8s8k4nI2j2Rj3Y%2BaHBAVBEo7yzCeU4hj5CO0n4gSRxG3wflKO0hjFvdKFtpWUjS345TEzKYkiFPUSLqrKxlidKd4cTSuaRGE6VL2c6z6lhgjMpCi4qpmZZ9cMIA1JRIdd83cghqKyggrMKTlEw3RS3ZZM5JU7BrEalXCZxXLTiqN5mUZJSIZCqVkN9oqJHC5tLmvGj%2BuQBEmcToyXDQhlFrZR0NgaDLOLtlodBUkJHqsCGFbaJbD8eDyiIKAkHooR01ciGzL3UOSr97h9chF4sG6dXjkzzFaS5d7ZdA1EDs5Zs%2FlxYTbreuLPAH66BRfc2GGC5YW8nC3XYBRfMZvJ1hXT2Wom5YqDrZnJlq7b%2FPirRsmaa%2Fhu4z7Rnfmjln21nX01rcBWil5hl1N%2F7h6fHp0zXRt7%2F21yEogm6VhDddM3obERXnCzlK2xCnKuIDNWiurqdJcKwiSgQ60pjH2JKtY0lVxzYbnUFkSeMZWfgEnDgOyzY4%2BjNZjDhpMpYIav3fGxbNkr7T7OKsbrU0EYptGB6QW%2FtJecyZpbBW9b0EYfF49CkpC9eNZqI2tbydLygk2rKCbbrrtGsZ9uu48%2BTrrIv07ijd99vI5xuu3IhrhimpCOxnFE%2FA%2BbOPVxSj%2F66SalPgo%2BdKjboO5660pmBmEYxRj54YJgHwcR8RdkkfphmBKCAHLIC%2B%2FMS8mWRhva%2BQRvsY83Ueh3CcI%2Buu66a5p8QCTduE0hwjgKqY%2FjJPIxQcxfxDH2F1EMRVhkuAjSSV1GQYRTSn9keAMqAzGJj%2BA8CMivSWdFOa0AKUoQStLQe4POvCgIUhriAHlv0LefALqcfSFEQ6IeP0GcxCMzzLQaCWXJ6%2Fo4fQtwGsbxTEyDWoPyNc9PCJMgHLvaPt%2F6VvyzDhxHaYCTiMzOgEQ4HFTveXrt%2BFupWGWZ0BenAp%2BkBIV7HRpXkqxRLFuB0tPdowCFYRwT4rkTQDHGIZmrQjEdLVK1LSpWnsgbmiZ0pDINZAP9bAV%2F6wpd3qe2695NxTKoZ9H0PVhK4tEPJRi7XtkcajnymsWVNazk%2BTSqECEBcXeOx79%2Fc0D%2B55vNdud%2F%2FuRvNzf3u%2B0wPv%2FrcXfvTQMtjQP0ej9ieT7cPrRj7327blV1UJpMeZQGIwc4sjLZGF7zd2CzJWQrm7dNxTNm4BfciVCAoletQPR10iyhBgt1Y64syxyFsQ0TUP2fVB2hELmLxERHRwpy3ZyQi8noq71c2RPXWo5eOyGfpPGwL1waUIJVNteNi1KhG6mMPZndCAd4JEVw2fSOdDvr4apnlnLagO7CmXSY0le3Fm1V6UwBiBeSli2ZKMFKxUGYkyQRoRhTEu%2Fx1jyzGfCqDx1WZXYJvFyeuP%2FFcRSGB%2FFXyEvrbgM1F78mn6R4SLwDc0Y7MlZVC5atdP%2FPSnWKwqGYUoq%2Ba9BZJd3NsDVGClucOOSEoOAVQrZmfCionC2OibmCfkqPJAqCeJKVmYIchOGsGpjCD9v5x92D393e%2Bg%2Fb%2FzxvHT2aPmSQNH11tZD2Aha1o1SGO45PT17U0St3UXVjgSltM1nJqTEfnh%2Bfdnd20z18mu2f0oDOk3qhmMiHe0k5hXm6nQdbhAefOH%2FopuLGRRrLWdOTpXV46mBesh60BpHBiwqMLWzN9IqLExokJMWDAQpquYbDDCqUrN3lxPmzj5fjUBQjgvbGQCZru2B5Cc4izQ2469IJczBNooPcG6ozsxV7d%2BXeUZQ5rkGU0rFQz9yhl%2Br05uTlpciFpXv6Ghp%2ByRp9woc0GNu046aufDL3ZuWuAtpI5X770SnjXwh%2Bk8kc1rN8cm9FCaEzl%2FdT395%2F%2Bx9X5Nh6&pcode-icookie=JcCl7odmx0W3J1HCHie98W0xwosq6bfh3ifMNMEJKBJtpoiUa1l7OngFPJKoIxS9NRTutbHAs7s5F67txcxkQNwtn4U%3D&disable-base64=1&duid=MTczNTI0NjAzMDUxOTczMjA2Mg%3D%3D&imp-id=3&ecma-version=es2017&charset=utf-8&test-tag=7696581395458&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fhd.lordseriy.christmas&top-ancestor-undetermined=0&layout-config=%7B%22win_width%22%3A420%2C%22win_height%22%3A236%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Atrue%2C%22w%22%3A420%2C%22h%22%3A236%2C%22width%22%3A420%2C%22height%22%3A236%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A0%2C%22ad_no%22%3A0%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A0%7D&grab-orig-len=76&grab=eyJncmFiX3ZlcnNpb24iOjJ9Ckw21zYyTkw2t7KzTkwueK-2BtZqicnWZpqvveBme7cVfEr-_w%3D%3D&uniformat=true&callback=Ya%5B4432299534522%5D Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://yandex.ru/ads/meta/13325526?target-ref=https%3A%2F%2Fhd.lordseriy.christmas%2F&pcode-version=1183758&pcodever=1183758&comboblock-unencoded-vast=1&ad-session-id=2323111735246056929&target-id=43707646&pcode-test-ids=1111484%2C0%2C6%3B1173006%2C0%2C99%3B1135992%2C0%2C34%3B1184115%2C0%2C93%3B1139808%2C0%2C19%3B1164346%2C0%2C72%3B1175803%2C0%2C82%3B1175948%2C0%2C84%3B1184151%2C0%2C28%3B1174873%2C0%2C71%3B1139870%2C0%2C74%3B1175871%2C0%2C98%3B1178012%2C0%2C48%3B1174799%2C0%2C29%3B1183758%2C0%2C97&pcode-flags-map=eJyVWG1zm7gW%2Fi98DlkEEoh%2Bk%2BGANQaJSsJJutPRkNrdzTaJ9%2Balu7ed%2Fvc7AuIY2tq9n2xJnEfnHJ2XR%2FrqrZm2pWILW4EozdJ78%2FtX73N3%2B7z13nhhgKl35j1tH5%2F4xnvj0YAGCfa%2BvT%2FrxS4Ua2zFtQEByi6urBQZTACMauEQAKEIxyTcI%2BhWreHKcqGNAlbbWuaghM1B81JMkB4%2FdLdbe7%2F9ZwpHwhDRPVyrwa65UVwwa9b2bQvqyjZMsXqCtf337xlKHKZkQOE5SMuFNSWzOu8RB924KG0NOWe24BXoCeDH3YPtbm9noClNUA9qSmlH4FJIBVbzd3BcI4oDFPTCSllQPLdG2jXT5pQYipJX7xq2qMCuQWkup%2B5EiEY0iObSOBw0rtvK8AUT7lxbwQsOueXCgCpYdlRzktIwGTRwrluselu1LaSye99msl7IYyhxkuIgeTFfwIVVYFolLCsMKJtVPFtZs1SyLZdH4y1BKMBpD6RrpowLiRYsXDZ2UbFs1UfvIcLv3l13c3v%2B8Oydef%2Ft7jfbf88fnn%2B7uev%2B2D5Opv7o7vqZzZft%2FfB59%2FnmaTf8vTs%2FGGzub8ZZh7xH8M68h%2B7L7e7Ln%2BPyl4fh9%2FmhO7%2Ff%2FvP43Qd%2Fdbu7m1F098n9vp%2BYSmg4%2BEyDsTkUrK2MbVgJVrT1AtQxjycERckQcFdMG2Z4ZguA3C4qma0sz%2B3Fkhv4gb%2BUz%2F0QpygMsI%2B8s8k4nI2j2Rj3Y%2BaHBAVBEo7yzCeU4hj5CO0n4gSRxG3wflKO0hjFvdKFtpWUjS345TEzKYkiFPUSLqrKxlidKd4cTSuaRGE6VL2c6z6lhgjMpCi4qpmZZ9cMIA1JRIdd83cghqKyggrMKTlEw3RS3ZZM5JU7BrEalXCZxXLTiqN5mUZJSIZCqVkN9oqJHC5tLmvGj%2BuQBEmcToyXDQhlFrZR0NgaDLOLtlodBUkJHqsCGFbaJbD8eDyiIKAkHooR01ciGzL3UOSr97h9chF4sG6dXjkzzFaS5d7ZdA1EDs5Zs%2FlxYTbreuLPAH66BRfc2GGC5YW8nC3XYBRfMZvJ1hXT2Wom5YqDrZnJlq7b%2FPirRsmaa%2Fhu4z7Rnfmjln21nX01rcBWil5hl1N%2F7h6fHp0zXRt7%2F21yEogm6VhDddM3obERXnCzlK2xCnKuIDNWiurqdJcKwiSgQ60pjH2JKtY0lVxzYbnUFkSeMZWfgEnDgOyzY4%2BjNZjDhpMpYIav3fGxbNkr7T7OKsbrU0EYptGB6QW%2FtJecyZpbBW9b0EYfF49CkpC9eNZqI2tbydLygk2rKCbbrrtGsZ9uu48%2BTrrIv07ijd99vI5xuu3IhrhimpCOxnFE%2FA%2BbOPVxSj%2F66SalPgo%2BdKjboO5660pmBmEYxRj54YJgHwcR8RdkkfphmBKCAHLIC%2B%2FMS8mWRhva%2BQRvsY83Ueh3CcI%2Buu66a5p8QCTduE0hwjgKqY%2FjJPIxQcxfxDH2F1EMRVhkuAjSSV1GQYRTSn9keAMqAzGJj%2BA8CMivSWdFOa0AKUoQStLQe4POvCgIUhriAHlv0LefALqcfSFEQ6IeP0GcxCMzzLQaCWXJ6%2Fo4fQtwGsbxTEyDWoPyNc9PCJMgHLvaPt%2F6VvyzDhxHaYCTiMzOgEQ4HFTveXrt%2BFupWGWZ0BenAp%2BkBIV7HRpXkqxRLFuB0tPdowCFYRwT4rkTQDHGIZmrQjEdLVK1LSpWnsgbmiZ0pDINZAP9bAV%2F6wpd3qe2695NxTKoZ9H0PVhK4tEPJRi7XtkcajnymsWVNazk%2BTSqECEBcXeOx79%2Fc0D%2B55vNdud%2F%2FuRvNzf3u%2B0wPv%2FrcXfvTQMtjQP0ej9ieT7cPrRj7327blV1UJpMeZQGIwc4sjLZGF7zd2CzJWQrm7dNxTNm4BfciVCAoletQPR10iyhBgt1Y64syxyFsQ0TUP2fVB2hELmLxERHRwpy3ZyQi8noq71c2RPXWo5eOyGfpPGwL1waUIJVNteNi1KhG6mMPZndCAd4JEVw2fSOdDvr4apnlnLagO7CmXSY0le3Fm1V6UwBiBeSli2ZKMFKxUGYkyQRoRhTEu%2Fx1jyzGfCqDx1WZXYJvFyeuP%2FFcRSGB%2FFXyEvrbgM1F78mn6R4SLwDc0Y7MlZVC5atdP%2FPSnWKwqGYUoq%2Ba9BZJd3NsDVGClucOOSEoOAVQrZmfCionC2OibmCfkqPJAqCeJKVmYIchOGsGpjCD9v5x92D393e%2Bg%2Fb%2FzxvHT2aPmSQNH11tZD2Aha1o1SGO45PT17U0St3UXVjgSltM1nJqTEfnh%2Bfdnd20z18mu2f0oDOk3qhmMiHe0k5hXm6nQdbhAefOH%2FopuLGRRrLWdOTpXV46mBesh60BpHBiwqMLWzN9IqLExokJMWDAQpquYbDDCqUrN3lxPmzj5fjUBQjgvbGQCZru2B5Cc4izQ2469IJczBNooPcG6ozsxV7d%2BXeUZQ5rkGU0rFQz9yhl%2Br05uTlpciFpXv6Ghp%2ByRp9woc0GNu046aufDL3ZuWuAtpI5X770SnjXwh%2Bk8kc1rN8cm9FCaEzl%2FdT395%2F%2Bx9X5Nh6&pcode-icookie=JcCl7odmx0W3J1HCHie98W0xwosq6bfh3ifMNMEJKBJtpoiUa1l7OngFPJKoIxS9NRTutbHAs7s5F67txcxkQNwtn4U%3D&disable-base64=1&duid=MTczNTI0NjAzMDUxOTczMjA2Mg%3D%3D&imp-id=1&ecma-version=es2017&charset=utf-8&test-tag=7696581395458&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fhd.lordseriy.christmas&top-ancestor-undetermined=0&layout-config=%7B%22win_width%22%3A420%2C%22win_height%22%3A236%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Atrue%2C%22w%22%3A420%2C%22h%22%3A236%2C%22width%22%3A420%2C%22height%22%3A236%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A0%2C%22ad_no%22%3A0%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A0%7D&grab-orig-len=76&grab=eyJncmFiX3ZlcnNpb24iOjJ9Ckw21zYyTkw2t7KzTkwueK-2BtZqicnWZpqvveBme7cVfEr-_w%3D%3D&uniformat=true&callback=Ya%5B3304576545368%5D Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1010--ce62c442-7970-477b-b74e-9fa906abdf48.stbid.ru
5266145921735246031421.cm.a.mts.ru
7452824949490489945-otm.ops.beeline.ru
8504670341735246031434.cm.a.mts.ru
9633794231735246031422.cm.a.mts.ru
a.adspector.io
a.lotus-dsp.ru
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
ad.moe.video
ads.adfox.ru
ads.adlook.me
ads.betweendigital.com
aidata-sync.rutarget.ru
an.yandex.ru
avatars.mds.yandex.net
bid.adx.com.ru
catsnetwork.ru
cdn-rtb.sape.ru
cdn.adlook.me
cdn.instreamvideo.ru
cdn1.moe.video
cdn3.moe.video
cdnrtbsape.ru
cm.a.mts.ru
cm.p.altergeo.ru
cmr.bidderstack.com
const.uno
content.adriver.ru
counter.yadro.ru
cs.agency2.ru
cs.alfasense.com
dm-eu.hybrid.ai
dmg.digitaltarget.ru
dsp.tigra.dev
ev.adriver.ru
exchange.buzzoola.com
gomatching.gomatching-54-prod.svc.cluster.local
hd.lordseriy.christmas
inplayer.ru
instreamvideo.ru
kimberlite.io
kraken.rambler.ru
match.new-programmatic.com
match.ohmy.bid
match.qtarget.tech
matching.mobilebanner.ru
mc.acint.net
mc.yandex.com
mc.yandex.ru
mediatoday.ru
moevideo-sync.rutarget.ru
mts-dsp-sync.rutarget.ru
nyfeljad.moe.video
otclick-adv.ru
otvet.imgsmail.ru
partnerabc.com
privacy-cs.mail.ru
prodmp.ru
px.adhigh.net
pxl.acint.net
redirect-frontend.weborama-tech.ru
redirect.frontend.weborama.fr
rtb.com.ru
rtb.moe.video
s.suprion.ru
sape-sync.rutarget.ru
sdk.adspector.io
sm.rtb.mts.ru
solta-sync.rutarget.ru
sp.ohmy.bid
ssp-rtb.sape.ru
ssp.al-adtech.com
ssp.bidvol.com
ssp.hybrid.ai
st.top100.ru
stat.adlook.me
sync.adspend.space
sync.bumlam.com
sync.crwdcntrl.net
sync.dmp.otm-r.com
sync.dsp.solta.io
sync.gonet-ads.com
sync.opendsp.ru
sync.otm-r.com
sync.programmatica.com
sync.rambler.ru
sync.techdsp.ru
sync.upravel.com
top-fwz1.mail.ru
vast.ufouxbwn.com
videotarget-sync.rutarget.ru
vma.mts.ru
www.acint.net
www.tns-counter.ru
www.vokrug.tv
x01.aidata.io
yandex.ru
yastatic.net
7452824949490489945-otm.ops.beeline.ru
ad.mail.ru
cdn.adlook.me
gomatching.gomatching-54-prod.svc.cluster.local
mc.yandex.ru
rtb.com.ru
sync.upravel.com
yastatic.net
138.201.139.144
142.132.138.212
142.132.138.214
151.236.71.248
158.160.0.94
159.69.59.100
167.235.10.90
167.235.14.51
167.235.9.235
172.67.140.221
172.67.161.189
178.154.231.214
178.170.196.9
185.149.242.234
185.15.175.144
185.175.47.157
185.65.149.228
188.114.96.3
188.42.189.197
188.42.196.115
188.72.107.156
188.72.107.205
193.106.93.124
193.232.150.149
193.3.184.211
193.3.184.43
193.3.184.47
195.209.109.11
195.209.109.27
2001:6d0:4001::226
209.192.201.68
212.41.28.228
212.41.29.35
213.180.193.90
213.248.44.211
217.199.220.43
217.199.220.72
217.65.2.150
217.66.147.34
217.66.147.35
23.105.255.196
23.109.14.96
2600:1900:4000:ea00:8000:74:8a0:d2d1
2606:4700:20::681a:7bd
2606:4700:20::681a:f1c
2a00:1148:1000:101:8:3:0:17
2a00:1148:db00::17
2a00:ab00:1103:3a:45:138:161:70
2a02:2d8:0:c00c::6
2a02:2d9:3:e::12
2a02:2d9:3:e::30
2a02:2d9:3:e::31
2a02:2d9:3:e::32
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::1be
2a02:6b8:a::a
2a11:27c0:10::182
31.172.81.146
34.248.19.126
35.190.24.218
37.230.131.16
37.230.131.76
45.139.25.118
46.148.230.54
46.243.143.249
46.243.172.93
5.101.37.37
5.227.125.249
5.255.255.77
65.109.111.89
78.140.242.74
80.66.90.75
80.87.192.36
81.19.89.16
83.149.14.208
83.222.105.230
83.222.14.222
85.198.116.135
87.242.127.163
87.245.192.100
88.212.201.198
89.108.120.76
93.189.58.218
94.103.9.201
95.163.41.54
95.163.41.56
95.163.52.67
95.163.84.7
95.163.92.180
95.181.182.182
0043f89180ccb535cc29be0ebcb83346e380b2e9f94078e1c5fdf598567831b2
0106b546c8e99146c94fceff7190c39d1173cca103f14a452f544f3bf91fe328
0298063828b5c9d2f0f8baf12593ca4c4fbc9b193262f2456fe5a81d5783f6a3
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
03570a57ba8190569ca976df757bbfd9d8656c1b41ed7f66165b7986224bd280
04149c495a2051e6e2f5b49dd53abab124261f0acc25e747a802a9f06c097db7
070132d8a3321b799712a5a6bd48620d5e2e4f51d587a3d3de449846909b6f87
0a9ada3816b928d8804c5d1a27906fb9e88785e06808c3041b4b4b4be58f14c6
0cffc011b294fae437a7ae378d2151a37679f8cd669783be5e8bd2f6f7969aab
0e6bd065b74c14ba3dd35466bab123e22428d5e3abe21360eba38103ff5ca669
111bf260b56cb065ba84a68c9d57df82829e463d8315ce65ea8dbc810c54de59
14260743f30cb3820d3da47bcb4be3c6239ddae5132e54fe4a67fc324a2fb5b0
15a96c4dd53ac75387574a966d342e3be1b5abb54059a05ccb3aa8b630856321
18c0a1924323d5b71b7a9e450d9eda05b0b0bd677587493604ba2689398bb8a0
197e5ea552ab9934e995189eb90a28971d51d876c1fabf392f193576fe9bcc53
19f29336bc6d6025c25a2f442e645b04684b354307ad8e9c8b58d16c97f5c7fe
1c82f40d83012f64efaed45cb80e6aa206d7c89b8df0a8d41ea890cff5f8e3fd
1cd714df5d7333e18aff0910d25b5c0ba6a6775a4a51a0cb05c9488654919dc2
21b398232e73bcfb7e782233055a6fbc1dbb3faf8736e512c216329555da2529
221e5096795c4a79c701a975be10e9ab5db2f097fd300367e601d51529dd562b
23446889b79196ed8d14de97b57659cd16246b93dbd9bd0b6b60836b62719dd8
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
26964643672f4a385d91af893803917177a49bd62cf45cff608d08b8868645c2
28cd520f20cc5e844bb66349b23f0f1b311df6b2e851c043959ba9508f17028e
29394a57a49c70f3856e2fa7ee7d32bc222339abd2f6ee6dc84d7694a835cf8f
2982ffa42e293e0c11e7b3a8df6b3606e377e9904081c4cdb309fd5749280839
2a8d3a7b303c6aa356f89ef4cb37dbbd6f939dc639630989f3fe3d4d0ceebd1a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c66d4d62eda1bf111a79e4e84dabeb596ba1262cc0f7e7b5283150f30147e78
2d6b347dfe5bacf35d249d6552d1722cddb95ce7ca212fa74c7847dce4406352
2e716815fb10807fb2f84dd112fd317c525de5c1b552cfe667dd4b9d1cdddcd5
31162a69308b2b73938db0d84b940a5eb6822189852de63c3c815b0a979f532f
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
36e0686e3dc4ac5de38f9e28f004c2e61293f4c72c4a6c155cfcf199ffd39b0f
3836aa0bcae4ffa0697732c9580049ecb6b8fe493c49132e44e0b823567a1a80
3883d8944138bcd2285a14029a10199d7495ab94f2fd8700b52a31dc671d6735
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
4152910b13961b0102aa8bcf50d5f02c7def843989cfd0f146d98cc6baa4cec7
462b107a23105f2608c75b5e4e6e882c1e13436eeac18df326629d3b68767a82
479fb0d12a7b5f0127a4e8fa4fa9d2cf8414314a09d17af1fd2c40b78658b039
47b633f574ba3808c50e98ec47c7b766171f93371a31f171212ece807163513d
4a174dd347807975b4fb8c4ad873ee3a75ed3b99cfe15e02f37dd567d8dd1d75
4b6546145e061f52789243425d5c7f6539154338c487b1b6f86cf60c5ff84ebe
4ff4c830fb7709a20d5090e51b85edd2f2cfff075f7909776b270fcf795f4eb4
507ae2ad536fedbdef871bbcf3c477ea08103556fa18fa4544951185f65c2826
52fbd86060452e9d203e00d606c14c8740ad44a494cc73683690e17c0eda8a08
536c856f1ee19382b4e411fcd357b042ca60cdeed78b2d032b1f3d1a876e7045
53743a9865204a566c23e0b971798e07fb263f6fe3670cee74ba9734e9c991eb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5598496c0070ad6290337c4c0e51bede2a51b21d810110c58fe03b90b4bd9f8f
55e6afa88d53e690e0490409be3b9a9d3c71f3478d334e4102455bb9de8af38f
568c5fa6fe3fdf7eaa7df4d8e546eaec35e843774dd53e63f4ed551a48247b88
57f41bdc012e39837879ff5282bc7e8cb4fddcf42650fd418a082fabfc2cdd22
5d581c099566357c9246cc90a7a9779ed970c9ee70aaeecfe63edf8eaa2510e0
5e313ef02dec0fe222c481658d0fb2bf376eee64b9c39c392fa71fe830b862a9
5e33c0df06a8d97433f1aa2334d3f3c812cbe5359d3b13a59731e96380dca968
5e5ebd5298cb9dab18bda0c5076bb0c3422876cd52d442f2ff93564c071d786c
63396b72c1a757304b6bb0636913d23d5da199ecf035771db4a5bbd29af3f70c
636802e86fdebbd4c8d2372ed0637e601045e7b40c04f57eb391761b1f1b0d12
63f3c8dd098ed6e340deb2bfd4bd17a6ec0a33cc0bcff2bebbfb9214658f6671
6484b6ba0da1ddeed1cddbc5f51a925c9321fa6c256e7f1d5e6a4b470a7f61ee
68757ecc2c822ec174f9555b734fa6f139f6db60fcffd26195ac037ffeb0ad2a
68eb827a2fa6f035eab41392f863522ae5dc0d4c0c31d5245362a7f1a5aed46a
69c12c737014a966e77027c3cc393a8ec11837757d890f05ec49c66c921c1066
69c73ae1002b0eb6463207cfa791e4e5425b95280b71e42232251de26e85df49
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e9d30bd2b31fd3885980ddc7ce6fc2ec1f747d7bc3b36e02992d132f8f8ad0a
72773439ef31387a6261faff3ee08b3410f624e9992adfdb56c0702b1d73fe3a
73e706ef4a401d18c2d79f9b0c0ee7fc4e8746de089f5ee08f897090e8d84ad7
7b2d18d3dc9861604cbbde63dd9218e12a6cac1a06f52b877eddf61f9f7c3b37
7be888fe96032d9c836dc482383d6fe897ebbbec7b19a5c67671d74cdf13281f
7c4e076001c994b8591665f3a10aec0f768de4db5afb65d152d9f547d15e57f8
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f
7dc4fe635252c2c68ab4ef4e00356db4f31403c3d3659333421114163ae288e2
7fd25a586b425c742f647b1a32f6811d99823e0facd8de31f8605fc00dab6825
80fc30ac502073424612abfe45f0db2859aa92ce62a411b63367a7a380fe95c0
825e10ab8fc9623184a11e0e73f0aefb1d82a8a8a62c7da9a0712ddbdefae52f
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0
84f5b2ed96149ad405ee5c4064e6e135f5c7e271325472c6030dee0aec1f9ee3
8573f46e6870d78017527b67a6bb07c6555e90dcb8f067745d06784ce3ecc4fe
85f979c5e0786d55553569eaa11381d8a4031e21eed64af60bfba70fd855c935
8a177fb77ed883beb3d923c055508a3db8e4846458985ec2165b00a0d750ccda
8c82ce50da97302e1e7bb57a58f6334383c5c35f346369dc390635ae5b36664a
8cf7c94046adf8e0e0ac6d93bfff97ee4133e5d96c1f6227ca0d27dc64f6764e
8f27f5acf4fbe1b7827472d070dbc4a1f592213b81aa051351ec71c627139f20
8f35c48dfc83c0c4b52f5d9d6b6ea275bd84ed241a6ab366fff869204520f338
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
950d3ea33a52e3b63868c32fe075b221b10ca5aa31a98b180d7182213c7b8ea1
9906da98130df81b6da1af0d217bd23615279ec824ab216cc2ce809a4d514e4f
9aed6621a0c694a733d18724966165110b5f6fc84790d10b42ec2523e53c11d2
9c3ca555649d677537dcfd5b315b6ec00f197fb0fe8d93f7c0e1507975e41809
9cd587717892f73a5c3afbde7d3b8e2db526e645003a1cd7679e5c40bb83b8e4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3fecb90e374236b529c6c74f813de68f5cb5d255cc343825e8ff53f0ae14021
a421a209ce3dbffc4eb6f2ff8259e5ad942cc8fd943287c5b0aa49e45726aeb5
a5dd191e6934984613b1581de31a429f38d1da866f22a058bc337d5659557089
a66f6f3302156b53ab658b1bffe3a331f4fce7ff25449208188cefbbaea54cff
a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9
ab0a4bc227c7ccada09a23cd6f504e48fa58c706830c0112717939ef9d33b246
ab6f545892f640da445a4695190e0e9eab30b2119cbbb2a0e40b2d96462eb039
ae2d1b77848448cd8b8415517eaa913063281b4ca88f1608ccc8341e5380d650
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b216c6486b54cece2b67e8ea186454221be15379675c0964416af71cb24829b9
b7a286cfd80d5b17b289151f1ae9adac07d41a6905c2f8f364d571196832d90b
b910bbbb27700d674b937a0989eb02cefdd26bea58dd4796a0382320f44952d1
b92b726bc2473d43af2279c01bcc9ec3f5deda614a7a172ded06a4d59a23dd95
bc6a7fa3d87f2303f1441693e8bdeb935c537fb5f952373314303b9aa22fabfd
c2c8995d7b2b8d058fcaff2f117c95b8558bb65cf1cdd3305dc24967abedbe2f
cae4b39663840ecdbe2c4083ec2051116a84b4273660c58320359c0f2fad4a56
cdc9f17e47e9bbe67f5eace6a2980bc26dda093b18798cf16f56636af8b14398
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf736dd3b4c933471a0b3ec8bd86ae06a43696ea218247c028f81b286928a38c
cfebc59b947518831738d45d89d06299fda8433a1d0a4387882df0ee42676d59
d01f2aa3dc6b1429c0e4be0a5f9be0730e97ba7dafd531963d14852a9078f5fd
d5d3f27a8d3fe59aa6c8060a9ad0a381895f4cc51676e0ab57447603caa461af
d6134f2db27eee735c0883fd6476c4dd7d7331019755f2beedbbbc32802c03f5
d718128b47ed7b0d966cf4412577a48228794b67eeff61db113468dccba168f8
d75a5ae8cfa906a56ed852cb303f01968978daf562ad14da806f483cc35c6b6f
d82a51bd2514abfcb1aa576765133e3c9e68c8f98f2f1b9ab6a904c6809acb76
d9dbe74cf540c4cfc329a704fae9092273a28f29864d082c231b02939ea8a2f8
da321a8f8071a3654a264f38bc8475c4cbd907bea64c33af85c1a3a578642232
db0ad30560e4c9eaf2bcc11c571b22d0d85a1b13b6ee2ee2dbb1f3ee7282753c
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778
db8e30aa07ec7666d6627c36d9e7de3bf6ac47d980c0b7df1b33b8327656c502
ddd50583ae386c6ff0a7f52b5a590ea3f53702cffc181128f35ecdf5050af4f0
df16275ce5a3280de569354facea42a4a2d2acdc270b19c54721e8149286e443
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4aa3fe443ce66fe8cf7cffb5b88870fd5ac8d1f630e13351b54fd14168fa18f
e5da36073140c816a2248e6bd5bea5f8ae669fc5ffe1f6bf90cc22d4f69c7b0e
e637494e34528d4f086e7cf84ef490d65f4dd075c8b83bcc53611898c63cde08
e641ebe9320b6d813faf70a54aa3902a7a61f53dcfff7efc88955ae459a21579
edd02b03525176a20dd93459f314c1f26e39097e70eac660d2e696d88d7cd8fb
eeb71e24caa5911a95336844bf2c58473ed117c5215b5c238f4c00b256ff52c0
efbe41e526cbbf9bf73db6aa626adda114759637e9a16f6f81667c375ddb698a
f1ce78cbd86acda1d046f3bf2da112ae3f193ab0790eb0e1c75bd25f33988006
f1db39b6771a9fbb95394aa916d09558442747821d5d9611c5235091737a1b77
f44fd5d3e4ef91db81aa29db7216c4ab17feada8c779fc168e3d13364136610a
f4f1ed7df1f4e0ef3c1b76edf432b83d4281fcff90abf35c9787113d24dcd78b
f720348a3824039e47b5ada6486b4880aa58f4cdee2898799984f025b61d8f35
f9ace719aab268fea2590b8a040a9816646150476aa10d95aac31abf60a64653
fa331b82ec7032bae6b10e0f8da001719b7f772dc37cdd3854f68f429bfa3af6
fa8ce0f9f5d78718935551066be8ab1e59b330c14c95c5e0a876ccc3ab6e5391
fd05299a610e78152f005ce7de9bfd5859d8fb1e5dddd9c130ff613fde24bf83
fd8b5f56a42ba9c68188da914e3e00e6f1b1328baf2fec87206dbda14340f737

hd.lordseriy.christmas Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

421 Requests

78 %HTTPS

20 %IPv6

68 Domains

101 Subdomains

66 IPs

9 Countries

6956 kBTransfer

14545 kBSize

163 Cookies

0 Outgoing links

Redirected requests

421 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hd.lordseriy.christmas Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

421
Requests

78 %
HTTPS

20 %
IPv6

68
Domains

101
Subdomains

66
IPs

9
Countries

6956 kB
Transfer

14545 kB
Size

163
Cookies

421 HTTP transactions
0 data transactions