antiflood.russ-forum.ru Open in urlscan Pro
91.194.2.84 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://antiflood.russ-forum.ru/viewtopic.php?id=242
Submission: On January 09 via manual (January 9th 2024, 5:18:23 am UTC) from CA — Scanned from CA

Summary HTTP 96 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 39 IPs in 11 countries across 42 domains to perform 96 HTTP transactions. The main IP is 91.194.2.84, located in Russian Federation and belongs to RH, RU. The main domain is antiflood.russ-forum.ru.

This is the only time antiflood.russ-forum.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	91.194.2.84 91.194.2.84	51520 (RH) (RH)
1	91.194.2.83 91.194.2.83	51520 (RH) (RH)
1 9	178.154.131.217 178.154.131.217	13238 (YANDEX) (YANDEX)
3	5.255.255.77 5.255.255.77	13238 (YANDEX) (YANDEX)
3 8	93.158.134.119 93.158.134.119	13238 (YANDEX) (YANDEX)
6	151.236.127.209 151.236.127.209	204720 (CDNETWORKS) (CDNETWORKS)
2	77.88.21.179 77.88.21.179	13238 (YANDEX) (YANDEX)
2 4	104.19.232.122 104.19.232.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 11	188.42.189.231 188.42.189.231	7979 (SERVERS-COM) (SERVERS-COM)
2 2	194.226.130.229 194.226.130.229	52016 (ADFACT) (ADFACT)
2 5	194.226.130.226 194.226.130.226	52016 (ADFACT) (ADFACT)
2	104.17.107.212 104.17.107.212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	37.19.206.5 37.19.206.5	60068 (CDN77 ^_^) (CDN77 ^_^)
6 7	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
4 4	35.210.53.219 35.210.53.219	15169 (GOOGLE) (GOOGLE)
4 5	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
2 2	63.251.86.49 63.251.86.49	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	207.198.113.88 207.198.113.88	13768 (COGECO-PEER1) (COGECO-PEER1)
1	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
3 3	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
2	93.158.134.90 93.158.134.90	13238 (YANDEX) (YANDEX)
1 1	23.205.2.235 23.205.2.235	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.39.177.103 23.39.177.103	16625 (AKAMAI-AS) (AKAMAI-AS)
6 7	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
1	104.22.55.206 104.22.55.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	213.19.162.90 213.19.162.90	26667 (RUBICONPR...) (RUBICONPROJECT)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6 9	142.251.16.156 142.251.16.156	15169 (GOOGLE) (GOOGLE)
7 12	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
2 5	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
3 3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 3	52.95.126.160 52.95.126.160	16509 (AMAZON-02) (AMAZON-02)
1 1	54.85.196.91 54.85.196.91	14618 (AMAZON-AES) (AMAZON-AES)
1	54.160.195.52 54.160.195.52	14618 (AMAZON-AES) (AMAZON-AES)
1	63.251.86.51 63.251.86.51	10913 (INTERNAP-BLK) (INTERNAP-BLK)
1 1	52.45.219.8 52.45.219.8	14618 (AMAZON-AES) (AMAZON-AES)
1	23.40.99.89 23.40.99.89	() ()
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	68.67.160.26 68.67.160.26	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.5.56.40 52.5.56.40	() ()
2 10	51.222.239.230 51.222.239.230	16276 (OVH) (OVH)
1 1	74.121.140.211 74.121.140.211	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	63.251.28.134 63.251.28.134	() ()
1 1	80.77.87.163 80.77.87.163	46636 (NATCOWEB) (NATCOWEB)
1 2	82.145.213.8 82.145.213.8	() ()
1	23.105.14.100 23.105.14.100	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	8.28.7.82 8.28.7.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	103.243.202.190 103.243.202.190	() ()
96	39

9 91.194.2.84 (Russian Federation)

ASN51520 (RH, RU)

antiflood.russ-forum.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bs.webtalk.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.194.2.83 (Russian Federation)

ASN51520 (RH, RU)

forumstatic.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 178.154.131.217 (Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)
PTR: static.yandex.net

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.255.255.77 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: yandex.ru

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 93.158.134.119 (Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.236.127.209 (Russian Federation)

ASN204720 (CDNETWORKS, RU)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.88.21.179 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: adfox-external-l3-engine.stable.qloud-b.yandex.net

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.232.122 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 188.42.189.231 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lbs-eu1.ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.226.130.229 (Russian Federation) 2 redirects

ASN52016 (ADFACT, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 194.226.130.226 (Russian Federation) 2 redirects

ASN52016 (ADFACT, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.107.212 (None, )

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.19.206.5 (Ashburn, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: 476000398.ash.cdn77.com

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vpaid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.211.178.172 (North Charleston, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.210.53.219 (Brussels, Belgium) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.200.65.202 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.86.49 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.198.113.88 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.172 (Germany) 3 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.120.76 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.158.134.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.2.235 (Piscataway, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-2-235.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.39.177.103 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-177-103.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 8.43.72.97 (United States) 6 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.55.206 (None, )

ASN13335 (CLOUDFLARENET, US)

sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.162.90 (United Kingdom) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.251.16.156 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 8.43.72.98 (United States) 7 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.128.147 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.126.160 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.85.196.91 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-196-91.compute-1.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.160.195.52 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-195-52.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.86.51 (United States)

ASN10913 (INTERNAP-BLK, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.219.8 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-219-8.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.40.99.89 (None, )

ASN- ()

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.160.26 (Jersey City, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.5.56.40 (None, )

ASN- ()

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 51.222.239.230 (Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.121.140.211 (Reston, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.134 (None, ) 1 redirects

ASN- ()

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.163 (Clifton, United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 82.145.213.8 (None, ) 1 redirects

ASN- ()

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.14.100 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: 23.105.14.100.rdns.racklot.com

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.243.202.190 (None, )

ASN- ()

cm-exchange.toast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	rubiconproject.com 15 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1520 eus.rubiconproject.com — Cisco Umbrella Rank: 951 token.rubiconproject.com — Cisco Umbrella Rank: 744 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2989 pixel.rubiconproject.com — Cisco Umbrella Rank: 620	26 KB
17	betweendigital.com 2 redirects cache.betweendigital.com — Cisco Umbrella Rank: 27025 ads.betweendigital.com — Cisco Umbrella Rank: 2456 lbs-eu1.ads.betweendigital.com — Cisco Umbrella Rank: 72893	117 KB
10	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 1105	5 KB
9	doubleclick.net 6 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 338	2 KB
9	yastatic.net 1 redirects yastatic.net — Cisco Umbrella Rank: 3750	206 KB
8	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 398 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 923	5 KB
8	russ-forum.ru antiflood.russ-forum.ru	82 KB
7	bidswitch.net 6 redirects x.bidswitch.net — Cisco Umbrella Rank: 590	3 KB
7	tns-counter.ru 4 redirects www.tns-counter.ru — Cisco Umbrella Rank: 9177	3 KB
7	yandex.ru 1 redirects yandex.ru — Cisco Umbrella Rank: 1186 mc.yandex.ru — Cisco Umbrella Rank: 2266 an.yandex.ru — Cisco Umbrella Rank: 4780	172 KB
6	yahoo.com 5 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 505 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819	2 KB
6	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 6227	3 KB
4	admedo.com 4 redirects pool.admedo.com — Cisco Umbrella Rank: 7847	1 KB
4	yabidos.com 2 redirects pixel.yabidos.com — Cisco Umbrella Rank: 12863	4 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 356	3 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 594	1 KB
3	bumlam.com 3 redirects sync.bumlam.com — Cisco Umbrella Rank: 6608	2 KB
3	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 998 ce.lijit.com — Cisco Umbrella Rank: 1432	2 KB
2	opera.com 1 redirects t.adx.opera.com	1003 B
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 845	1 KB
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 11426	1 KB
2	creativecdn.com 1 redirects creativecdn.com — Cisco Umbrella Rank: 809	838 B
2	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 2913 vpaid.vidoomy.com — Cisco Umbrella Rank: 4332	20 KB
2	glotgrx.com pre.glotgrx.com — Cisco Umbrella Rank: 12781	802 B
2	adfox.ru ads.adfox.ru — Cisco Umbrella Rank: 6026	248 B
1	toast.com cm-exchange.toast.com	638 B
1	pubmatic.com image8.pubmatic.com — Cisco Umbrella Rank: 1098	42 B
1	smartadserver.com ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2541	45 B
1	admanmedia.com 1 redirects cs.admanmedia.com — Cisco Umbrella Rank: 1665	597 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com	518 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 2123	672 B
1	sharethrough.com match.sharethrough.com	280 B
1	yahoo.net hb.yahoo.net	649 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 1536	493 B
1	bidr.io match.prod.bidr.io — Cisco Umbrella Rank: 972	433 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 778	513 B
1	connectad.io sync-eu.connectad.io — Cisco Umbrella Rank: 6210	152 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1664	106 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 1321	187 B
1	webtalk.ru bs.webtalk.ru — Cisco Umbrella Rank: 890754	398 B
1	forumstatic.ru forumstatic.ru	559 B
0	andbeyond.media Failed cookies.andbeyond.media Failed
96	42

	Domain	Requested by
12	pixel.rubiconproject.com	7 redirects onetag-sys.com
10	onetag-sys.com	2 redirects cache.betweendigital.com onetag-sys.com
10	ads.betweendigital.com	2 redirects cache.betweendigital.com ads.betweendigital.com vid.vidoomy.com onetag-sys.com
9	cm.g.doubleclick.net	6 redirects onetag-sys.com
9	yastatic.net	1 redirects yastatic.net
8	antiflood.russ-forum.ru	antiflood.russ-forum.ru
7	token.rubiconproject.com	6 redirects eus.rubiconproject.com
7	x.bidswitch.net	6 redirects onetag-sys.com
7	www.tns-counter.ru	4 redirects antiflood.russ-forum.ru
6	cache.betweendigital.com	yastatic.net cache.betweendigital.com antiflood.russ-forum.ru ads.betweendigital.com lbs-eu1.ads.betweendigital.com
6	mc.yandex.com	2 redirects antiflood.russ-forum.ru mc.yandex.ru
5	s.amazon-adsystem.com	2 redirects onetag-sys.com
5	ups.analytics.yahoo.com	4 redirects onetag-sys.com
4	pool.admedo.com	4 redirects
4	pixel.yabidos.com	2 redirects antiflood.russ-forum.ru
3	ib.adnxs.com	2 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	match.adsrvr.org	3 redirects
3	sync.bumlam.com	3 redirects
3	yandex.ru	antiflood.russ-forum.ru yastatic.net
2	t.adx.opera.com	1 redirects
2	pixel.tapad.com	1 redirects
2	pixel-eu.rubiconproject.com	1 redirects onetag-sys.com
2	eus.rubiconproject.com	cache.betweendigital.com eus.rubiconproject.com
2	an.yandex.ru
2	x01.aidata.io	2 redirects
2	creativecdn.com	1 redirects vid.vidoomy.com
2	ap.lijit.com	2 redirects
2	pre.glotgrx.com	antiflood.russ-forum.ru
2	ads.adfox.ru	antiflood.russ-forum.ru
2	mc.yandex.ru	1 redirects antiflood.russ-forum.ru
1	cm-exchange.toast.com
1	image8.pubmatic.com	onetag-sys.com
1	ssbsync-global.smartadserver.com	onetag-sys.com
1	cs.admanmedia.com	1 redirects
1	ads.stickyadstv.com	1 redirects
1	sync.mathtag.com	1 redirects
1	match.sharethrough.com
1	hb.yahoo.net
1	sync.ipredictive.com	1 redirects
1	ce.lijit.com
1	match.prod.bidr.io
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com
1	sync-eu.connectad.io
1	secure-assets.rubiconproject.com	1 redirects
1	cm.adform.net	ads.betweendigital.com
1	pixel-sync.sitescout.com	ads.betweendigital.com
1	vpaid.vidoomy.com	vid.vidoomy.com
1	vid.vidoomy.com	lbs-eu1.ads.betweendigital.com
1	lbs-eu1.ads.betweendigital.com	ads.betweendigital.com
1	bs.webtalk.ru	antiflood.russ-forum.ru
1	forumstatic.ru	antiflood.russ-forum.ru
0	cookies.andbeyond.media Failed
96	54

This site contains links to these domains. Also see Links.

Domain
bit.ly
q.gs
gestyy.com
lnkload.com
bc.vc
gigapeta.com
filecrypt.cc
nitro.download
rapidgator.net
russ-forum.ru

Subject Issuer	Validity	Valid
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-12-13` - `2024-06-11`	6 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2023-10-26` - `2024-04-24`	6 months	crt.sh
*.adfox.ru GlobalSign RSA OV SSL CA 2018	`2023-08-22` - `2024-02-01`	5 months	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-13` - `2024-02-13`	a year	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-16` - `2024-03-18`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-10-06`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2023-12-18` - `2025-01-18`	a year	crt.sh
*.match.prod.bidr.io Amazon RSA 2048 M02	`2023-11-28` - `2024-12-25`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.adx.opera.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-22` - `2024-06-20`	a year	crt.sh
*.toast.com Sectigo RSA Organization Validation Secure Server CA	`2023-07-10` - `2024-08-09`	a year	crt.sh

This page contains 7 frames:

Primary Page: http://antiflood.russ-forum.ru/viewtopic.php?id=242
Frame ID: 6431678E5E66E7AFD21784BF325D98EF
Requests: 38 HTTP requests in this frame

Frame: https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=480&fl=0&ord=4206635289426703.5&rr=direct&foc=1&r_seq=0&tld=YW50aWZsb29kLnJ1c3MtZm9ydW0ucnU%3D&tagType=adi&w=970&h=250&s=3898134&jst=ai&crf=1&rts=7608494647639939723
Frame ID: 8725ED11A73C06CF507245CB7F0A23D6
Requests: 6 HTTP requests in this frame

Frame: https://ads.betweendigital.com/match?bidder_id=261&external_user_id=975da903b43854d2b5d0067bdde59d6e
Frame ID: 10EBDED66624899E90923C9C7FB28813
Requests: 5 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=0682144f-8469-5209-a7b1-9277c22d456e&CACHEBUSTER=263589
Frame ID: A09B9D71D0883588733A069C390A6287
Requests: 9 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=vidoomy&tc=1
Frame ID: CDA9AA641692D4F5409589F346C9D073
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 183A20214DB26A70ADB73038EA24F47E
Requests: 20 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 10F8137ADD5BD3750372EBD2D415EF61
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DEHASHED - DATABASE - COLLECTION - | - 240+ - DATABASES - | - EMAIL:PA

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

96
Requests

42 %
HTTPS

0 %
IPv6

42
Domains

54
Subdomains

39
IPs

11
Countries

633 kB
Transfer

2131 kB
Size

62
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://bit.ly/_brave_browser
Title: http://bit.ly/_brave_browser

Search URL Search Domain Scan URL

URL: http://q.gs/19214853/240-dehashed-database-collection
Title: http://q.gs/19214853/240-dehashed-database-collection

Search URL Search Domain Scan URL

URL: http://gestyy.com/eeM3qb
Title: http://gestyy.com/eeM3qb

Search URL Search Domain Scan URL

URL: https://lnkload.com/2sTnY
Title: https://lnkload.com/2sTnY

Search URL Search Domain Scan URL

URL: http://bc.vc/wHBybDq
Title: http://bc.vc/wHBybDq

Search URL Search Domain Scan URL

URL: http://gigapeta.com/dl/9324469a06c733
Title: http://gigapeta.com/dl/9324469a06c733

Search URL Search Domain Scan URL

URL: https://filecrypt.cc/Container/E32FE439E4.html
Title: https://filecrypt.cc/Container/E32FE439E4.html

Search URL Search Domain Scan URL

URL: https://nitro.download/view/541CA0BDA25CDB5
Title: https://nitro.download/view/541CA0BDA25CDB5

Search URL Search Domain Scan URL

URL: https://rapidgator.net/file/88ba7c5913a57591c3abed7105682fe7
Title: https://rapidgator.net/file/88ba7c5913a … 7105682fe7

Search URL Search Domain Scan URL

URL: http://russ-forum.ru/
Title: создать сайт-форум

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://yastatic.net/pcode/adfox/loader.js HTTP 302
https://yandex.ru/ads/system/context.js

Request Chain 20

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10243.wuqA1h23WFD3_L7LkrR9BTuUISzzWXYMQwRhyE937T1n7kouM4IVUX9EykQU6U_M.gz21gCDjrgByidqgkItX30Y6GMQ%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10243.KAlWeZvQGi15DaQfpmNTgXXL7BEWMzmwErf6F6EnBLhLpy3DHFUwVH6QC2uNMqa12kctxsN7W5ZvF01axigFlFgN6nG4rQQ9hi8qh2gQiRmcCOk6S3TGcVj9X7ieQKM2gslUJN-02de8-CG9gRlQLlFftgT-SAbL0coRjiXR37jT4GzLJX-tyYgSETvLMcxrMUuLLHJqYYFijbgk83po6eNwvVQ2EJAsuo86s1HyFa4%2C.7yOwQrDwnqvqRhW-VcGgiZDCRWc%2C

Request Chain 27

https://mc.yandex.com/watch/201230?wmode=7&page-url=http%3A%2F%2Fantiflood.russ-forum.ru%2Fviewtopic.php%3Fid%3D242&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1535373484471%3Ahid%3A699382084%3Az%3A-480%3Ai%3A20240108211816%3Aet%3A1704777496%3Ac%3A1%3Arn%3A19464611%3Arqn%3A1%3Au%3A1704777496579099507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1471%2C18%2C354%2C142%2C0%2C0%2C%2C1174%2C8%2C%2C%2C%2C3162%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1704777492581%3Afp%3A2721%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704777497%3At%3ADEHASHED%20-%20DATABASE%20-%20COLLECTION%20-%20%7C%20-%20240%2B%20-%20DATABASES%20-%20%7C%20-%20EMAIL%3APA&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/201230/1?wmode=7&page-url=http%3A%2F%2Fantiflood.russ-forum.ru%2Fviewtopic.php%3Fid%3D242&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1535373484471%3Ahid%3A699382084%3Az%3A-480%3Ai%3A20240108211816%3Aet%3A1704777496%3Ac%3A1%3Arn%3A19464611%3Arqn%3A1%3Au%3A1704777496579099507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1471%2C18%2C354%2C142%2C0%2C0%2C%2C1174%2C8%2C%2C%2C%2C3162%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1704777492581%3Afp%3A2721%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704777497%3At%3ADEHASHED%20-%20DATABASE%20-%20COLLECTION%20-%20%7C%20-%20240%2B%20-%20DATABASES%20-%20%7C%20-%20EMAIL%3APA&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Request Chain 31

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=http://antiflood.russ-forum.ru&x=&nci=&adtg=3898134&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=http://antiflood.russ-forum.ru&x=&nci=&adtg=3898134&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

Request Chain 32

https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=480&fl=0&ord=4206635289426703.5&rr=direct&foc=1&r_seq=0&tld=YW50aWZsb29kLnJ1c3MtZm9ydW0ucnU=&tagType=adi&w=970&h=250&s=3898134&jst=ai HTTP 302
https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=480&fl=0&ord=4206635289426703.5&rr=direct&foc=1&r_seq=0&tld=YW50aWZsb29kLnJ1c3MtZm9ydW0ucnU%3D&tagType=adi&w=970&h=250&s=3898134&jst=ai&crf=1&rts=7608494647639939723

Request Chain 33

http://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/58917674 HTTP 302
https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/58917674 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/58917674

Request Chain 34

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=http://antiflood.russ-forum.ru&x=&nci=&adtg=3770540&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=http://antiflood.russ-forum.ru&x=&nci=&adtg=3770540&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

Request Chain 35

http://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/30861240 HTTP 302
https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/30861240 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/30861240

Request Chain 42

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=649b7b2d-b28a-4919-a971-895c0e65d01d HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=649b7b2d-b28a-4919-a971-895c0e65d01d HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=2f6de1c0-2108-4eee-bf99-c5ab28b5aed5&user_group=1&ssp=between&bsw_param=649b7b2d-b28a-4919-a971-895c0e65d01d HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=649b7b2d-b28a-4919-a971-895c0e65d01d

Request Chain 43

https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=&verify=true HTTP 302
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1yNi45VERSRTJ1Rlk2anVWT2FDcTNKMklkb0VIVmxTZXNEQ2JHY28tfkE%3D&gdpr=0

Request Chain 44

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=H9fehLZHCjY2WneqQc-Nl6II

Request Chain 45

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=649b7b2d-b28a-4919-a971-895c0e65d01d HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=649b7b2d-b28a-4919-a971-895c0e65d01d HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=2f6de1c0-2108-4eee-bf99-c5ab28b5aed5&user_group=1&ssp=between&bsw_param=649b7b2d-b28a-4919-a971-895c0e65d01d HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=649b7b2d-b28a-4919-a971-895c0e65d01d

Request Chain 47

https://creativecdn.com/cm-notify?pi=vidoomy HTTP 302
https://creativecdn.com/cm-notify?pi=vidoomy&tc=1

Request Chain 50

https://sync.bumlam.com/?src=aid0 HTTP 302
https://sync.bumlam.com/?src=aid0&s_data=CAIQARibrvOsBqIBEIBVuEKurhHuhuAAJZDAZHw* HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=8055b842-aeae-11ee-86e0-002590c0647c HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=8055b842-aeae-11ee-86e0-002590c0647c&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=cS42KcNMHQViTnyi4jliOw& HTTP 302
https://an.yandex.ru/mapuid/adsniperis/8055b842-aeae-11ee-86e0-002590c0647c

Request Chain 52

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 56

https://x.bidswitch.net/sync?dsp_id=429&user_id=0682144f-8469-5209-a7b1-9277c22d456e&expires=60 HTTP 302
https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=649b7b2d-b28a-4919-a971-895c0e65d01d

Request Chain 57

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&khaos=LR5WIANK-1A-GRY6 HTTP 302
https://ads.betweendigital.com/match?bidder_id=101&external_user_id=LR5WIANK-1A-GRY6

Request Chain 58

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR5WIANK-1A-GRY6

Request Chain 59

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHu82DaCiEggfAhYNhv_-vo&google_cver=1

Request Chain 60

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IU332J0QSXqQSw5AZICSaQ&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IU332J0QSXqQSw5AZICSaQ

Request Chain 61

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LR5WIANK-1A-GRY6&ex=d-rubiconproject.com&status=ok

Request Chain 62

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFI1V0lBTkstMUEtR1JZNg== HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm=&google_hm=TFI1V0lBTkstMUEtR1JZNg==&google_tc= HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGl3PzhXdmImi4C_8AAEgqY&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI1V0lBTkstMUEtR1JZNg==&google_push=

Request Chain 63

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjQyZmE3MmI0MTBkMjgxNjBjMzk3MDc4MDE2M2YwM2Y1Y2E3NWFiZg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjQyZmE3MmI0MTBkMjgxNjBjMzk3MDc4MDE2M2YwM2Y1Y2E3NWFiZg&google_tc=

Request Chain 64

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://match.adsrvr.org/track/cmb/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a0a5fdc1-850c-4743-a43f-01ae71f374f0&gdpr=0&gdpr_consent=&expires=30

Request Chain 65

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=6Be27U_HRsCMlqV7X-JP0w&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6Be27U_HRsCMlqV7X-JP0w

Request Chain 66

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/20-zouFuwEz45HVorlQPXsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.2qOpdFE2oJvL3vJ2ozj28anQpGGSwqu1WtA7Q--~A

Request Chain 68

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LR5WIANK-1A-GRY6

Request Chain 69

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=183ab630-a268-41e1-be2a-627e1994fc0f&expires=30

Request Chain 70

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LR5WIANK-1A-GRY6&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LR5WIANK-1A-GRY6&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1JUnJEYi5oRTJ1SGFhMF85LmREbE8xZVBFT1VHOHc5MH5B&ovsid=LR5WIANK-1A-GRY6&dpid=58160

Request Chain 71

https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR5WIANK-1A-GRY6 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LR5WIANK-1A-GRY6

Request Chain 72

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR5WIANK-1A-GRY6

Request Chain 73

https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR5WIANK-1A-GRY6

Request Chain 75

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://onetag-sys.com/match/?int_id=1&uid=58b4659c-d71e-4b00-b1fd-06e07265292d&gdpr=1&gdpr_consent=

Request Chain 77

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=3354521958728782115

Request Chain 78

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=183477df2d9bbdf41717537b917479e4&gdpr_consent=&gdpr=1

Request Chain 80

https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=1&gdpr_consent=&ccpa=&coppa= HTTP 302
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=2d2114be-4c4b-49f5-8a66-c0c677c68e6b

Request Chain 81

https://t.adx.opera.com/pub/sync?pubid=pub10101531197440 HTTP 302
https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPU34758a10829c40368f5ca774d1c2a110

Request Chain 82

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjOyoS_xYGFD-ofKVbeogIRiFrWWPrLVp6Q

Request Chain 84

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=czqeLqbL7m6fcm4TTKlh0ZtWdQyNxOafXlmeEU3fZcw

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJYO0Y97u1vdqHHytobDArk&google_cver=1

Request Chain 88

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=29&uid=a0a5fdc1-850c-4743-a43f-01ae71f374f0&gdpr=0&gdpr_consent=

Request Chain 91

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F0682144f-8469-5209-a7b1-9277c22d456e HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/0682144f-8469-5209-a7b1-9277c22d456e

96 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request viewtopic.php Show response
antiflood.russ-forum.ru/ 34 KB
11 KB 1845ms
354ms Document
text/html 91.194.2.84
RH

General

Check archive.org

Show headers Download Go to

Full URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242
Protocol: HTTP/1.1
Server: 91.194.2.84 , Russian Federation, ASN51520 (RH, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7987077043972a4a43260142146bc486fda7dfbf5d16732235d1e5ad8806adda

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=windows-1251
Date: Tue, 09 Jan 2024 05:18:27 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK libs.min.js Show response
antiflood.russ-forum.ru/js/ 146 KB
50 KB 329ms
311ms Script
application/javascript 91.194.2.84
RH

General

Check archive.org

Show headers Download Go to

Full URL: http://antiflood.russ-forum.ru/js/libs.min.js?v=2
Requested by: Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242
Protocol: HTTP/1.1
Server: 91.194.2.84 , Russian Federation, ASN51520 (RH, RU),
Reverse DNS
Software: nginx /
Resource Hash: 81949b2be13a2a0228493826591ce556af4a0bf7d3bcc9d64c7847689e56cbad

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/viewtopic.php?id=242
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 05:18:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 May 2021 05:58:18 GMT
Server: nginx
ETag: W/"60a205fa-24703"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK extra.js Show response
antiflood.russ-forum.ru/js/ 4 KB
2 KB 286ms
269ms Script
application/javascript 91.194.2.84
RH

General

Check archive.org

Show headers Download Go to

Full URL: http://antiflood.russ-forum.ru/js/extra.js?v=1
Requested by: Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242
Protocol: HTTP/1.1
Server: 91.194.2.84 , Russian Federation, ASN51520 (RH, RU),
Reverse DNS
Software: nginx /
Resource Hash: 98272bb3373b63c2d7d6ed02ae5de67a3c0daedc00cd179c1758760893c3a12a

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/viewtopic.php?id=242
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 05:18:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Apr 2021 06:46:37 GMT
Server: nginx
ETag: W/"606c03cd-1115"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Classic_DarkBlue.css
antiflood.russ-forum.ru/style/Classic_DarkBlue/ 29 KB
6 KB 323ms
307ms Stylesheet
text/css 91.194.2.84
RH

General

Check archive.org

Show headers Download Go to

Full URL: http://antiflood.russ-forum.ru/style/Classic_DarkBlue/Classic_DarkBlue.css
Requested by: Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242
Protocol: HTTP/1.1
Server: 91.194.2.84 , Russian Federation, ASN51520 (RH, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3cb3d7f4d14828076ddb8aead0f74ac08466fc96ec55a4b723553fc4be96a30b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/viewtopic.php?id=242
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 05:18:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Aug 2020 14:19:06 GMT
Server: nginx
ETag: W/"5f4d06da-7554"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK extra.css
antiflood.russ-forum.ru/style/ 21 KB
6 KB 322ms
306ms Stylesheet
text/css 91.194.2.84
RH

General

Check archive.org

Show headers Download Go to

Full URL: http://antiflood.russ-forum.ru/style/extra.css?v=15
Requested by: Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242
Protocol: HTTP/1.1
Server: 91.194.2.84 , Russian Federation, ASN51520 (RH, RU),
Reverse DNS
Software: nginx /
Resource Hash: 61f5c45b0da75728f320d18fc22c407a8f88e78efb78c66401327722c184ca1e

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/viewtopic.php?id=242
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 05:18:27 GMT
Content-Encoding: gzip
Last-Modified: Sat, 08 Apr 2023 11:22:10 GMT
Server: nginx
ETag: W/"64314e62-5496"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mobile.css
antiflood.russ-forum.ru/style/ 12 KB
3 KB 321ms
305ms Stylesheet
text/css 91.194.2.84
RH

General

Check archive.org

Show headers Download Go to

Full URL: http://antiflood.russ-forum.ru/style/mobile.css?2
Requested by: Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242
Protocol: HTTP/1.1
Server: 91.194.2.84 , Russian Federation, ASN51520 (RH, RU),
Reverse DNS
Software: nginx /
Resource Hash: a68819ed3c9b8f3bfa4c44559004d209514a994e8809d741edf07b5102f7a779

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/viewtopic.php?id=242
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 05:18:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Nov 2021 18:38:42 GMT
Server: nginx
ETag: W/"61803432-3040"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 40861.js Show response
forumstatic.ru/files/0014/ef/99/ 257 B
559 B 321ms
299ms Script
application/javascript 91.194.2.83
RH

General

Check archive.org

Show headers Download Go to

Full URL: http://forumstatic.ru/files/0014/ef/99/40861.js
Requested by: Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242
Protocol: HTTP/1.1
Server: 91.194.2.83 , Russian Federation, ASN51520 (RH, RU),
Reverse DNS
Software: nginx /
Resource Hash: d0603690f55001054a0a7087b8dc5107842b913c5d461ff1f5f70bd54bffa8aa

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 05:18:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Apr 2021 09:21:32 GMT
Server: nginx
ETag: W/"6082919c-101"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

context.js Show response
yandex.ru/ads/system/
Redirect Chain

https://yastatic.net/pcode/adfox/loader.js
https://yandex.ru/ads/system/context.js

345 KB
97 KB

494ms
171ms

Script
text/javascript

5.255.255.77
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242

Protocol

Server

5.255.255.77 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

bb03fcf91c0e0f07b5fd9a0a2e934bbcba5d1026fdd2631e3ded76c8a8bc098c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1704777495187314-14449732690567358173-balancer-l7leveler-kubr-yp-vla-42-BAL-8210
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 09 Jan 2024 06:18:15 GMT

Redirect headers

date: Tue, 09 Jan 2024 05:18:14 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
location: https://yandex.ru/ads/system/context.js
access-control-allow-origin: *
timing-allow-origin: *
content-length: 0

GET
H/1.1 200
OK Classic_DarkBlue_cs.css
antiflood.russ-forum.ru/style/Classic_DarkBlue/ 18 KB
3 KB 167ms
167ms Stylesheet
text/css 91.194.2.84
RH

General

Check archive.org

Show headers Download Go to

Full URL: http://antiflood.russ-forum.ru/style/Classic_DarkBlue/Classic_DarkBlue_cs.css
Requested by: Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/style/Classic_DarkBlue/Classic_DarkBlue.css
Protocol: HTTP/1.1
Server: 91.194.2.84 , Russian Federation, ASN51520 (RH, RU),
Reverse DNS
Software: nginx /
Resource Hash: a21299cb36e0593cad6d873ad7b37fdf17f94eb26e7a8117b5967e82e10e9fb9

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/style/Classic_DarkBlue/Classic_DarkBlue.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 05:18:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Nov 2016 16:42:25 GMT
Server: nginx
ETag: W/"582351f1-49aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 618ms
304ms Script
application/javascript 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:18:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 27 Dec 2023 07:32:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "658bd2fc-11627"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71207
expires: Tue, 09 Jan 2024 06:18:15 GMT

GET
H/1.1 200
OK vc
antiflood.russ-forum.ru/ 43 B
294 B 161ms
160ms Image
image/gif 91.194.2.84
RH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://antiflood.russ-forum.ru/vc?1763703;0;0.1692440243190716
Requested by: Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242
Protocol: HTTP/1.1
Server: 91.194.2.84 , Russian Federation, ASN51520 (RH, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/viewtopic.php?id=242
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 05:18:28 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Mon, 08 Jan 2024 05:18:15 GMT

GET
H/1.1 200
OK c
bs.webtalk.ru/ 35 B
398 B 444ms
273ms Image
image/gif 91.194.2.84
RH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bs.webtalk.ru/c?pk=040e14791c833c21e9cd88043168e3de0691d2d3&r=659cd72370dd08.92687146
Requested by: Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242
Protocol: HTTP/1.1
Server: 91.194.2.84 , Russian Federation, ASN51520 (RH, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 05:18:28 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="PSA OUR UNI COM"
Content-Type: image/gif
Cache-Control: must-revalidate
Connection: keep-alive
Expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 ae84bbbd1296b7622b03.js Show response
yastatic.net/partner-code-bundles/937691/ 14 KB
5 KB 115ms
114ms Script
text/javascript 178.154.131.217
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/937691/ae84bbbd1296b7622b03.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

1d490f8ba764274bfd0c05c9f08a47fad09e3acdc610277ae758b2110c2fc487

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://antiflood.russ-forum.ru/
Origin: http://antiflood.russ-forum.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:18:15 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4774
last-modified: Wed, 27 Dec 2023 15:52:52 GMT
server: nginx/1.17.9
etag: "d032afca6659f91e6050d3a7cb7732d6"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 08 Jan 2054 11:54:02 GMT

GET
H2 200 a6a4b083a73f3d813a26.js Show response
yastatic.net/partner-code-bundles/937691/ 24 KB
8 KB 138ms
138ms Script
text/javascript 178.154.131.217
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/937691/a6a4b083a73f3d813a26.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

37f1e1ddc606edbc65252667c8328137f6368e4cf3cbd3ceadf6c363497f0fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://antiflood.russ-forum.ru/
Origin: http://antiflood.russ-forum.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:18:15 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7948
last-modified: Wed, 27 Dec 2023 15:52:51 GMT
server: nginx/1.17.9
etag: "305febfe1dae5f2a6de6e886de7f106e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 08 Jan 2054 11:54:00 GMT

GET
H2 200 a92bedce4b45bc60c7b9.js Show response
yastatic.net/partner-code-bundles/937691/ 118 KB
25 KB 218ms
218ms Script
text/javascript 178.154.131.217
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/937691/a92bedce4b45bc60c7b9.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

9aff1e9197e4b9d23668b36be6c8e6d2bc239190eeb664fc1d9d18a50f492b94

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://antiflood.russ-forum.ru/
Origin: http://antiflood.russ-forum.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:18:15 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24647
last-modified: Wed, 27 Dec 2023 15:52:52 GMT
server: nginx/1.17.9
etag: "d069730651ed399a08217baa025aa8ea"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 08 Jan 2054 11:54:00 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 260ms
260ms Script
text/javascript 178.154.131.217
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://antiflood.russ-forum.ru/
Origin: http://antiflood.russ-forum.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:18:15 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 08 Jan 2054 11:50:17 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 302ms
302ms Font
font/woff2 178.154.131.217
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://antiflood.russ-forum.ru/
Origin: http://antiflood.russ-forum.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:18:15 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: fd53095382a8a1de
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 11:03:29 GMT

GET
H2 200 d053ed1897419218e52b.js Show response
yastatic.net/partner-code-bundles/937691/ 59 KB
15 KB 337ms
336ms Script
text/javascript 178.154.131.217
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/937691/d053ed1897419218e52b.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

c5c850074a6028d74f3e9165024b599bef1d198d41cd69332583bfdedb65d2e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://antiflood.russ-forum.ru/
Origin: http://antiflood.russ-forum.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:18:15 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 14823
last-modified: Wed, 27 Dec 2023 15:52:53 GMT
server: nginx/1.17.9
etag: "372eddc8968904725578a902d2d6e3d7"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 08 Jan 2054 11:53:57 GMT

GET
H2 200 4c9a181cc3ad10f671b2.js Show response
yastatic.net/partner-code-bundles/937691/ 591 KB
113 KB 361ms
361ms Script
text/javascript 178.154.131.217
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/937691/4c9a181cc3ad10f671b2.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

865e11124af5c3ef37d096e3e7bcd203b405cfe8ccb50a96e853c632f35f073c

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://antiflood.russ-forum.ru/
Origin: http://antiflood.russ-forum.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:18:15 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 115418
last-modified: Wed, 27 Dec 2023 15:52:51 GMT
server: nginx/1.17.9
etag: "347ed7d6e2fd1edc6d55a36b22981099"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 08 Jan 2054 11:53:58 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/260971/getBulk/ 2 KB
2 KB 553ms
227ms XHR
application/json 5.255.255.77
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/260971/getBulk/v2?pr=3526580877&pr1=2567988815&dl=http%3A%2F%2Fantiflood.russ-forum.ru%2Fviewtopic.php%3Fid%3D242&prr=&extid_loader=&extid_tag_loader=antiflood.russ-forum.ru&date=2024-01-08T21%3A18%3A15.700-08%3A00&pd=8&pw=1&pv=21&pdw=1600&pdh=1200&ylv=0.937691&ybv=0.937691&ytt=401871499952133&is-turbo=0&skip-token=&ad-session-id=2535201704777495704&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1200%2C%22h%22%3A250%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A800%2C%22top%22%3A274%2C%22sspInfo%22%3A%7B%22deviceSizeSsp%22%3A%7B%7D%7D%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&pcode-version=937691&enable-flat-highlight=1&p1=cktdp&p2=fsgt&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=913082%2C0%2C69%3B909919%2C0%2C42%3B920185%2C0%2C18%3B929673%2C0%2C51%3B917806%2C0%2C73%3B928664%2C0%2C45%3B931546%2C0%2C97%3B917803%2C0%2C3%3B892904%2C0%2C74%3B937598%2C0%2C78%3B936317%2C0%2C2%3B923613%2C0%2C64%3B925138%2C0%2C44%3B912285%2C0%2C76&pcode-flags-map=eJy1Wtty2zgS%2FRc9J1neL3mDSJDCmiS4IGhbSU2hNIk2411fthxnZjap%2FPt2A6Akyg4UJ7N5cCRFfQj05fTpdr4szsmghhW%2FUKRUDVnSRlVcKNapJek6Khav335Z%2FL65%2FrRdvF5IMdLFi8XD9uMDew%2FvkyQMo3Tx9ZcXe5he8HIs5KB4p3oyDtSJkPp5FBqEkg1k2VBV8LGTStCSCVpIOAnpezdG4EVRsDsFPFK1YyOZ4E0DaJ3EF1SoCyKLFS2VZC1VvKoGKt24YeCl%2B9sJKsUab9VRecHFmaJCcLd%2F0jiJ0nyHAE8vzsDJaz5KNTQcfrA3VC3hwiURjA5usDTzI1%2BD4Q0QoxdUX3J%2F3XNWUq7sv8%2FgfA%2F%2BzPDyME%2B9E3jLsarAdbTt5Vo1rGXHoM9GPO8JK%2F%2F6E1YjvP5R1A5z9S8%2B6Tcwfyo%2BT2P%2B%2Fzzwo9HHZK8FWaqGdrVczYygWLNDs8zLvDTamdFOk4AUBErlnA0jaQyvICvRS0lFB5%2BUg5sSMj9IvB8A1R8MpKKqEqR1U5d%2BhqEHIZBnBvgGEBY8UCKZ9gQhAHvQqGQsGVeFoESy8xOlnkVe4Me7409BkhxIaJBESKShigl4ULEauzNVEdbMEON5xLMoSIM9IJESYzo8BzF0AcJdgXWLhlGg7obW4E3WVVxdrJhm9O6cwiNM8qN%2FTtw%2B9rLsgHe7EpKQLNEFpEQkNsAHo2jw0Bd0yU95M%2FWiPQvXFO44DpK36rwl%2Fc6756QZ5xFPjuomS%2BIw2TcaWgBEIYlJmpY0jfsYaRZF0WNrbakumFwpCbn4HIwpdu0ooa%2BBMx63pHhmnge%2Bl2jzAbyqbMstMV3luqfY9nt%2BQQWtKlZAMIv1DGz753%2FmcLPSJWU5VVpPamixvWRQFaYQMNW0uxvWnbnvmOe57XNTO%2B%2BolidT8WDoXefKfQ80gUboC17Sn8QYgBeAOrqhIehmiFtPOrgZwLkRsiQLdgiaFvAgawL5fKlI5zQO%2FMT3Zk5YjooVmPA6UzgHknaTYB76Wbiv0YpBmvXjsmGFIgOIn%2BF5nJqHURYks2hLyD9WHkT4ZHDzMEm8fXAhfTFdoKYHcOjMEr7pB%2BHcFnpFPNOKViMWg3A5M859qBttqHubUbZq7FjFIKCsAw9UpKBujCywYhAzCSoEim%2BlGl6zwmWXQAySaHZoCKaA%2BuikFYTYuAfIS9qp4SgGj8By35Z%2FgaTBu4kcK7iCYrppwZlISZ2pmaRZnhhGxMyqQHt2ZbM2TQ9J4Fhyu%2B2XZ1rImnwyJA8YUCdL7kbJI9tAEaWhUJ6A0DptkixKTP4cuK0WINRKOpxJ7j53lkR%2BeOg%2FTZjQpgDkAK8DaQ6lVrF6hDkEKg%2FnkYICbTjdmvpelMaTIjBpIkfR2fBAe4Roy5XgY71yVknq%2B1PHasibtY6o0lR2aPZl8c%2Ftw7vf2s39h6vbxWs%2F9l4sbu5%2BvbreDu8211e3Hxavg68z1Bhy2BBSi23jHyMdKRBAr5YNKqOGzTvz28XN5ur61f0nONt%2FN7fvt3%2FC679d3Ww%2BbD%2FOPvqwudGfvP%2B8vTVf3%2Fx%2B9XBnXt68Onjz%2FvbKforIOwT44H7z%2Bfru82%2F2nz%2Ffm78%2F3W9e3W7%2F%2BPjoC%2F%2Fa3N1cadNfnr5iZ2i%2BpaLGnyUjSpJ6cMYvDAKbXLosKMQe2kWh25jbMA49S%2FWgLkpaEeAZ0wW7sV1SJz2lsR9a4awHZj3yYv%2BEGZwWpiJBtDLgjhMwqRfv%2Bg0pW2SnWlMOKyvyOLwzz2VxnNuGM6vgw7qQfCxWpjoaPugTGgEi6N%2BBh09UBxRfZGTdGnohhKcwLl42HJIPKhjUoqRPZKF4yV4GUe7D6PDSB8jD98HR%2B%2FDofaTfk5dBDGNQGoD94a0zL09809MqBj25JL3OGjOXj7VT%2FfhxFEcH5YTCkrUYc%2FS%2FyT8nQOxHuQGoBogVh%2FGDXbotwtDyl01vSE4cZpA2idbwuO%2BAlg4Z341uqCi3%2BmZFRKllkkEZIH8lKVZOayiVJNl1w7qXClKE9fKUkb2vbrl4BY7KwyaD7lt69XSiDWYgO5PwCSCrbnoi3aff2%2B%2BXTi2WjJHy86e%2FzXOklTR4kYP7Iy9MXiRhDkwfxrNUyoAC8hmoHYRQtP0cbmi8ZsU1Zheq9wLi5lbSWZza7Ba05ZguQApLJ5VlWRLYplwNU0%2BdBgUFBapaglMCpLl7NPC9LD9BJ3qUK1B6ck0qKCkFq1fwCq7X0EqaWZwACZ94WBL4NhtHgT7HMnTfE2yycMeWtpxqQ3NYQFoiOyW658WxdxiYac7lPYAIuQQtRBQogeqIz6bAA9oU%2Bhkr5V6Q5OY%2BRiHiCQWFdg0jxHKt3zL37OGlvhUQ%2BsualcBSYKXY1WyNbWHmo7dhAnZePj8LCF9vygdBLyDpqJkW3fNL4HmG7K3aZp1%2BJPY30tiiBY%2FzJahh8BqQAByO1s6BE1Bju%2Bm1wnc3WempCLkINxs4qLlxwiDeT0a7ZTfA4UDkJB%2BwjeJsTh5a2GnBiAR6PMk8AohDm3nojAlkWkMgU5S8GFscECan7NzkBsbFiUuVV9BkxKmxFTqlf6pyEX%2B3NtLahDVM7o7pxA%2B9OLM7CNQ2JUdCcVv4wGPGYsXHpjSrTu114%2F9pptfT2OE5gb9Y3e1nElnPiWRzfa3u7q%2B2tw%2Bbh6u7W%2FXu%2Burdvze%2FXm%2Fnzw9hlj98vq33xw%2BaDUDHD3t0rR3skaMt%2FLQhOgViqa98MwXmjDZUnkpCP5u6lVWrkHyQbhQG%2BeMaPQjwLiHpZdGMoBlaQU5QEYy%2FdpdpDgcqgZ%2Bhy%2FC8u4e6IVIv3%2B%2BZEGYFHQI7LOvObPnpHWspx%2B5E9qWBrV69OETZCSm8Ym6qD1Mo%2Br207vsVB84ZxmUtSO%2FUGmAa%2BdG0ciP0fPZl4Bp%2FvjMKvad2Rh0qM9zuS7g0NkfIN623jrnm3e3DvA%2FkuS1mUlb8UrFBd9oTAguUoW83LWRYd4WdFLGllUQSrdTmj324ntvnSRo%2BmjT3s6xG%2FQGEEkiyw1XRvm88B%2BrwMkc1B5CsO8qC7wOaVjDf65FDW9sU0bEWRh%2FrR04BEM8Iy6Ep%2FqbGnQ3fODuTxvtK59bPuO7ZafXoICXth%2B%2B0xYLqyVo3WC1lBcw8JsskO5qxj1H8NLML9F7wVufPd1oGWWL3gEeZp38RpX8JQDWnQFav9Q7ODqNOVGiNUfLNW528ynwIumAliCiQvZJ1tdM4A3fa368hT%2BmtqrpkhLfs0CyaE2GcZ0cmVtSeINBDO02Jou13%2F0FgmBSU209J6Kdzrb7f4puJai77ZssR0HyJnbttyq5GckGZFfin5FSIx%2F%2F6P4BdxRk%3D&pcode-active-testids=929673%2C0%2C51&use-server-side-rendering=1&pcode-icookie=MIqOIDbDS4ODkfUnIkVHsOqvIH39bnson4Kc1e6H0BWmggTHJ%2FmE2PN7o3CPVnuyvK23BDhfClCGD20HuEsxYbt%2F2UE%3D&top-ancestor=http%3A%2F%2Fantiflood.russ-forum.ru&top-ancestor-undetermined=0&grab-orig-len=680&grab=eyJncmFiX3ZlcnNpb24iOjJ9CmKrPpEkz_MC6tIo0qpkEauX_SPbov1blE6b54nlm2RKejZt3i7m_RMcuCaxaVt67hOfPdng4OD2ZV07NbeufTVav3L5G5NBtyl0BnNyJtMm2wg2hbFQLFgqlcEi02BBLzjghdngUCDgvilChAFn06iIMHYf4mQf4ogVDWLrRiFJeZq5eg-W-2kWr8vvb-rFQOJi-xQ5WRZXsDU_3YdGS_5qzhMhVNJvikD8hwkdw0RCmUYl-lmTMb-GNNWYnoi6bXtt2p2COIZVDjUTBzDLmWySTPqoW00Y6AOjnX_zSkxb_Krl5D1R6tvPGYSrJBMnRz1yzsj70ZBb90pNzU5XJnyO0ehDii-71znOcNmpE_aGMMBfX2MLW_AxyOpMlVT06pwAV_YuZ4KZGdPVkj6sUS5t-S5a0KP6eGsngvPh_OFetT54vjNlWWNqfG9Qrxd_jjv8X2rUS4J6H3JGk-sgHf3nkoB6dHhv7_aSMDkqxfQApK0k6IitToFUn3MQAuVeReY2EJ_NZQD4CcYRAkTCOMaNzW0w-at_R0BZZG5tc8liQQKeT7Wh4qsrfA2gFJzmkq7lXbMLMekNeJRnDT-1D47AxVh_dYdcrtg0U7HdrKha0WOH0MfbEubGRN04yJtHXNELeRKAVwlJAvo%3D&tga-with-creatives=1

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.255.255.77 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

a642b215b08c4d38539b6e89fc073a0b37c073b0e93e945f7d572e837ba8091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://antiflood.russ-forum.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 09 Jan 2024 05:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1704777496126810-3713256071513643853-balancer-l7leveler-kubr-yp-vla-74-BAL-1489
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 09 Jan 2024 05:18:16 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: http://antiflood.russ-forum.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 09 Jan 2024 05:18:16 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/260971/getBulk/ 2 KB
1 KB 549ms
245ms XHR
application/json 5.255.255.77
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/260971/getBulk/v2?pr=3526580877&pr1=2121291040&dl=http%3A%2F%2Fantiflood.russ-forum.ru%2Fviewtopic.php%3Fid%3D242&prr=&extid_loader=&extid_tag_loader=antiflood.russ-forum.ru&date=2024-01-08T21%3A18%3A15.734-08%3A00&pd=8&pw=1&pv=21&pdw=1600&pdh=1200&ylv=0.937691&ybv=0.937691&ytt=401871499952133&is-turbo=0&skip-token=&ad-session-id=2535201704777495704&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1200%2C%22h%22%3A250%2C%22width%22%3A1200%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A200%2C%22top%22%3A1277%2C%22sspInfo%22%3A%7B%22deviceSizeSsp%22%3A%7B%7D%7D%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&pcode-version=937691&enable-flat-highlight=1&p1=cjcpx&p2=fsgt&slotNumber=2&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=913082%2C0%2C69%3B909919%2C0%2C42%3B920185%2C0%2C18%3B929673%2C0%2C51%3B917806%2C0%2C73%3B928664%2C0%2C45%3B931546%2C0%2C97%3B917803%2C0%2C3%3B892904%2C0%2C74%3B937598%2C0%2C78%3B936317%2C0%2C2%3B923613%2C0%2C64%3B925138%2C0%2C44%3B912285%2C0%2C76&pcode-flags-map=eJy1Wtty2zgS%2FRc9J1neL3mDSJDCmiS4IGhbSU2hNIk2411fthxnZjap%2FPt2A6Akyg4UJ7N5cCRFfQj05fTpdr4szsmghhW%2FUKRUDVnSRlVcKNapJek6Khav335Z%2FL65%2FrRdvF5IMdLFi8XD9uMDew%2FvkyQMo3Tx9ZcXe5he8HIs5KB4p3oyDtSJkPp5FBqEkg1k2VBV8LGTStCSCVpIOAnpezdG4EVRsDsFPFK1YyOZ4E0DaJ3EF1SoCyKLFS2VZC1VvKoGKt24YeCl%2B9sJKsUab9VRecHFmaJCcLd%2F0jiJ0nyHAE8vzsDJaz5KNTQcfrA3VC3hwiURjA5usDTzI1%2BD4Q0QoxdUX3J%2F3XNWUq7sv8%2FgfA%2F%2BzPDyME%2B9E3jLsarAdbTt5Vo1rGXHoM9GPO8JK%2F%2F6E1YjvP5R1A5z9S8%2B6Tcwfyo%2BT2P%2B%2Fzzwo9HHZK8FWaqGdrVczYygWLNDs8zLvDTamdFOk4AUBErlnA0jaQyvICvRS0lFB5%2BUg5sSMj9IvB8A1R8MpKKqEqR1U5d%2BhqEHIZBnBvgGEBY8UCKZ9gQhAHvQqGQsGVeFoESy8xOlnkVe4Me7409BkhxIaJBESKShigl4ULEauzNVEdbMEON5xLMoSIM9IJESYzo8BzF0AcJdgXWLhlGg7obW4E3WVVxdrJhm9O6cwiNM8qN%2FTtw%2B9rLsgHe7EpKQLNEFpEQkNsAHo2jw0Bd0yU95M%2FWiPQvXFO44DpK36rwl%2Fc6756QZ5xFPjuomS%2BIw2TcaWgBEIYlJmpY0jfsYaRZF0WNrbakumFwpCbn4HIwpdu0ooa%2BBMx63pHhmnge%2Bl2jzAbyqbMstMV3luqfY9nt%2BQQWtKlZAMIv1DGz753%2FmcLPSJWU5VVpPamixvWRQFaYQMNW0uxvWnbnvmOe57XNTO%2B%2BolidT8WDoXefKfQ80gUboC17Sn8QYgBeAOrqhIehmiFtPOrgZwLkRsiQLdgiaFvAgawL5fKlI5zQO%2FMT3Zk5YjooVmPA6UzgHknaTYB76Wbiv0YpBmvXjsmGFIgOIn%2BF5nJqHURYks2hLyD9WHkT4ZHDzMEm8fXAhfTFdoKYHcOjMEr7pB%2BHcFnpFPNOKViMWg3A5M859qBttqHubUbZq7FjFIKCsAw9UpKBujCywYhAzCSoEim%2BlGl6zwmWXQAySaHZoCKaA%2BuikFYTYuAfIS9qp4SgGj8By35Z%2FgaTBu4kcK7iCYrppwZlISZ2pmaRZnhhGxMyqQHt2ZbM2TQ9J4Fhyu%2B2XZ1rImnwyJA8YUCdL7kbJI9tAEaWhUJ6A0DptkixKTP4cuK0WINRKOpxJ7j53lkR%2BeOg%2FTZjQpgDkAK8DaQ6lVrF6hDkEKg%2FnkYICbTjdmvpelMaTIjBpIkfR2fBAe4Roy5XgY71yVknq%2B1PHasibtY6o0lR2aPZl8c%2Ftw7vf2s39h6vbxWs%2F9l4sbu5%2BvbreDu8211e3Hxavg68z1Bhy2BBSi23jHyMdKRBAr5YNKqOGzTvz28XN5ur61f0nONt%2FN7fvt3%2FC679d3Ww%2BbD%2FOPvqwudGfvP%2B8vTVf3%2Fx%2B9XBnXt68Onjz%2FvbKforIOwT44H7z%2Bfru82%2F2nz%2Ffm78%2F3W9e3W7%2F%2BPjoC%2F%2Fa3N1cadNfnr5iZ2i%2BpaLGnyUjSpJ6cMYvDAKbXLosKMQe2kWh25jbMA49S%2FWgLkpaEeAZ0wW7sV1SJz2lsR9a4awHZj3yYv%2BEGZwWpiJBtDLgjhMwqRfv%2Bg0pW2SnWlMOKyvyOLwzz2VxnNuGM6vgw7qQfCxWpjoaPugTGgEi6N%2BBh09UBxRfZGTdGnohhKcwLl42HJIPKhjUoqRPZKF4yV4GUe7D6PDSB8jD98HR%2B%2FDofaTfk5dBDGNQGoD94a0zL09809MqBj25JL3OGjOXj7VT%2FfhxFEcH5YTCkrUYc%2FS%2FyT8nQOxHuQGoBogVh%2FGDXbotwtDyl01vSE4cZpA2idbwuO%2BAlg4Z341uqCi3%2BmZFRKllkkEZIH8lKVZOayiVJNl1w7qXClKE9fKUkb2vbrl4BY7KwyaD7lt69XSiDWYgO5PwCSCrbnoi3aff2%2B%2BXTi2WjJHy86e%2FzXOklTR4kYP7Iy9MXiRhDkwfxrNUyoAC8hmoHYRQtP0cbmi8ZsU1Zheq9wLi5lbSWZza7Ba05ZguQApLJ5VlWRLYplwNU0%2BdBgUFBapaglMCpLl7NPC9LD9BJ3qUK1B6ck0qKCkFq1fwCq7X0EqaWZwACZ94WBL4NhtHgT7HMnTfE2yycMeWtpxqQ3NYQFoiOyW658WxdxiYac7lPYAIuQQtRBQogeqIz6bAA9oU%2Bhkr5V6Q5OY%2BRiHiCQWFdg0jxHKt3zL37OGlvhUQ%2BsualcBSYKXY1WyNbWHmo7dhAnZePj8LCF9vygdBLyDpqJkW3fNL4HmG7K3aZp1%2BJPY30tiiBY%2FzJahh8BqQAByO1s6BE1Bju%2Bm1wnc3WempCLkINxs4qLlxwiDeT0a7ZTfA4UDkJB%2BwjeJsTh5a2GnBiAR6PMk8AohDm3nojAlkWkMgU5S8GFscECan7NzkBsbFiUuVV9BkxKmxFTqlf6pyEX%2B3NtLahDVM7o7pxA%2B9OLM7CNQ2JUdCcVv4wGPGYsXHpjSrTu114%2F9pptfT2OE5gb9Y3e1nElnPiWRzfa3u7q%2B2tw%2Bbh6u7W%2FXu%2Burdvze%2FXm%2Fnzw9hlj98vq33xw%2BaDUDHD3t0rR3skaMt%2FLQhOgViqa98MwXmjDZUnkpCP5u6lVWrkHyQbhQG%2BeMaPQjwLiHpZdGMoBlaQU5QEYy%2FdpdpDgcqgZ%2Bhy%2FC8u4e6IVIv3%2B%2BZEGYFHQI7LOvObPnpHWspx%2B5E9qWBrV69OETZCSm8Ym6qD1Mo%2Br207vsVB84ZxmUtSO%2FUGmAa%2BdG0ciP0fPZl4Bp%2FvjMKvad2Rh0qM9zuS7g0NkfIN623jrnm3e3DvA%2FkuS1mUlb8UrFBd9oTAguUoW83LWRYd4WdFLGllUQSrdTmj324ntvnSRo%2BmjT3s6xG%2FQGEEkiyw1XRvm88B%2BrwMkc1B5CsO8qC7wOaVjDf65FDW9sU0bEWRh%2FrR04BEM8Iy6Ep%2FqbGnQ3fODuTxvtK59bPuO7ZafXoICXth%2B%2B0xYLqyVo3WC1lBcw8JsskO5qxj1H8NLML9F7wVufPd1oGWWL3gEeZp38RpX8JQDWnQFav9Q7ODqNOVGiNUfLNW528ynwIumAliCiQvZJ1tdM4A3fa368hT%2BmtqrpkhLfs0CyaE2GcZ0cmVtSeINBDO02Jou13%2F0FgmBSU209J6Kdzrb7f4puJai77ZssR0HyJnbttyq5GckGZFfin5FSIx%2F%2F6P4BdxRk%3D&pcode-active-testids=929673%2C0%2C51&use-server-side-rendering=1&pcode-icookie=MIqOIDbDS4ODkfUnIkVHsOqvIH39bnson4Kc1e6H0BWmggTHJ%2FmE2PN7o3CPVnuyvK23BDhfClCGD20HuEsxYbt%2F2UE%3D&top-ancestor=http%3A%2F%2Fantiflood.russ-forum.ru&top-ancestor-undetermined=0&grab-orig-len=680&grab=eyJncmFiX3ZlcnNpb24iOjJ9CmKrPpEkz_MC6tIo0qpkEauX_SPbov1blE6b54nlm2RKejZt3i7m_RMcuCaxaVt67hOfPdng4OD2ZV07NbeufTVav3L5G5NBtyl0BnNyJtMm2wg2hbFQLFgqlcEi02BBLzjghdngUCDgvilChAFn06iIMHYf4mQf4ogVDWLrRiFJeZq5eg-W-2kWr8vvb-rFQOJi-xQ5WRZXsDU_3YdGS_5qzhMhVNJvikD8hwkdw0RCmUYl-lmTMb-GNNWYnoi6bXtt2p2COIZVDjUTBzDLmWySTPqoW00Y6AOjnX_zSkxb_Krl5D1R6tvPGYSrJBMnRz1yzsj70ZBb90pNzU5XJnyO0ehDii-71znOcNmpE_aGMMBfX2MLW_AxyOpMlVT06pwAV_YuZ4KZGdPVkj6sUS5t-S5a0KP6eGsngvPh_OFetT54vjNlWWNqfG9Qrxd_jjv8X2rUS4J6H3JGk-sgHf3nkoB6dHhv7_aSMDkqxfQApK0k6IitToFUn3MQAuVeReY2EJ_NZQD4CcYRAkTCOMaNzW0w-at_R0BZZG5tc8liQQKeT7Wh4qsrfA2gFJzmkq7lXbMLMekNeJRnDT-1D47AxVh_dYdcrtg0U7HdrKha0WOH0MfbEubGRN04yJtHXNELeRKAVwlJAvo%3D&tga-with-creatives=1

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.255.255.77 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

e841ab2230caa48aca0bfb9bb614bcd16d2f26bf8268a51b2259516dc5351470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://antiflood.russ-forum.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 09 Jan 2024 05:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1704777496136103-17361709196241375168-balancer-l7leveler-kubr-yp-vla-74-BAL-8492
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 09 Jan 2024 05:18:16 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: http://antiflood.russ-forum.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 09 Jan 2024 05:18:16 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10243.wuqA1h23WFD3_L7LkrR9BTuUISzzWXYMQwRhyE937T1n7kouM4IVUX9EykQU6U_M.gz21gCDjrgByidqgkItX30Y6GMQ%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10243.KAlWeZvQGi15DaQfpmNTgXXL7BEWMzmwErf6F6EnBLhLpy3DHFUwVH6QC2uNMqa12kctxsN7W5ZvF01axigFlFgN6nG4rQQ9hi8qh2gQiRmcCOk6S3TGcVj9X7ieQKM2gslUJN-02d...

43 B
678 B

156ms
155ms

Image
image/gif

93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10243.KAlWeZvQGi15DaQfpmNTgXXL7BEWMzmwErf6F6EnBLhLpy3DHFUwVH6QC2uNMqa12kctxsN7W5ZvF01axigFlFgN6nG4rQQ9hi8qh2gQiRmcCOk6S3TGcVj9X7ieQKM2gslUJN-02de8-CG9gRlQLlFftgT-SAbL0coRjiXR37jT4GzLJX-tyYgSETvLMcxrMUuLLHJqYYFijbgk83po6eNwvVQ2EJAsuo86s1HyFa4%2C.7yOwQrDwnqvqRhW-VcGgiZDCRWc%2C

Requested by

Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242

Protocol

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:18:16 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10243.KAlWeZvQGi15DaQfpmNTgXXL7BEWMzmwErf6F6EnBLhLpy3DHFUwVH6QC2uNMqa12kctxsN7W5ZvF01axigFlFgN6nG4rQQ9hi8qh2gQiRmcCOk6S3TGcVj9X7ieQKM2gslUJN-02de8-CG9gRlQLlFftgT-SAbL0coRjiXR37jT4GzLJX-tyYgSETvLMcxrMUuLLHJqYYFijbgk83po6eNwvVQ2EJAsuo86s1HyFa4%2C.7yOwQrDwnqvqRhW-VcGgiZDCRWc%2C
date: Tue, 09 Jan 2024 05:18:16 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
524 B 173ms
173ms Image
image/gif 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:18:16 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:57:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65898a2e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 09 Jan 2024 06:18:16 GMT

GET
H2 200 22e886ba87bcfc9e2e64.js Show response
yastatic.net/partner-code-bundles/937691/ 9 KB
4 KB 114ms
114ms Script
text/javascript 178.154.131.217
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/937691/22e886ba87bcfc9e2e64.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

ca7902fc01ef265c1cd25c34ff6eb746c44807699004343909e6dcb850318de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://antiflood.russ-forum.ru/
Origin: http://antiflood.russ-forum.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:18:16 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 3560
last-modified: Wed, 27 Dec 2023 15:52:50 GMT
server: nginx/1.17.9
etag: "bda91702534674eccbab454b647bf921"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 08 Jan 2054 11:54:09 GMT

GET
H/1.1 200
OK 3898134.js Show response
cache.betweendigital.com/sections/2/ 8 KB
3 KB 877ms
186ms Script
application/javascript 151.236.127.209
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: http://cache.betweendigital.com/sections/2/3898134.js
Requested by: Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/937691/4c9a181cc3ad10f671b2.js
Protocol: HTTP/1.1
Server: 151.236.127.209 , Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ef8af0c3203e29e767bae4244852665df9c560458f7958962186e93faf3219da

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 05:18:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 May 2020 07:10:01 GMT
Server: nginx
X-CDN-Edge-Id: 313
ETag: W/"5ece1249-2199"
Transfer-Encoding: chunked
Content-Type: application/javascript
X-CDN-Edge-Cache: HIT
Connection: keep-alive
X-CDN-Request-Id: 9dd063987d85d1462bd861b25ef0a1bd

GET
H2 204 event
ads.adfox.ru/260971/ 0
18 B 497ms
183ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/260971/event?hash=630e261e58030510&pm=cyz&p5=ibsay&rand=eoddbxw&sj=uXT7zzo2NOZ5-Dz02TO8FRUd_x_U1McQ07Tt1AlB1BpDNgaT9eR0GO_Qoj9YmA%3D%3D&ad-session-id=2535201704777495704&lts=fnmoqfg&ytt=401871499952133&ybv=0.937691&ylv=0.937691&dl=http%3A%2F%2Fantiflood.russ-forum.ru%2Fviewtopic.php%3Fid%3D242&pr=lkvfnqb&p1=cktdp&rqs=GGvkbKFLSEcY15xlWPxSILXp2OMiEIr8&p2=fsgt&bundle=banner.transfer

Requested by

Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 05:18:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Jan 2024 05:18:16 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H/1.1 200
OK 3770540.js Show response
cache.betweendigital.com/sections/2/ 8 KB
3 KB 866ms
187ms Script
application/javascript 151.236.127.209
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: http://cache.betweendigital.com/sections/2/3770540.js
Requested by: Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/937691/4c9a181cc3ad10f671b2.js
Protocol: HTTP/1.1
Server: 151.236.127.209 , Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 822ae81b5238baba6c285fd057a745434eeae568cd1661e5c9bca299926d7175

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 05:18:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Feb 2020 10:48:01 GMT
Server: nginx
X-CDN-Edge-Id: 313
ETag: W/"5e58efe1-2197"
Transfer-Encoding: chunked
Content-Type: application/javascript
X-CDN-Edge-Cache: HIT
Connection: keep-alive
X-CDN-Request-Id: 91e8783daba3ce29980f8b8a4b79ff32

GET
H2 204 event
ads.adfox.ru/260971/ 0
230 B 475ms
172ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/260971/event?hash=797c9fbf3a573667&pm=cyz&p5=hsbvk&rand=hhaulbi&sj=Y5VXvSnQ-qTtwET-8z7uymhyNVn0DTw0s-zUh-cC7tm8LpFCOlXgauT6UdTbYg%3D%3D&ad-session-id=2535201704777495704&lts=fnmoqfg&ytt=401871499952133&ybv=0.937691&ylv=0.937691&dl=http%3A%2F%2Fantiflood.russ-forum.ru%2Fviewtopic.php%3Fid%3D242&pr=lkvfnqb&p1=cjcpx&rqs=GNdbmJOmw3QY15xl21oc-OAjnBqi1yDe&p2=fsgt&bundle=banner.transfer

Requested by

Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 05:18:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Jan 2024 05:18:16 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/201230/
Redirect Chain

https://mc.yandex.com/watch/201230?wmode=7&page-url=http%3A%2F%2Fantiflood.russ-forum.ru%2Fviewtopic.php%3Fid%3D242&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Af...
https://mc.yandex.com/watch/201230/1?wmode=7&page-url=http%3A%2F%2Fantiflood.russ-forum.ru%2Fviewtopic.php%3Fid%3D242&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3...

436 B
570 B

157ms
157ms

Fetch
application/json

93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/201230/1?wmode=7&page-url=http%3A%2F%2Fantiflood.russ-forum.ru%2Fviewtopic.php%3Fid%3D242&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1535373484471%3Ahid%3A699382084%3Az%3A-480%3Ai%3A20240108211816%3Aet%3A1704777496%3Ac%3A1%3Arn%3A19464611%3Arqn%3A1%3Au%3A1704777496579099507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1471%2C18%2C354%2C142%2C0%2C0%2C%2C1174%2C8%2C%2C%2C%2C3162%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1704777492581%3Afp%3A2721%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704777497%3At%3ADEHASHED%20-%20DATABASE%20-%20COLLECTION%20-%20%7C%20-%20240%2B%20-%20DATABASES%20-%20%7C%20-%20EMAIL%3APA&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Requested by

Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242

Protocol

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

086d751859f43ba7b4638c14565c82106005a97313a671af2af94121ce8a2626

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 05:18:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 09-Jan-2024 05:18:16 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://antiflood.russ-forum.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 436
x-xss-protection: 1; mode=block
expires: Tue, 09-Jan-2024 05:18:16 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 05:18:16 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 09-Jan-2024 05:18:16 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/201230/1?wmode=7&page-url=http%3A%2F%2Fantiflood.russ-forum.ru%2Fviewtopic.php%3Fid%3D242&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1535373484471%3Ahid%3A699382084%3Az%3A-480%3Ai%3A20240108211816%3Aet%3A1704777496%3Ac%3A1%3Arn%3A19464611%3Arqn%3A1%3Au%3A1704777496579099507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1471%2C18%2C354%2C142%2C0%2C0%2C%2C1174%2C8%2C%2C%2C%2C3162%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1704777492581%3Afp%3A2721%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704777497%3At%3ADEHASHED%20-%20DATABASE%20-%20COLLECTION%20-%20%7C%20-%20240%2B%20-%20DATABASES%20-%20%7C%20-%20EMAIL%3APA&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: http://antiflood.russ-forum.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 09-Jan-2024 05:18:16 GMT

POST
H2 200 1
mc.yandex.com/watch/201230/ 43 B
77 B 159ms
159ms Ping
image/gif 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/201230/1?page-url=http%3A%2F%2Fantiflood.russ-forum.ru%2Fviewtopic.php%3Fid%3D242&charset=utf-8&uah=che%0A0&hittoken=1704777496_4eb56c2c062749e836a34c15a593c5a2b2892a80bf218398988dc1e90b37870a&browser-info=pa%3A1%3Aar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1535373484471%3Ahid%3A699382084%3Az%3A-480%3Ai%3A20240108211816%3Aet%3A1704777497%3Ac%3A1%3Arn%3A465864901%3Arqn%3A2%3Au%3A1704777496579099507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1704777492581%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704777497&t=gdpr(14%2C14)mc(p-1)clc(0-0-0)rqnt(2)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%222535201704777495704%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 05:18:16 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 09-Jan-2024 05:18:16 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: http://antiflood.russ-forum.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 09-Jan-2024 05:18:16 GMT

GET
H/1.1 200
OK async_rtb.js Show response
cache.betweendigital.com/code/ 310 KB
100 KB 102ms
102ms Script
application/javascript 151.236.127.209
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: http://cache.betweendigital.com/code/async_rtb.js
Requested by: Host: cache.betweendigital.com
URL: http://cache.betweendigital.com/sections/2/3898134.js
Protocol: HTTP/1.1
Server: 151.236.127.209 , Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: b133bcfc1e8759b14ef4e3793fa705eb8db5877ef0fb4050f7da9ac346e9f505

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 05:18:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 May 2023 11:39:11 GMT
Server: nginx
X-CDN-Edge-Id: 313
ETag: W/"647731df-4d9c1"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: public, max-age=7200, immutable
X-CDN-Edge-Cache: HIT
Connection: keep-alive
X-CDN-Request-Id: 792a4fcd3630c41ab76df7ef9fa9dca0

GET
H/1.1 200
OK 1x1.gif
cache.betweendigital.com/code/ 43 B
367 B 103ms
103ms Image
image/gif 151.236.127.209
CDNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cache.betweendigital.com/code/1x1.gif
Requested by: Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242
Protocol: HTTP/1.1
Server: 151.236.127.209 , Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 05:18:17 GMT
Last-Modified: Tue, 08 Oct 2019 15:27:01 GMT
Server: nginx
X-CDN-Edge-Id: 313
ETag: "5d9caac5-2b"
Content-Type: image/gif
X-CDN-Edge-Cache: HIT
Connection: keep-alive
Accept-Ranges: bytes
X-CDN-Request-Id: 00b3f7318703eba88a07cb4fb37a231d
Content-Length: 43

GET
H2

200

fltiukqt.js Show response
pixel.yabidos.com/
Redirect Chain

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=http://antiflood.russ-forum.ru&x=&nci=&adtg=3898134&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=http://antiflood.russ-forum.ru&x=&nci=&adtg=3898134&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

3 KB
2 KB

26ms
25ms

Script
application/javascript

104.19.232.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=http://antiflood.russ-forum.ru&x=&nci=&adtg=3898134&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Requested by: Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242
Protocol: H2
Server: 104.19.232.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0b0801eed8e491f9a06463e84e9bbbbd6b06be5f32035f7b6b9e669c7669e7b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:18:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 26 Nov 2023 06:49:45 GMT
server: cloudflare
age: 2113
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 842a37ff2ee9a204-YYZ
content-length: 1606
expires: Tue, 09 Jan 2024 07:18:17 GMT

Redirect headers

location: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=http://antiflood.russ-forum.ru&x=&nci=&adtg=3898134&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
date: Tue, 09 Jan 2024 05:18:17 GMT
cache-control: max-age=3600
server: cloudflare
cf-ray: 842a37ff0ebfa204-YYZ
vary: Accept-Encoding
expires: Tue, 09 Jan 2024 06:18:17 GMT

GET
H2

200

adi Show response
ads.betweendigital.com/ Frame 8725
Redirect Chain

https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=480&fl=0&ord=4206635289426703.5&rr=direct&foc=1&r_seq=0&tld=YW50aWZsb29kLnJ1c3MtZm9ydW0ucnU=&tagType=adi&w=970&h=250&s=3898134&jst=ai
https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=480&fl=0&ord=4206635289426703.5&rr=direct&foc=1&r_seq=0&tld=YW50aWZsb29kLnJ1c3MtZm9ydW0ucnU%3D&tagType=adi&w=970&h=250&s=3898134&jst=ai&crf=1&rts...

2 KB
1 KB

353ms
352ms

Document
text/html

188.42.189.231
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=480&fl=0&ord=4206635289426703.5&rr=direct&foc=1&r_seq=0&tld=YW50aWZsb29kLnJ1c3MtZm9ydW0ucnU%3D&tagType=adi&w=970&h=250&s=3898134&jst=ai&crf=1&rts=7608494647639939723
Requested by: Host: cache.betweendigital.com
URL: http://cache.betweendigital.com/code/async_rtb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.189.231 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 783bd8543e6de72c93538e62f5dc0f1986a7b26ba176b0bbe1c495ceae863a4c

Request headers

Referer: http://antiflood.russ-forum.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: /adi?frl=0&pos=atf&tz=480&fl=0&ord=4206635289426703.5&rr=direct&foc=1&r_seq=0&tld=YW50aWZsb29kLnJ1c3MtZm9ydW0ucnU%3D&tagType=adi&w=970&h=250&s=3898134&jst=ai&crf=1&rts=7608494647639939723

GET
H2

200

58917674
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/
Redirect Chain

http://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/58917674
https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/58917674
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/58917674

43 B
297 B

146ms
146ms

Image
image/gif

194.226.130.226
ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/58917674
Requested by: Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242
Protocol: H2
Server: 194.226.130.226 , Russian Federation, ASN52016 (ADFACT, RU),
Reverse DNS
Software: ms-counter-4.4.3/1.22.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 05:18:18 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.4.3/1.22.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 05:18:18 GMT
strict-transport-security: max-age=2678400
server: ms-counter-4.4.3/1.22.1
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/58917674
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

fltiukqt.js Show response
pixel.yabidos.com/
Redirect Chain

https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=http://antiflood.russ-forum.ru&x=&nci=&adtg=3770540&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=http://antiflood.russ-forum.ru&x=&nci=&adtg=3770540&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

3 KB
2 KB

26ms
26ms

Script
application/javascript

104.19.232.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=http://antiflood.russ-forum.ru&x=&nci=&adtg=3770540&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Requested by: Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242
Protocol: H2
Server: 104.19.232.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0b0801eed8e491f9a06463e84e9bbbbd6b06be5f32035f7b6b9e669c7669e7b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:18:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 26 Nov 2023 06:49:45 GMT
server: cloudflare
age: 2113
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 842a37ff2eeca204-YYZ
content-length: 1606
expires: Tue, 09 Jan 2024 07:18:17 GMT

Redirect headers

location: https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=http://antiflood.russ-forum.ru&x=&nci=&adtg=3770540&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
date: Tue, 09 Jan 2024 05:18:17 GMT
cache-control: max-age=3600
server: cloudflare
cf-ray: 842a37ff0ec0a204-YYZ
vary: Accept-Encoding
expires: Tue, 09 Jan 2024 06:18:17 GMT

GET
H2

200

30861240
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/
Redirect Chain

http://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/30861240
https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/30861240
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/30861240

43 B
297 B

146ms
146ms

Image
image/gif

194.226.130.226
ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/30861240
Requested by: Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242
Protocol: H2
Server: 194.226.130.226 , Russian Federation, ASN52016 (ADFACT, RU),
Reverse DNS
Software: ms-counter-4.4.3/1.22.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 05:18:18 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.4.3/1.22.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 05:18:18 GMT
strict-transport-security: max-age=2678400
server: ms-counter-4.4.3/1.22.1
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/30861240
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK impimg.gif
pre.glotgrx.com/ 26 B
401 B 51ms
31ms Image
image/gif 104.17.107.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pre.glotgrx.com/impimg.gif?cb=1704777497487&qid=53532313f523632313f5436393&cid=964&s=http://antiflood.russ-forum.ru&p=BX&x=&adtg=3898134&nsi=&si=&nci=&nai=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/120.0.6099.129%20Safari/537.36&ai=&flsrc=1
Requested by: Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242
Protocol: HTTP/1.1
Server: 104.17.107.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 05:18:17 GMT
CF-Cache-Status: HIT
Last-Modified: Sun, 26 Nov 2023 06:49:37 GMT
Server: cloudflare
Age: 390
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: public, max-age=7200
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 842a37ff7c03a23b-YYZ
Content-Length: 26
Expires: Tue, 09 Jan 2024 07:18:17 GMT

GET
H/1.1 200
OK impimg.gif
pre.glotgrx.com/ 26 B
401 B 46ms
26ms Image
image/gif 104.17.107.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pre.glotgrx.com/impimg.gif?cb=1704777497487&qid=53532313f523632313f5436393&cid=964&s=http://antiflood.russ-forum.ru&p=BX&x=&adtg=3770540&nsi=&si=&nci=&nai=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/120.0.6099.129%20Safari/537.36&ai=&flsrc=1
Requested by: Host: antiflood.russ-forum.ru
URL: http://antiflood.russ-forum.ru/viewtopic.php?id=242
Protocol: HTTP/1.1
Server: 104.17.107.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://antiflood.russ-forum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 05:18:17 GMT
CF-Cache-Status: HIT
Last-Modified: Sun, 26 Nov 2023 06:49:37 GMT
Server: cloudflare
Age: 390
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: public, max-age=7200
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 842a37ff792ca250-YYZ
Content-Length: 26
Expires: Tue, 09 Jan 2024 07:18:17 GMT

GET
H2 200 sspmatch-js Show response
lbs-eu1.ads.betweendigital.com/ Frame 8725 1006 B
1 KB 118ms
115ms Script
text/javascript 188.42.189.231
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs-eu1.ads.betweendigital.com/sspmatch-js?randsalt=78455&p=41985&gdpr=0&consent=&country=CA
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=480&fl=0&ord=4206635289426703.5&rr=direct&foc=1&r_seq=0&tld=YW50aWZsb29kLnJ1c3MtZm9ydW0ucnU%3D&tagType=adi&w=970&h=250&s=3898134&jst=ai&crf=1&rts=7608494647639939723
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.189.231 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 908ee449cc6b58655504c56ec41c02a54621c585b8b90079e854c8ce36ca5d7e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 1006
content-type: text/javascript

GET
H2 200 pmListener.js Show response
cache.betweendigital.com/ Frame 8725 3 KB
1 KB 305ms
101ms Script
application/javascript 151.236.127.209
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/pmListener.js
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=480&fl=0&ord=4206635289426703.5&rr=direct&foc=1&r_seq=0&tld=YW50aWZsb29kLnJ1c3MtZm9ydW0ucnU%3D&tagType=adi&w=970&h=250&s=3898134&jst=ai&crf=1&rts=7608494647639939723
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.209 , Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7aa631033bbe188024b7562121e4bfa2fc17d00b5a982aec980c521b242d498e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:18:18 GMT
content-encoding: gzip
last-modified: Wed, 03 Feb 2021 14:20:14 GMT
server: nginx
x-cdn-edge-id: 313
etag: W/"601ab11e-caf"
content-type: application/javascript
x-cdn-edge-cache: HIT
x-cdn-request-id: 15d429798fe8b8e03df3cad52545da76

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame 10EB 49 KB
19 KB 179ms
52ms Document
text/html 37.19.206.5
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Requested by: Host: lbs-eu1.ads.betweendigital.com
URL: https://lbs-eu1.ads.betweendigital.com/sspmatch-js?randsalt=78455&p=41985&gdpr=0&consent=&country=CA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.206.5 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 476000398.ash.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer: https://ads.betweendigital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 09 Jan 2024 05:18:18 GMT
etag: W/"a9290c6b5f8c75ebc321b414a16a5c2a"
last-modified: Tue, 12 Dec 2023 09:09:26 GMT
server: CDN77-Turbo
vary: Accept-Encoding Accept-Encoding
x-77-age: 499576
x-77-cache: HIT
x-77-nzt: AyUTzgQ3Nzf/YxsGAJySO983NzfvFYQBAG09WgJRWLkA
x-77-nzt-ray: 8e305f1c7fe422a61ad79c65fad40f16
x-77-pop: ashburnUSVA
x-accel-date: 1704377271
x-accel-expires: @1705068473
x-age-lb: 400227
x-amz-request-id: tx0000024ec5f3ea1112cbc-006586e9b5-2bc58ec-prg
x-amz-storage-class: STANDARD
x-cache-lb: HIT
x-rgw-object-type: Normal

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame A09B 4 KB
1 KB 182ms
100ms Document
text/html 151.236.127.209
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=0682144f-8469-5209-a7b1-9277c22d456e&CACHEBUSTER=263589
Requested by: Host: lbs-eu1.ads.betweendigital.com
URL: https://lbs-eu1.ads.betweendigital.com/sspmatch-js?randsalt=78455&p=41985&gdpr=0&consent=&country=CA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.127.209 , Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878

Request headers

Referer: https://ads.betweendigital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 09 Jan 2024 05:18:18 GMT
etag: W/"638623e5-e7e"
last-modified: Tue, 29 Nov 2022 15:23:17 GMT
server: nginx
x-cdn-edge-cache: HIT
x-cdn-edge-id: 313
x-cdn-request-id: 3757e4d4a6147967467f04b0e9ae280f

GET
H2

200

match
ads.betweendigital.com/ Frame 8725
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=649b7b2d-b28a-4919-a971-895c0e65d01d
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=649b7b2d-b28a-4919-a971-895c0e65d01d
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=2f6de1c0-2108-4eee-bf99-c5ab28b5aed5&user_group=1&ssp=between&bsw_param=649b7b2d-b28a-4919-a971-895c0e65d01d
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=649b7b2d-b28a-4919-a971-895c0e65d01d

68 B
598 B

116ms
115ms

Image
image/png

188.42.189.231
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=649b7b2d-b28a-4919-a971-895c0e65d01d
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=480&fl=0&ord=4206635289426703.5&rr=direct&foc=1&r_seq=0&tld=YW50aWZsb29kLnJ1c3MtZm9ydW0ucnU%3D&tagType=adi&w=970&h=250&s=3898134&jst=ai&crf=1&rts=7608494647639939723
Protocol: H2
Server: 188.42.189.231 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=649b7b2d-b28a-4919-a971-895c0e65d01d
Date: Tue, 09 Jan 2024 05:18:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 8725
Redirect Chain

https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=&verify=true
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1yNi45VERSRTJ1Rlk2anVWT2FDcTNKMklkb0VIVmxTZXNEQ2JHY28tfkE%3D&gdpr=0

68 B
598 B

115ms
115ms

Image
image/png

188.42.189.231
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1yNi45VERSRTJ1Rlk2anVWT2FDcTNKMklkb0VIVmxTZXNEQ2JHY28tfkE%3D&gdpr=0
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=480&fl=0&ord=4206635289426703.5&rr=direct&foc=1&r_seq=0&tld=YW50aWZsb29kLnJ1c3MtZm9ydW0ucnU%3D&tagType=adi&w=970&h=250&s=3898134&jst=ai&crf=1&rts=7608494647639939723
Protocol: H2
Server: 188.42.189.231 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1yNi45VERSRTJ1Rlk2anVWT2FDcTNKMklkb0VIVmxTZXNEQ2JHY28tfkE%3D&gdpr=0
date: Tue, 09 Jan 2024 05:18:18 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

match
ads.betweendigital.com/ Frame 8725
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=H9fehLZHCjY2WneqQc-Nl6II

68 B
598 B

116ms
116ms

Image
image/png

188.42.189.231
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=H9fehLZHCjY2WneqQc-Nl6II
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=480&fl=0&ord=4206635289426703.5&rr=direct&foc=1&r_seq=0&tld=YW50aWZsb29kLnJ1c3MtZm9ydW0ucnU%3D&tagType=adi&w=970&h=250&s=3898134&jst=ai&crf=1&rts=7608494647639939723
Protocol: H2
Server: 188.42.189.231 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Tue, 09 Jan 2024 05:18:18 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=H9fehLZHCjY2WneqQc-Nl6II
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame A09B
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=649b7b2d-b28a-4919-a971-895c0e65d01d
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=649b7b2d-b28a-4919-a971-895c0e65d01d
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=2f6de1c0-2108-4eee-bf99-c5ab28b5aed5&user_group=1&ssp=between&bsw_param=649b7b2d-b28a-4919-a971-895c0e65d01d
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=649b7b2d-b28a-4919-a971-895c0e65d01d

68 B
598 B

115ms
115ms

Image
image/png

188.42.189.231
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=649b7b2d-b28a-4919-a971-895c0e65d01d
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=480&fl=0&ord=4206635289426703.5&rr=direct&foc=1&r_seq=0&tld=YW50aWZsb29kLnJ1c3MtZm9ydW0ucnU%3D&tagType=adi&w=970&h=250&s=3898134&jst=ai&crf=1&rts=7608494647639939723
Protocol: H2
Server: 188.42.189.231 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=649b7b2d-b28a-4919-a971-895c0e65d01d
Date: Tue, 09 Jan 2024 05:18:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 urlsvid.json Show response
vpaid.vidoomy.com/sync/ Frame 10EB 1 KB
1 KB 121ms
35ms XHR
application/json 37.19.206.5
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.206.5 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 476000398.ash.cdn77.com
Software: CDN77-Turbo /
Resource Hash: b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop: ashburnUSVA
date: Tue, 09 Jan 2024 05:18:18 GMT
content-encoding: gzip
x-age-lb: 248349
x-amz-request-id: tx00000728de53bb953b517-0065990cfd-2bc55ff-prg
x-77-cache: HIT
x-amz-storage-class: STANDARD
x-accel-date: 1704529149
x-77-nzt: AyUTzgQ3Nzf/HcoDALk73xQ3NzexWbu8qQE28wA
x-accel-expires: @1705565949
x-77-age: 248349
x-cache-lb: HIT
last-modified: Tue, 26 Dec 2023 20:45:55 GMT
server: CDN77-Turbo
x-amz-meta-s3cmd-attrs: atime:1703619207/ctime:1703619207/gid:1000/gname:federicoi/md5:d0bbf411bc053227f208739885ca90c0/mode:33204/mtime:1703619207/uid:1000/uname:federicoi
etag: W/"d0bbf411bc053227f208739885ca90c0"
x-77-nzt-ray: 8e305f1cade514aa1ad79c65b6d38722
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://vid.vidoomy.com
x-rgw-object-type: Normal

GET
H2

200

cm-notify Show response
creativecdn.com/ Frame CDA9
Redirect Chain

https://creativecdn.com/cm-notify?pi=vidoomy
https://creativecdn.com/cm-notify?pi=vidoomy&tc=1

42 B
243 B

110ms
110ms

Document
image/gif

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://creativecdn.com/cm-notify?pi=vidoomy&tc=1
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
content-type: image/gif
date: Tue, 09 Jan 2024 05:18:18 GMT Tue, 09 Jan 2024 05:18:18 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache

Redirect headers

content-length: 0
date: Tue, 09 Jan 2024 05:18:18 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://creativecdn.com/cm-notify?pi=vidoomy&tc=1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 10EB 0
187 B 105ms
34ms Image
text/plain 207.198.113.88
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=0&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3D975da903b43854d2b5d0067bdde59d6e%26dspid%3DCEN
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=480&fl=0&ord=4206635289426703.5&rr=direct&foc=1&r_seq=0&tld=YW50aWZsb29kLnJ1c3MtZm9ydW0ucnU%3D&tagType=adi&w=970&h=250&s=3898134&jst=ai&crf=1&rts=7608494647639939723
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.198.113.88 Herndon, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Tue, 09 Jan 2024 05:18:18 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 cookie
cm.adform.net/ Frame 10EB 43 B
106 B 355ms
111ms Image
image/gif 37.157.6.254
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3D975da903b43854d2b5d0067bdde59d6e%26dspid%3Dadf
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/adi?frl=0&pos=atf&tz=480&fl=0&ord=4206635289426703.5&rr=direct&foc=1&r_seq=0&tld=YW50aWZsb29kLnJ1c3MtZm9ydW0ucnU%3D&tagType=adi&w=970&h=250&s=3898134&jst=ai&crf=1&rts=7608494647639939723
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:18:18 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2

200

8055b842-aeae-11ee-86e0-002590c0647c
an.yandex.ru/mapuid/adsniperis/ Frame A09B
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://sync.bumlam.com/?src=aid0&s_data=CAIQARibrvOsBqIBEIBVuEKurhHuhuAAJZDAZHw*
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=8055b842-aeae-11ee-86e0-002590c0647c
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=8055b842-aeae-11ee-86e0-002590c0647c&bounce=1
https://sync.bumlam.com/?src=aid1&uid=cS42KcNMHQViTnyi4jliOw&
https://an.yandex.ru/mapuid/adsniperis/8055b842-aeae-11ee-86e0-002590c0647c

43 B
572 B

470ms
159ms

Image
image/gif

93.158.134.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/adsniperis/8055b842-aeae-11ee-86e0-002590c0647c

Protocol

Server

93.158.134.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 05:18:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 09 Jan 2024 05:18:20 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 09 Jan 2024 05:18:20 GMT

Redirect headers

Date: Tue, 09 Jan 2024 05:18:20 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://an.yandex.ru/mapuid/adsniperis/8055b842-aeae-11ee-86e0-002590c0647c
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2 200 match Show response
ads.betweendigital.com/ Frame 10EB 68 B
598 B 115ms
115ms Document
image/png 188.42.189.231
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/match?bidder_id=261&external_user_id=975da903b43854d2b5d0067bdde59d6e
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.189.231 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 183A
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

106ms
33ms

Document
text/html

23.39.177.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=0682144f-8469-5209-a7b1-9277c22d456e&CACHEBUSTER=263589
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-177-103.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cache.betweendigital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Jan 2024 05:18:21 GMT
ETag: "20524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 09 Jan 2024 05:18:20 GMT
location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server: AkamaiGHost

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 183A 40 KB
11 KB 74ms
73ms Script
text/html 23.39.177.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.177.103 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-177-103.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0c96d3043ad3c0e92773c68c350a9826febabe0941be45ee2646a324f58962f7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 05:18:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jan 2024 21:37:36 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=58756
Connection: keep-alive
Content-Length: 10965
Expires: Tue, 09 Jan 2024 21:37:37 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 183A 7 B
776 B 151ms
37ms XHR
application/json 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 10af108baa8103fb427a2cc0433d74a0
Expires: 0

GET
H2 200 263589
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame A09B 43 B
415 B 147ms
146ms Image
image/gif 194.226.130.226
ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/263589

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

194.226.130.226 , Russian Federation, ASN52016 (ADFACT, RU),

Reverse DNS

Software

ms-counter-4.4.3/1.22.1 /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=2678400

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 05:18:21 GMT
strict-transport-security: max-age=2678400
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.4.3/1.22.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

204

1
sync-eu.connectad.io/pixel/ Frame A09B
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=0682144f-8469-5209-a7b1-9277c22d456e&expires=60
https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=649b7b2d-b28a-4919-a971-895c0e65d01d

0
152 B

165ms
122ms

Image
text/html

104.22.55.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=649b7b2d-b28a-4919-a971-895c0e65d01d
Protocol: H2
Server: 104.22.55.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:18:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 842a3817de46a244-YYZ
alt-svc: h3=":443"; ma=86400
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8

Redirect headers

Location: //sync-eu.connectad.io/pixel/1?dataid=data3&uuid=649b7b2d-b28a-4919-a971-895c0e65d01d
Date: Tue, 09 Jan 2024 05:18:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 183A
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&khaos=LR5WIANK-1A-GRY6
https://ads.betweendigital.com/match?bidder_id=101&external_user_id=LR5WIANK-1A-GRY6

68 B
598 B

116ms
115ms

Image
image/png

188.42.189.231
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=101&external_user_id=LR5WIANK-1A-GRY6
Protocol: H2
Server: 188.42.189.231 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ads.betweendigital.com/match?bidder_id=101&external_user_id=LR5WIANK-1A-GRY6
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d5c7d31e505103f093db6d1ed70deaa2
Expires: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 183A
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR5WIANK-1A-GRY6

0
513 B

134ms
62ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR5WIANK-1A-GRY6
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:18:20 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D518B1B6A3094342B52674A1CE38D2D8 Ref B: YTO01EDGE0806 Ref C: 2024-01-09T05:18:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYOfHFmoaQTMCtNSGeD4A==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LR5WIANK-1A-GRY6
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 10af108baa8103fb427a2cc0433d74a0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 183A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHu82DaCiEggfAhYNhv_-vo&google_cver=1

42 B
841 B

61ms
35ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHu82DaCiEggfAhYNhv_-vo&google_cver=1
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: c57992b917a1c5de787b922c662fdf18
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 05:18:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHu82DaCiEggfAhYNhv_-vo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 183A
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IU332J0QSXqQSw5AZICSaQ&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IU332J0QSXqQSw5AZICSaQ

43 B
479 B

48ms
47ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IU332J0QSXqQSw5AZICSaQ

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 05:18:21 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8AVSYVJ676DQYPPWTE3M
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=IU332J0QSXqQSw5AZICSaQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c57992b917a1c5de787b922c662fdf18
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 183A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
https://s.amazon-adsystem.com/ecm3?id=LR5WIANK-1A-GRY6&ex=d-rubiconproject.com&status=ok

43 B
720 B

104ms
51ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LR5WIANK-1A-GRY6&ex=d-rubiconproject.com&status=ok

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 05:18:21 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DM01MNBV715YZZMRZ3YX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LR5WIANK-1A-GRY6&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c57992b917a1c5de787b922c662fdf18
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 183A
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFI1V0lBTkstMUEtR1JZNg==
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm=&google_hm=TFI1V0lBTkstMUEtR1JZNg==&google_tc=
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGl3PzhXdmImi4C_8AAEgqY&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI1V0lBTkstMUEtR1JZNg==&google_push=

170 B
188 B

46ms
46ms

Image
image/png

142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI1V0lBTkstMUEtR1JZNg==&google_push=

Protocol

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 05:18:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI1V0lBTkstMUEtR1JZNg==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c57992b917a1c5de787b922c662fdf18
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 183A
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjQyZmE3MmI0MTBkMjgxNjBjMzk3MDc4MDE2M2YwM2Y1Y2E3NWFiZg
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjQyZmE3MmI0MTBkMjgxNjBjMzk3MDc4MDE2M2YwM2Y1Y2E3NWFiZg&google_tc=

170 B
243 B

47ms
46ms

Image
image/png

142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjQyZmE3MmI0MTBkMjgxNjBjMzk3MDc4MDE2M2YwM2Y1Y2E3NWFiZg&google_tc=

Protocol

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 05:18:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 05:18:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjQyZmE3MmI0MTBkMjgxNjBjMzk3MDc4MDE2M2YwM2Y1Y2E3NWFiZg&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 183A
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://match.adsrvr.org/track/cmb/rubicon?
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a0a5fdc1-850c-4743-a43f-01ae71f374f0&gdpr=0&gdpr_consent=&expires=30

42 B
841 B

36ms
35ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a0a5fdc1-850c-4743-a43f-01ae71f374f0&gdpr=0&gdpr_consent=&expires=30
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: c57992b917a1c5de787b922c662fdf18
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a0a5fdc1-850c-4743-a43f-01ae71f374f0&gdpr=0&gdpr_consent=&expires=30
date: Tue, 09 Jan 2024 05:18:21 GMT
server: Kestrel
content-length: 289

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 183A
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=6Be27U_HRsCMlqV7X-JP0w&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6Be27U_HRsCMlqV7X-JP0w

43 B
479 B

114ms
114ms

Image
image/gif

52.95.126.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6Be27U_HRsCMlqV7X-JP0w

Protocol

HTTP/1.1

Server

52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 05:18:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: PQG94ZN77MT1QCGDVP76
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6Be27U_HRsCMlqV7X-JP0w
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c57992b917a1c5de787b922c662fdf18
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 183A
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/20-zouFuwEz45HVorlQPXsn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.2qOpdFE2oJvL3vJ2ozj28anQpGGSwqu1WtA7Q--~A

42 B
841 B

59ms
37ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.2qOpdFE2oJvL3vJ2ozj28anQpGGSwqu1WtA7Q--~A
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: c57992b917a1c5de787b922c662fdf18
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 09 Jan 2024 05:18:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.2qOpdFE2oJvL3vJ2ozj28anQpGGSwqu1WtA7Q--~A
content-length: 0

GET
H/1.1 200
OK rp
match.prod.bidr.io/cookie-sync/ Frame 183A 43 B
433 B 157ms
36ms Image
image/gif 54.160.195.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.195.52 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-195-52.compute-1.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 09 Jan 2024 05:18:21 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 183A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
https://ce.lijit.com/merge?pid=80&3pid=LR5WIANK-1A-GRY6

43 B
664 B

106ms
35ms

Image
image/gif

63.251.86.51
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LR5WIANK-1A-GRY6
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 05:18:21 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ce.lijit.com/merge?pid=80&3pid=LR5WIANK-1A-GRY6
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c57992b917a1c5de787b922c662fdf18
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 183A
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=183ab630-a268-41e1-be2a-627e1994fc0f&expires=30

42 B
841 B

37ms
37ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=183ab630-a268-41e1-be2a-627e1994fc0f&expires=30
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: c57992b917a1c5de787b922c662fdf18
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=183ab630-a268-41e1-be2a-627e1994fc0f&expires=30
Date: Tue, 09 Jan 2024 05:18:21 GMT
Connection: keep-alive
X-CI-RTID: bb61b5e3-c093-482f-b331-7cec3a41cd0f
Content-Length: 144
Content-Type: text/html; charset=utf-8

GET
H2

200

cksync
hb.yahoo.net/ Frame 183A
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LR5WIANK-1A-GRY6&redir=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LR5WIANK-1A-GRY6&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1JUnJEYi5oRTJ1SGFhMF85LmREbE8xZVBFT1VHOHc5MH5B&ovsid=LR5WIANK-1A-GRY6&dpid=58160

57 B
649 B

227ms
102ms

Image
image/gif

23.40.99.89

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS1JUnJEYi5oRTJ1SGFhMF85LmREbE8xZVBFT1VHOHc5MH5B&ovsid=LR5WIANK-1A-GRY6&dpid=58160

Protocol

Server

23.40.99.89 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Tue, 09 Jan 2024 05:18:21 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Tue, 09 Jan 2024 05:18:21 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1JUnJEYi5oRTJ1SGFhMF85LmREbE8xZVBFT1VHOHc5MH5B&ovsid=LR5WIANK-1A-GRY6&dpid=58160
date: Tue, 09 Jan 2024 05:18:21 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 183A
Redirect Chain

https://token.rubiconproject.com/token?pid=37556&a=1
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LR5WIANK-1A-GRY6
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LR5WIANK-1A-GRY6

95 B
427 B

55ms
55ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LR5WIANK-1A-GRY6

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:18:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Tue, 09 Jan 2024 05:18:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LR5WIANK-1A-GRY6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

setuid
ib.adnxs.com/prebid/ Frame 183A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR5WIANK-1A-GRY6

43 B
944 B

36ms
35ms

Image
image/gif

68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR5WIANK-1A-GRY6

Protocol

Server

68.67.160.26 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 05:18:21 GMT
an-x-request-uuid: 95018cd9-8b2d-4b26-b838-8e6d46a0eef3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 86.48.14.118; 86.48.14.118; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LR5WIANK-1A-GRY6
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c57992b917a1c5de787b922c662fdf18
Expires: 0

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 183A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18694
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR5WIANK-1A-GRY6

68 B
280 B

120ms
36ms

Image
image/png

52.5.56.40

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR5WIANK-1A-GRY6
Protocol: H2
Server: 52.5.56.40 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:18:21 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LR5WIANK-1A-GRY6
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c57992b917a1c5de787b922c662fdf18
Expires: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 10F8 4 KB
2 KB 112ms
36ms Document
text/html 51.222.239.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d1628750185ace

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=0682144f-8469-5209-a7b1-9277c22d456e&CACHEBUSTER=263589

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.230 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip230.ip-51-222-239.net

Software

Resource Hash

973c9216df1149717392cd44e5cbb02950f5f3a47095187ffa9d69ec03bef002

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://cache.betweendigital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1556
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2

200

/
onetag-sys.com/match/ Frame 10F8
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=58b4659c-d71e-4b00-b1fd-06e07265292d&gdpr=1&gdpr_consent=

0
340 B

36ms
35ms

Image
text/plain

51.222.239.230
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=58b4659c-d71e-4b00-b1fd-06e07265292d&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace

Protocol

Server

51.222.239.230 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip230.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Tue, 09 Jan 2024 05:18:21 GMT
Server: MT3 1237 600843f master iad iad-pixel-x23 config_version:"1604"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://onetag-sys.com/match/?int_id=1&uid=58b4659c-d71e-4b00-b1fd-06e07265292d&gdpr=1&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 09 Jan 2024 05:18:20 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 10F8 0
239 B 195ms
105ms Image
image/gif 213.19.162.90
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 213.19.162.90 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: d5c7d31e505103f093db6d1ed70deaa2
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame 10F8
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=3354521958728782115

0
340 B

36ms
36ms

Image
text/plain

51.222.239.230
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=3354521958728782115

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace

Protocol

Server

51.222.239.230 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip230.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 05:18:21 GMT
an-x-request-uuid: 40842ca2-f95e-4838-b835-ea99149f18bf
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=3354521958728782115
x-proxy-origin: 86.48.14.118; 86.48.14.118; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 10F8
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=183477df2d9bbdf41717537b917479e4&gdpr_consent=&gdpr=1

0
340 B

36ms
36ms

Image
text/plain

51.222.239.230
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=183477df2d9bbdf41717537b917479e4&gdpr_consent=&gdpr=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace

Protocol

Server

51.222.239.230 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip230.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 05:18:21 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=183477df2d9bbdf41717537b917479e4&gdpr_consent=&gdpr=1
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1704777501887081-322

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 10F8 42 B
841 B 54ms
37ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=czqeLqbL7m6fcm4TTKlh0ZtWdQyNxOafXlmeEU3fZcw
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: c57992b917a1c5de787b922c662fdf18
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame 10F8
Redirect Chain

https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%2...
https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=2d2114be-4c4b-49f5-8a66-c0c677c68e6b

0
340 B

36ms
35ms

Image
text/plain

51.222.239.230
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=2d2114be-4c4b-49f5-8a66-c0c677c68e6b

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace

Protocol

Server

51.222.239.230 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip230.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 05:18:21 GMT
Server: nginx
Location: https://onetag-sys.com/match/?int_id=164&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=2d2114be-4c4b-49f5-8a66-c0c677c68e6b
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 10F8
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub10101531197440
https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPU34758a10829c40368f5ca774d1c2a110

0
340 B

36ms
36ms

Image
text/plain

51.222.239.230
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPU34758a10829c40368f5ca774d1c2a110

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace

Protocol

Server

51.222.239.230 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip230.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 05:18:21 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://onetag-sys.com/match/?gdpr=&gdpr_consent=%24%7BGDPR_STRING%7D&int_id=168&uid=OPU34758a10829c40368f5ca774d1c2a110
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 155
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 10F8
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjOyoS_xYGFD-ofKVbeogIRiFrWWPrLVp6Q

170 B
188 B

49ms
49ms

Image
image/png

142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjOyoS_xYGFD-ofKVbeogIRiFrWWPrLVp6Q

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace

Protocol

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 05:18:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjOyoS_xYGFD-ofKVbeogIRiFrWWPrLVp6Q
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 sync
ssbsync-global.smartadserver.com/api/ Frame 10F8 0
45 B 131ms
35ms Image
text/plain 23.105.14.100
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.105.14.100 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS: 23.105.14.100.rdns.racklot.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:18:21 GMT
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 10F8
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=czqeLqbL7m6fcm4TTKlh0ZtWdQyNxOafXlmeEU3fZcw

43 B
479 B

50ms
47ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=czqeLqbL7m6fcm4TTKlh0ZtWdQyNxOafXlmeEU3fZcw

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 05:18:21 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6K3QH2GMS3JK8P3FY3N6
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=czqeLqbL7m6fcm4TTKlh0ZtWdQyNxOafXlmeEU3fZcw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame 10F8 0
42 B 115ms
34ms Image
text/plain 8.28.7.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:18:21 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 10F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJYO0Y97u1vdqHHytobDArk&google_cver=1

0
340 B

37ms
37ms

Image
text/plain

51.222.239.230
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJYO0Y97u1vdqHHytobDArk&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace

Protocol

Server

51.222.239.230 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip230.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 05:18:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJYO0Y97u1vdqHHytobDArk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame 10F8 0
38 B 43ms
37ms Image
text/plain 34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 05:18:21 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 10F8
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=a0a5fdc1-850c-4743-a43f-01ae71f374f0&gdpr=0&gdpr_consent=

0
340 B

36ms
35ms

Image
text/plain

51.222.239.230
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=a0a5fdc1-850c-4743-a43f-01ae71f374f0&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace

Protocol

Server

51.222.239.230 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip230.ip-51-222-239.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=29&uid=a0a5fdc1-850c-4743-a43f-01ae71f374f0&gdpr=0&gdpr_consent=
date: Tue, 09 Jan 2024 05:18:21 GMT
server: Kestrel
content-length: 233

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 10F8 43 B
235 B 46ms
44ms Image
image/gif 35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 05:18:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 match
ads.betweendigital.com/ Frame 10F8 68 B
598 B 119ms
115ms Image
image/png 188.42.189.231
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=129&external_user_id=czqeLqbL7m6fcm4TTKlh0ZtWdQyNxOafXlmeEU3fZcw
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.189.231 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

GET
H2

200

0682144f-8469-5209-a7b1-9277c22d456e
an.yandex.ru/mapuid/betweendigitalis/ Frame A09B
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F0682144f-8469-5209-a7b1-9277c22d456e
https://an.yandex.ru/mapuid/betweendigitalis/0682144f-8469-5209-a7b1-9277c22d456e

43 B
152 B

159ms
158ms

Image
image/gif

93.158.134.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/0682144f-8469-5209-a7b1-9277c22d456e

Protocol

Server

93.158.134.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 05:18:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 09 Jan 2024 05:18:22 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 09 Jan 2024 05:18:22 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/0682144f-8469-5209-a7b1-9277c22d456e
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 sync
t.adx.opera.com/ Frame A09B 35 B
466 B 106ms
106ms Image
image/gif 82.145.213.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60079&uid=0682144f-8469-5209-a7b1-9277c22d456e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 05:18:22 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content pixel
cm-exchange.toast.com/ Frame A09B 0
638 B 601ms
200ms Image
text/plain 103.243.202.190

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-exchange.toast.com/pixel?cm_pid=1641267272&cm_puid=0682144f-8469-5209-a7b1-9277c22d456e&toast_push
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.243.202.190 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 05:18:22 GMT
Server: nginx
Connection: close
P3P: CP="NON DSP LAW CURa ADMa DEVa OUR BUS IND COM NAV INT"

GET 3b3bd4177dc9cc764d515f98ec9e416d.gif
cookies.andbeyond.media/ Frame A09B 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cookies.andbeyond.media
URL: https://cookies.andbeyond.media/3b3bd4177dc9cc764d515f98ec9e416d.gif?puid=0682144f-8469-5209-a7b1-9277c22d456e

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
antiflood.russ-forum.ru/	1970-01-21 03:08:57	Name: uid Value: W8ICVGWc1yMvdWXpBO+NAgA=
.russ-forum.ru/	1970-01-21 02:18:33	Name: _ym_uid Value: 1704777496579099507
.russ-forum.ru/	1970-01-21 02:18:33	Name: _ym_d Value: 1704777496
.mc.yandex.com/	1970-01-20 17:32:58	Name: sync_cookie_csrf Value: 951536949fake
.russ-forum.ru/	1970-01-20 17:34:09	Name: _ym_isad Value: 2
.yandex.ru/	1970-01-21 03:08:57	Name: i Value: c0sNUyPWblFM1ixz+FL208BzBZF4DbhvW3QEqWJgPDwdCYfcWQB0GF6ZGNJvi6VKhSk+pKbqqxshh95ER2RGco2QehE=
.yandex.ru/	1970-01-21 03:08:57	Name: yandexuid Value: 8413751681704777496
.yandex.ru/	1970-01-21 02:18:33	Name: yashr Value: 3272061161704777496
.mc.yandex.ru/	1970-01-20 17:32:58	Name: sync_cookie_csrf Value: 2562265914fake
.yandex.com/	1970-01-21 03:08:57	Name: yandexuid Value: 8296483391704777495
.yandex.com/	1970-01-21 03:08:57	Name: yuidss Value: 8296483391704777495
.yandex.com/	1970-01-21 03:08:57	Name: i Value: YueC140fSlPG81SRiAFVD3KlJ1qg2AdVYQUOXAzvIzMC5HOTTiYUFuw3pbrLU1TN8L+F+EOoCG1s37+X3wrXYxU2q0o=
.yandex.com/	1970-01-21 03:08:57	Name: yp Value: 1704863896.yu.7657474381704777496
.mc.yandex.com/	1970-01-20 17:34:23	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2264371751704777496
.yandex.com/	1970-01-21 02:18:33	Name: ymex Value: 1707369496.oyu.7657474381704777496#2020137496.yrts.1704777496
.betweendigital.com/	1970-01-21 02:18:33	Name: dc Value: lux1
.betweendigital.com/	1970-01-21 02:18:33	Name: tuuid Value: 0682144f-8469-5209-a7b1-9277c22d456e
.betweendigital.com/	1970-01-21 02:18:33	Name: ss Value: 1
.tns-counter.ru/	1970-01-21 02:18:33	Name: guid Value: 32D5700E659CD71AX1704777498
.lijit.com/	1970-01-21 02:18:33	Name: ljt_reader Value: H9fehLZHCjY2WneqQc-Nl6II
.yahoo.com/	1970-01-21 02:18:55	Name: A3 Value: d=AQABBBrXnGUCENOG-PpBQDn4r0nWIbPEjEsFEgEBAQEonmWmZSXaxyMA_eMAAA&S=AQAAAiX6J3OWI0AZm5IXUv988tw
.bidswitch.net/	1970-01-21 02:18:33	Name: tuuid Value: 649b7b2d-b28a-4919-a971-895c0e65d01d
.bidswitch.net/	1970-01-21 02:18:33	Name: c Value: 1704777498
.bidswitch.net/	1970-01-21 02:18:33	Name: tuuid_lu Value: 1704777498
pool.admedo.com/	1970-01-21 02:18:33	Name: c Value: 1704777498
pool.admedo.com/	1970-01-21 02:18:33	Name: tuuid_lu Value: 1704777498
pool.admedo.com/	1970-01-21 02:18:33	Name: tuuid Value: 2f6de1c0-2108-4eee-bf99-c5ab28b5aed5
.creativecdn.com/	1970-01-21 02:18:33	Name: u Value: mcZ7KXuzHykFSNKw3vXg
.creativecdn.com/	1970-01-21 02:18:33	Name: g Value: mcZ7KXuzHykFSNKw3vXg_1704777498877
.creativecdn.com/	1970-01-21 02:18:33	Name: ts Value: 1704777498
.bumlam.com/	1970-01-21 03:08:57	Name: suuid3 Value: IiQ4MDU1Yjg0Mi1hZWFlLTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
.aidata.io/	1970-01-21 03:08:57	Name: __upin Value: cS42KcNMHQViTnyi4jliOw
.aidata.io/	1970-01-21 03:08:57	Name: __upints Value: 1704777500
.yandex.ru/	1970-01-21 03:08:57	Name: yuidss Value: 8413751681704777496
.rubiconproject.com/	1970-01-21 02:18:33	Name: khaos Value: LR5WIANK-1A-GRY6
.adsrvr.org/	1970-01-21 02:19:59	Name: TDID Value: a0a5fdc1-850c-4743-a43f-01ae71f374f0
pixel.rubiconproject.com/	1970-01-20 19:42:33	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 03:08:57	Name: IDE Value: AHWqTUn57k-e2a2WV8fJk0BhcNv__3ucI7eXQZDXxI7sisYSQlEkjHz9s00q_-2KzyA
.linkedin.com/	1970-01-21 02:18:33	Name: bcookie Value: "v=2&d8d30649-dcb1-47f1-88ff-46aea3302f71"
.linkedin.com/	1970-01-20 17:34:23	Name: lidc Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2818:u=1:x=1:i=1704777501:t=1704863901:v=2:sig=AQHdMLa8a9_sQ-atCs0mWKMr5hG2Y1K6"
.amazon-adsystem.com/	1970-01-21 03:08:57	Name: ad-privacy Value: 0
.onetag-sys.com/	1970-01-21 03:02:44	Name: OTP Value: czqeLqbL7m6fcm4TTKlh0ZtWdQyNxOafXlmeEU3fZcw
.adsrvr.org/	1970-01-21 02:19:59	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCPalneCNt8g8EAUYASABKAIyCwjQ_ryOpLfIPBAFOAFaB3Z3Nml5cm5gAg..
pixel-eu.rubiconproject.com/	1970-01-20 19:42:33	Name: receive-cookie-deprecation Value: 1
.amazon-adsystem.com/	1970-01-20 23:55:59	Name: ad-id Value: A8neYILTnELmv4g4JZ4kfFg\|t
.mathtag.com/	1970-01-21 02:58:52	Name: uuid Value: 58b4659c-d71e-4b00-b1fd-06e07265292d
.analytics.yahoo.com/	1970-01-21 02:18:33	Name: IDSYNC Value: "199l~2g2t:18vk~2g2t:19e0~2g2t"
.ipredictive.com/	1970-01-21 02:18:33	Name: cu Value: 183ab630-a268-41e1-be2a-627e1994fc0f\|1704777501756
.tapad.com/	1970-01-20 18:59:21	Name: TapAd_TS Value: 1704777501761
.tapad.com/	1970-01-20 18:59:21	Name: TapAd_DID Value: 558326a6-6f40-4aae-921f-f0699a3bacdc
.adnxs.com/	1970-01-20 19:42:33	Name: anj Value: dTM7k!M4/YCxrEQF']wIg2GVRhIo!(!]tbP6j2F-.aDabByFnKcfM5`lxf_xBQ'8!k3T4=SV?#h^Q2^qF1`*b_Vh(e@[m
.adnxs.com/	1970-01-20 19:42:33	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxSNVdJQU5LLTFBLUdSWTYiLCJleHBpcmVzIjoiMjAyNC0wNC0wOFQwNToxODoyMVoifX0sImJpcnRoZGF5IjoiMjAyNC0wMS0wOVQwNToxODoyMVoifQ==
.rubiconproject.com/	1970-01-21 02:18:33	Name: audit Value: 1\|NbMuj0QNEFMof65fxJjz3QmKTQj6EflRp6cdpIdAkoHWwnqaNf+hUWT7pWZgAfzeqS0oEL4MMIjqFTrNE4+z9qDrxqInxg513OlDu/ORdD8=
.lijit.com/	1970-01-21 02:18:33	Name: _ljtrtb_80 Value: LR5WIANK-1A-GRY6
.admanmedia.com/	1970-01-20 17:53:06	Name: admtr Value: 2d2114be-4c4b-49f5-8a66-c0c677c68e6b
.admanmedia.com/	1970-01-20 17:53:06	Name: ac_r Value: CS253
.tapad.com/	1970-01-20 18:59:21	Name: TapAd_3WAY_SYNCS Value:
.betweendigital.com/	1970-01-21 02:18:33	Name: ut Value: ZZzXHQAMQLhD7CjbpB_ZjzNO5_JxnAxu_PH9VQ==
.adnxs.com/	1970-01-21 03:08:57	Name: XANDR_PANID Value: _gzqmBCP_MWzeT3Rv4Z6pf1Mj0-UnYe_YFKjytTyXJ-BbKyWQv4D69h9EzlWV0Khr9B8I7OqLhC67htjrVwFE4rv6Vnfl13MdaQpV_imc0Y.
.adnxs.com/	1970-01-20 19:42:33	Name: uuid2 Value: 3354521958728782115
.sharethrough.com/	1970-01-20 18:16:09	Name: stx_user_id Value: 4ca4cad6-7f32-4d66-a3dd-85a0cfd33c37

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ads.adfox.ru
ads.betweendigital.com
ads.stickyadstv.com
an.yandex.ru
antiflood.russ-forum.ru
ap.lijit.com
bs.webtalk.ru
cache.betweendigital.com
ce.lijit.com
cm-exchange.toast.com
cm.adform.net
cm.g.doubleclick.net
cookies.andbeyond.media
creativecdn.com
cs.admanmedia.com
eus.rubiconproject.com
forumstatic.ru
hb.yahoo.net
ib.adnxs.com
image8.pubmatic.com
lbs-eu1.ads.betweendigital.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mc.yandex.com
mc.yandex.ru
onetag-sys.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.yabidos.com
pool.admedo.com
pr-bh.ybp.yahoo.com
pre.glotgrx.com
px.ads.linkedin.com
s.amazon-adsystem.com
secure-assets.rubiconproject.com
ssbsync-global.smartadserver.com
sync-eu.connectad.io
sync.bumlam.com
sync.ipredictive.com
sync.mathtag.com
t.adx.opera.com
token.rubiconproject.com
ups.analytics.yahoo.com
vid.vidoomy.com
vpaid.vidoomy.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
yandex.ru
yastatic.net
cookies.andbeyond.media
103.243.202.190
104.17.107.212
104.19.232.122
104.22.55.206
13.107.42.14
142.251.16.156
151.236.127.209
178.154.131.217
185.184.8.90
188.42.189.231
194.226.130.226
194.226.130.229
207.198.113.88
213.19.162.90
23.105.14.100
23.205.2.235
23.39.177.103
23.40.99.89
31.172.81.172
34.111.113.62
34.200.65.202
35.210.53.219
35.211.178.172
35.71.131.137
37.157.6.254
37.19.206.5
5.255.255.77
51.222.239.230
52.45.219.8
52.46.128.147
52.5.56.40
52.95.126.160
54.160.195.52
54.85.196.91
63.251.28.134
63.251.86.49
63.251.86.51
68.67.160.26
74.121.140.211
77.88.21.179
8.28.7.82
8.43.72.97
8.43.72.98
80.77.87.163
82.145.213.8
89.108.120.76
91.194.2.83
91.194.2.84
93.158.134.119
93.158.134.90
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878
086d751859f43ba7b4638c14565c82106005a97313a671af2af94121ce8a2626
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c96d3043ad3c0e92773c68c350a9826febabe0941be45ee2646a324f58962f7
1d490f8ba764274bfd0c05c9f08a47fad09e3acdc610277ae758b2110c2fc487
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
37f1e1ddc606edbc65252667c8328137f6368e4cf3cbd3ceadf6c363497f0fe5
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3cb3d7f4d14828076ddb8aead0f74ac08466fc96ec55a4b723553fc4be96a30b
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61f5c45b0da75728f320d18fc22c407a8f88e78efb78c66401327722c184ca1e
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
783bd8543e6de72c93538e62f5dc0f1986a7b26ba176b0bbe1c495ceae863a4c
7987077043972a4a43260142146bc486fda7dfbf5d16732235d1e5ad8806adda
7aa631033bbe188024b7562121e4bfa2fc17d00b5a982aec980c521b242d498e
81949b2be13a2a0228493826591ce556af4a0bf7d3bcc9d64c7847689e56cbad
822ae81b5238baba6c285fd057a745434eeae568cd1661e5c9bca299926d7175
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
865e11124af5c3ef37d096e3e7bcd203b405cfe8ccb50a96e853c632f35f073c
908ee449cc6b58655504c56ec41c02a54621c585b8b90079e854c8ce36ca5d7e
973c9216df1149717392cd44e5cbb02950f5f3a47095187ffa9d69ec03bef002
98272bb3373b63c2d7d6ed02ae5de67a3c0daedc00cd179c1758760893c3a12a
9aff1e9197e4b9d23668b36be6c8e6d2bc239190eeb664fc1d9d18a50f492b94
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a21299cb36e0593cad6d873ad7b37fdf17f94eb26e7a8117b5967e82e10e9fb9
a642b215b08c4d38539b6e89fc073a0b37c073b0e93e945f7d572e837ba8091f
a68819ed3c9b8f3bfa4c44559004d209514a994e8809d741edf07b5102f7a779
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8
b0b0801eed8e491f9a06463e84e9bbbbd6b06be5f32035f7b6b9e669c7669e7b
b133bcfc1e8759b14ef4e3793fa705eb8db5877ef0fb4050f7da9ac346e9f505
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb03fcf91c0e0f07b5fd9a0a2e934bbcba5d1026fdd2631e3ded76c8a8bc098c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5c850074a6028d74f3e9165024b599bef1d198d41cd69332583bfdedb65d2e7
ca7902fc01ef265c1cd25c34ff6eb746c44807699004343909e6dcb850318de2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0603690f55001054a0a7087b8dc5107842b913c5d461ff1f5f70bd54bffa8aa
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e841ab2230caa48aca0bfb9bb614bcd16d2f26bf8268a51b2259516dc5351470
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8af0c3203e29e767bae4244852665df9c560458f7958962186e93faf3219da
f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c

antiflood.russ-forum.ru Open in urlscan Pro 91.194.2.84 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

96 Requests

42 %HTTPS

0 %IPv6

42 Domains

54 Subdomains

39 IPs

11 Countries

633 kBTransfer

2131 kBSize

62 Cookies

10 Outgoing links

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

antiflood.russ-forum.ru Open in urlscan Pro
91.194.2.84 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

42 %
HTTPS

0 %
IPv6

42
Domains

54
Subdomains

39
IPs

11
Countries

633 kB
Transfer

2131 kB
Size

62
Cookies

96 HTTP transactions
0 data transactions