incom-service42.ru Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

• https://links.495ru.ru/495link.gif HTTP 301
• https://vh68.timeweb.ru/parking/?ref=links.495ru.ru

Request Chain 27

• https://web.archive.org/web/20190109012914cs_/https://fonts.googleapis.com/css?family=PT+Sans&subset=latin,cyrillic HTTP 302
• https://web.archive.org/web/20190109063032cs_/http://fonts.googleapis.com/css?family=PT+Sans&subset=latin,cyrillic

Request Chain 28

• https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://incom-service42.ru&x=&nci=&adtg=93589&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
• https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://incom-service42.ru&x=&nci=&adtg=93589&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=

Request Chain 32

• https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai HTTP 302
• https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1

Request Chain 33

• https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/20321604 HTTP 302
• https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/20321604

Request Chain 36

• https://www.hoster.ru/?from=0JQxNjQ3MjA= HTTP 301
• https://hoster.ru/?from=0JQxNjQ3MjA=

Request Chain 38

• https://seopult.ru/ref/7aba1dea0c00951d HTTP 301
• https://promopult.ru/ref/7aba1dea0c00951d HTTP 302
• https://promopult.ru/ref.php?ref=7aba1dea0c00951d&r= HTTP 302
• https://promopult.ru/

Request Chain 39

• https://www.turbotext.ru/5849/ HTTP 302
• https://www.turbotext.ru/

Request Chain 40

• https://www.turbotext.ru/go5849-promo/rabota/ HTTP 302
• https://www.turbotext.ru/promo/rabota/

Request Chain 44

• https://www.sape.ru/r.366ba9adfc.php HTTP 302
• https://www.sape.ru/index.php?set_refid=366ba9adfc

Request Chain 45

• https://www.seowizard.ru/r.366ba9adfc.php HTTP 302
• https://www.sape.ru/?set_refid=366ba9adfc&r=seowizard&refurl=https%3A%2F%2Fwww.seowizard.ru%2Fr.366ba9adfc.php

Request Chain 46

• https://rtb.sape.ru/r.366ba9adfc.php HTTP 302
• https://www.sape.ru/?set_refid=366ba9adfc&r=rtb&refurl=https%3A%2F%2Frtb.sape.ru%2Fr.366ba9adfc.php

Request Chain 47

• https://rt.sape.ru/r.366ba9adfc.php HTTP 301
• https://traffic.sape.ru/r.366ba9adfc.php HTTP 302
• https://www.sape.ru/?set_refid=366ba9adfc&r=rt&refurl=https://traffic.sape.ru/r.366ba9adfc.php

Request Chain 49

• https://loveplanet.ru/a-main/affiliate_id-11348/ HTTP 301
• https://loveplanet.ru/a-main/affiliate_id-11348

Request Chain 52

• https://www.etxt.ru/?r=javadf HTTP 301
• https://www.etxt.ru/

Request Chain 54

• https://advego.ru/1HvTwYhrvu HTTP 301
• https://advego.com/1HvTwYhrvu HTTP 301
• https://advego.com/1HvTwYhrvu/ HTTP 301
• https://advego.com/

Request Chain 55

• https://contentmonster.ru/?r=132917 HTTP 302
• https://contentmonster.ru/

Request Chain 57

• https://www.textsale.ru/team530894.html HTTP 301
• https://www.textsale.ru/landings/1/

Request Chain 58

• https://wmstream.ru/index.php?partnerId=8499 HTTP 301
• https://wmstream.pro/index.php?partnerId=8499 HTTP 301
• https://wmstream.pro/

Request Chain 59

• https://webeffector.ru/?invitation=50baee118aaf9b5f672690e9d7a9afe7 HTTP 301
• https://www.webeffector.ru/?invitation=50baee118aaf9b5f672690e9d7a9afe7

Request Chain 62

• https://changetime.ru/?partner=811 HTTP 301
• https://changetime.io/?partner=811

Request Chain 64

• https://wmkredit.ru/?from=781895912751 HTTP 301
• https://wmkredit.ru/?p=main

Request Chain 68

• https://hotellook.ru/?marker=129181 HTTP 302
• https://search.hotellook.com/?marker=129181&locale=ru_RU

Request Chain 69

• https://www.travelpayouts.com/?marker=129181&locale=ru HTTP 307
• https://www.travelpayouts.com/en/?marker=129181&locale=ru

Request Chain 72

• https://secretdiscounter.ru/?r=94939 HTTP 301
• https://secretdiscounter.com/?r=94939

Request Chain 73

• https://cash4brands.ru/569694/nrtVRcRfWqzQ/ HTTP 301
• https://kashback.com/569694/nrtVRcRfWqzQ/ HTTP 301
• https://kashback.com/cashback/aliexpress/?prefid=569694

Request Chain 79

• https://x.bidswitch.net/sync?ssp=between HTTP 302
• https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=48a997aa-7a39-4372-b387-b313a6da19a2 HTTP 302
• https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=48a997aa-7a39-4372-b387-b313a6da19a2 HTTP 302
• https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=08e8162c-0872-45b9-b493-0a88a2d72a85&user_group=1&ssp=between&bsw_param=48a997aa-7a39-4372-b387-b313a6da19a2 HTTP 302
• https://ads.betweendigital.com/match?bidder_id=22&external_user_id=48a997aa-7a39-4372-b387-b313a6da19a2

Request Chain 80

• https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent= HTTP 302
• https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=&verify=true HTTP 302
• https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS0yaXBrb3JaRTJ1RlkzS0M4cWxxY1NZX2xtUTVZaFNwdzNkY0taN3ctfkE%3D&gdpr=0&gdpr_consent=

Request Chain 81

• https://px.adhigh.net/p/cm/btw HTTP 302
• https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
• https://ads.betweendigital.com/match?bidder_id=37&external_user_id=0hgPbyzVv4Q.AikABlGFTw2rXg

Request Chain 84

• https://x.bidswitch.net/sync?ssp=between HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
• https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween HTTP 307
• https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween HTTP 302
• https://x.bidswitch.net/sync?dsp_id=59&user_id=98d1d95c-db90-41be-ac44-bf18fbd4e005&ssp=between HTTP 302
• https://ads.betweendigital.com/match?bidder_id=22&external_user_id=48a997aa-7a39-4372-b387-b313a6da19a2

Request Chain 88

• https://sync.bumlam.com/?src=aid0 HTTP 302
• https://sync.bumlam.com/?src=aid0&s_data=CAIQARjc-6adBqIBEBhK2EaFMhHtocQAJZDIJDc* HTTP 302
• https://x01.aidata.io/0.gif?pid=ADSNIPER&id=184ad846-8532-11ed-a1c4-002590c82437 HTTP 302
• https://x01.aidata.io/0.gif?pid=ADSNIPER&id=184ad846-8532-11ed-a1c4-002590c82437&bounce=1 HTTP 302
• https://sync.bumlam.com/?src=aid1&uid=LEk8n%2BxDlx9utSeGh5I%2BuQ& HTTP 302
• https://an.yandex.ru/mapuid/adsniperis/184ad846-8532-11ed-a1c4-002590c82437 HTTP 302
• https://an.yandex.ru/mapuid/adsniperis/184ad846-8532-11ed-a1c4-002590c82437?redir-setuniq=1

Request Chain 89

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
• https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 92

• https://db.c9.b2.a2.top.mail.ru/counter?id=2267909;t=49;js=13;r=;j=false;s=1600*1200;d=24;rand=0.9909281930210536 HTTP 302
• https://top-fwz1.mail.ru/counter?id=2267909;t=49;js=13;r=;j=false;s=1600*1200;d=24;rand=0.9909281930210536

Request Chain 97

• https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttps%3A//incom-service42.ru/;0.15052816076614128 HTTP 302
• https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//incom-service42.ru/;0.15052816076614128

Request Chain 105

• https://x.bidswitch.net/sync?dsp_id=429&user_id=4f58f554-3780-5268-b3eb-571cd042eac7&expires=60 HTTP 302
• https://us.ck-ie.com/bidswitch921.gif?puid=48a997aa-7a39-4372-b387-b313a6da19a2&gdpr=&gdpr_consent=&us_privacy=&coppa=${COPPA}

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response incom-service42.ru/	34 KB 8 KB	190ms 132ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://incom-service42.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f2f23945bdfdb075a47443c66102481a075e67ac5bcbc5e274802261ff09365f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 77fada38eb9f90ef-FRA content-encoding br content-type text/html date Mon, 26 Dec 2022 15:29:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzuD%2F%2FJHxlUrSGY1Pz7DeJ7Eu3EmtGPsiKLA35u8xHkk4dok5PQY2gbQyGu4gYO35UnaGK5vaJAEbfwMV40E9uxNJOBC0b9Ip%2FhXlvqRd5Vey03H1PU7bXOqwVZWIpI7Ra%2Bp5y%2BhN5Wg9SIT3A9KGZc%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	common_e94d.css incom-service42.ru/css/	340 KB 62 KB	221ms 220ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://incom-service42.ru/css/common_e94d.css Requested by Host: incom-service42.ru URL: https://incom-service42.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5550bf3bcb884d2827a272b36161c8b42eea1ad9f8f0563e5334e544b5fd5811 Request headers accept-language nl-NL,nl;q=0.9 Referer https://incom-service42.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 26 Dec 2022 15:29:31 GMT content-encoding br cf-cache-status MISS last-modified Mon, 26 Dec 2022 08:40:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63a95dee-55029" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxOScIgGA2rWS%2BqTVyTG1p6Cg6IM5aSexjrP8pdWhpjRcEU2w55A%2Fd5QGffJUPItDEy4fT3Nbe3EWw6vW9kOjNnYcLdQzha8Ai424pX3f4q9y2PTJLqY9%2FVgK9uoNToAcV51pEk%2BNQUo9a1aUl9fHkQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=86400 cf-ray 77fada39cd6290ef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Tue, 27 Dec 2022 15:29:31 GMT
GET		logo%20_new2.jpg i.incom-service42.ru/u/pic/74/9321e6660e11e3ac04a446f3284aaa/-/	0 0
GET		thumbl_600x220.jpg i.incom-service42.ru/u/pic/40/08fc4a22ae11e49907fe04c55aa83f/-/	0 0
GET		remont_noutbukov.png i.incom-service42.ru/u/pic/f5/c462787acc11e5ab359a0e701908a7/-/	0 0
GET		remont_kompjuterov.png i.incom-service42.ru/u/pic/fd/042cee7acc11e5b8cffb00484fb2b2/-/	0 0
GET		i.jpg i.incom-service42.ru/u/pic/00/7363ae7acd11e59e61fc20b0ec0297/-/	0 0
GET		1.jpg i.incom-service42.ru/u/pic/03/03bfce7acd11e5bc94d8896018b83f/-/	0 0
GET		fon21a.png i.incom-service42.ru/u/pic/0c/6710667acd11e5ad92c5d82f4c375c/-/	0 0
GET		remont_noutbukov%20%281%29.png i.incom-service42.ru/u/f2/db496e7acc11e58a6193a64c673ff9/-/	0 0
GET		logo.png i.incom-service42.ru/u/01/dda0b479ee11e4a3e79bcdb598dda0/-/	0 0
GET		%D0%B0%D0%BA%D0%B1.jpg i.incom-service42.ru/u/70/c600247ac011e58d76d21a0ed3320f/-/	0 0
GET		%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D0%B0%D1%82%D1%83%D1%80%D0%B0.jpg i.incom-service42.ru/u/71/56983c7ac011e5b03ab6d0cee831ed/-/	0 0
GET		%D1%88%D0%B0%D1%80%D0%BD%D0%B8%D1%80%D1%8B.%D0%BF%D0%B5%D1%82%D0%BB%D0%B8.jpg i.incom-service42.ru/u/72/3109727ac011e59022b0a42b98462b/-/	0 0
GET		%D1%80%D0%B0%D0%B7%D1%8A%D0%B5%D0%BC%D1%8B.jpg i.incom-service42.ru/u/71/fd63387ac011e5a5748aa9bc1de1b2/-/	0 0
GET		%D0%BC%D0%B0%D1%82%D1%80%D0%B8%D1%86%D0%B0.jpg i.incom-service42.ru/u/71/ca290a7ac011e59ca2b6e555e069ec/-/	0 0
GET		%D0%BA%D1%83%D0%BB%D0%B5%D1%80.jpg i.incom-service42.ru/u/71/95dcea7ac011e5ab90ce14dc028b0f/-/	0 0
GET		%D0%B1%D0%BF.jpg i.incom-service42.ru/u/71/179e707ac011e5aa3ec2227014b0b8/-/	0 0
GET		%D1%81%D0%B5%D0%BD%D1%81%D0%BE%D1%80%D1%8B.jpg i.incom-service42.ru/u/d2/7203ec7ac311e59c8f97ad0b738920/-/	0 0
GET		%D1%88%D0%BB%D0%B5%D0%B9%D1%84%D1%8B%20%D0%BC%D0%B0%D1%82%D1%80%D0%B8%D1%86.jpg i.incom-service42.ru/u/72/6acbbc7ac011e5896fb68f55179b3f/-/	0 0
GET		logo%20_new2.jpg i.incom-service42.ru/u/49/c1a769d71a6d5389f859c838d26b81/-/	0 0
GET		ima454ges.jpg i.incom-service42.ru/u/80/e3ed9871cf3d2a91571c735396e605/-/	0 0
GET H2	200	93589.js Show response cache.betweendigital.com/sections/2/	14 KB 4 KB	162ms 20ms	Script application/javascript	151.236.118.146 CDNETWORKS
General Check archive.org Show headers Download Go to Full URL https://cache.betweendigital.com/sections/2/93589.js Requested by Host: incom-service42.ru URL: https://incom-service42.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 151.236.118.146 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU), Reverse DNS Software nginx / Resource Hash a594e557160b857a016b76f3b4dd7231f5ea7422e48746f2dc1759f5d376540b Request headers accept-language nl-NL,nl;q=0.9 Referer https://incom-service42.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 26 Dec 2022 15:29:31 GMT content-encoding gzip last-modified Tue, 05 Feb 2019 23:31:20 GMT server nginx x-cdn-edge-id 310 etag W/"5c5a1cc8-3906" content-type application/javascript x-cdn-edge-cache HIT x-cdn-request-id 98b4c49070f2a1c978c438dc3f8e8ff0
GET H2	200	/ vh68.timeweb.ru/parking/ Redirect Chain https://links.495ru.ru/495link.gif https://vh68.timeweb.ru/parking/?ref=links.495ru.ru	0 0	272ms 107ms	Image text/html	2a03:6f00:1::5c35:607e TIMEWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://vh68.timeweb.ru/parking/?ref=links.495ru.ru Requested by Host: incom-service42.ru URL: https://incom-service42.ru/ Protocol H2 Server 2a03:6f00:1::5c35:607e , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://incom-service42.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Redirect headers location https://vh68.timeweb.ru/parking/?ref=links.495ru.ru date Mon, 26 Dec 2022 15:29:31 GMT cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 server nginx/1.14.1 content-length 185 content-type text/html
GET H2	200	css fonts.googleapis.com/	1 KB 964 B	107ms 31ms	Stylesheet text/css	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Oranienbaum Requested by Host: incom-service42.ru URL: https://incom-service42.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 77568cdb110c63d4528802782bc710d8ec012c4433e753750f08f2e131d4591d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://incom-service42.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 26 Dec 2022 15:29:31 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 26 Dec 2022 15:27:07 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 26 Dec 2022 15:29:31 GMT
GET H2	404	includer.min.js incom-service42.ru/_s/f2083bee161813d8da7ce05093a2807b812d0fd9/build/js/	0 0	126ms 124ms	Script text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://incom-service42.ru/_s/f2083bee161813d8da7ce05093a2807b812d0fd9/build/js/includer.min.js?rev=f2083bee161813d8da7ce05093a2807b812d0fd9 Requested by Host: incom-service42.ru URL: https://incom-service42.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://incom-service42.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 26 Dec 2022 15:29:31 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cY2s4g%2BoO8hbgmYwxYxKW732ZcFYafuDekOBmwd8GIkjE7Opue70m0tODc57xwmp4vsZi4jgUxcHWeT0lKHRsGkHCBK%2B0pB8nClBrWQH8l%2BJFsaOjf46wLJ0z6b2PRqV7OzQafAwm0SpQduVU%2B73No%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 77fada39ed9990ef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	async_rtb.js Show response cache.betweendigital.com/code/	307 KB 84 KB	23ms 22ms	Script application/javascript	151.236.118.146 CDNETWORKS
General Check archive.org Show headers Download Go to Full URL https://cache.betweendigital.com/code/async_rtb.js Requested by Host: cache.betweendigital.com URL: https://cache.betweendigital.com/sections/2/93589.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 151.236.118.146 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU), Reverse DNS Software nginx / Resource Hash 808aafc4b2f74faf566e26acb0047da550e21b5011aaab1710a7907355d942ed Request headers accept-language nl-NL,nl;q=0.9 Referer https://incom-service42.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 26 Dec 2022 15:29:31 GMT content-encoding gzip last-modified Tue, 29 Nov 2022 13:01:10 GMT server nginx x-cdn-edge-id 310 etag W/"63860296-4cd4f" content-type application/javascript cache-control public, max-age=7200, immutable x-cdn-edge-cache HIT x-cdn-request-id 7bb487cd5dff6d0980c5f6711f1f0e3e
GET H2	200	1x1.gif cache.betweendigital.com/code/	43 B 243 B	47ms 46ms	Image image/gif	151.236.118.146 CDNETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://cache.betweendigital.com/code/1x1.gif Requested by Host: incom-service42.ru URL: https://incom-service42.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 151.236.118.146 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU), Reverse DNS Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language nl-NL,nl;q=0.9 Referer https://incom-service42.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 26 Dec 2022 15:29:31 GMT last-modified Tue, 08 Oct 2019 15:27:01 GMT server nginx x-cdn-edge-id 310 etag "5d9caac5-2b" content-type image/gif x-cdn-edge-cache HIT accept-ranges bytes x-cdn-request-id bbb1f78c0a4e7f39b53b691ba68024df content-length 43
GET H2	200	css web.archive.org/web/20190109063032cs_/http://fonts.googleapis.com/ Redirect Chain https://web.archive.org/web/20190109012914cs_/https://fonts.googleapis.com/css?family=PT+Sans&subset=latin,cyrillic https://web.archive.org/web/20190109063032cs_/http://fonts.googleapis.com/css?family=PT+Sans&subset=latin,cyrillic	863 B 3 KB	588ms 588ms	Stylesheet text/css	207.241.237.3 INTERNET-ARCHIVE
General Check archive.org Show headers Download Go to Full URL https://web.archive.org/web/20190109063032cs_/http://fonts.googleapis.com/css?family=PT+Sans&subset=latin,cyrillic Requested by Host: incom-service42.ru URL: https://incom-service42.ru/css/common_e94d.css Protocol H2 Server 207.241.237.3 Albuquerque, United States, ASN7941 (INTERNET-ARCHIVE, US), Reverse DNS Software nginx/1.19.5 / Resource Hash c62441951cbed18dbf6922aa40de479efe41830d423d1e8fa655b8e04d7c37ab Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org analytics.archive.org pragma.archivelab.org Request headers accept-language nl-NL,nl;q=0.9 Referer https://incom-service42.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 26 Dec 2022 15:29:32 GMT content-security-policy default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org analytics.archive.org pragma.archivelab.org x-rl 0 x-app-server wwwb-app221 x-location All x-nid - x-archive-orig-vary Accept-Encoding x-archive-orig-timing-allow-origin * memento-datetime Wed, 09 Jan 2019 06:30:32 GMT server-timing captures_list;dur=319.607688, exclusion.robots;dur=0.182604, exclusion.robots.policy;dur=0.175831, RedisCDXSource;dur=0.589009, esindex;dur=0.008501, LoadShardBlock;dur=60.506010, PetaboxLoader3.datanode;dur=82.476520, CDXLines.iter;dur=39.451294, load_resource;dur=64.883475, PetaboxLoader3.resolve;dur=25.912402 content-length 863 x-archive-src top_domains-04000-20190109-064123/IA-FOC-top_domains-04000-20190109062614-00020.warc.gz x-ts 200 x-archive-guessed-content-type text/css x-archive-orig-access-control-allow-origin * x-archive-orig-server ESF server nginx/1.19.5 x-archive-orig-accept-ranges none referrer-policy no-referrer-when-downgrade x-tr 426 x-archive-guessed-charset utf-8 x-na 0 x-archive-orig-cache-control private, max-age=86400 content-type text/css; charset=utf-8 x-archive-orig-x-xss-protection 1; mode=block x-page-cache MISS permissions-policy interest-cohort=() x-archive-orig-date Wed, 09 Jan 2019 06:30:32 GMT x-archive-orig-x-frame-options SAMEORIGIN link <http://fonts.googleapis.com/css?family=PT+Sans&amp;subset=latin,cyrillic>; rel="original", <https://web.archive.org/web/timemap/link/http://fonts.googleapis.com/css?family=PT+Sans&amp;subset=latin,cyrillic>; rel="timemap"; type="application/link-format", <https://web.archive.org/web/http://fonts.googleapis.com/css?family=PT+Sans&amp;subset=latin,cyrillic>; rel="timegate", <https://web.archive.org/web/20120416081316/http://fonts.googleapis.com/css/?family=PT+Sans&amp;subset=latin,cyrillic>; rel="first memento"; datetime="Mon, 16 Apr 2012 08:13:16 GMT", <https://web.archive.org/web/20190108141606/https://fonts.googleapis.com/css?family=PT+Sans&amp;subset=latin,cyrillic>; rel="prev memento"; datetime="Tue, 08 Jan 2019 14:16:06 GMT", <https://web.archive.org/web/20190109063032/http://fonts.googleapis.com/css?family=PT+Sans&amp;subset=latin,cyrillic>; rel="memento"; datetime="Wed, 09 Jan 2019 06:30:32 GMT", <https://web.archive.org/web/20190109065115/https://fonts.googleapis.com/css?family=PT+Sans&amp;subset=latin,cyrillic>; rel="next memento"; datetime="Wed, 09 Jan 2019 06:51:15 GMT", <https://web.archive.org/web/20221224205023/https://fonts.googleapis.com/css?family=PT+Sans&amp;subset=latin,cyrillic>; rel="last memento"; datetime="Sat, 24 Dec 2022 20:50:23 GMT" x-archive-orig-expires Wed, 09 Jan 2019 06:30:32 GMT Redirect headers date Mon, 26 Dec 2022 15:29:32 GMT x-rl 0 x-app-server wwwb-app225 x-location All x-nid - server-timing captures_list;dur=338.821449, exclusion.robots;dur=0.208710, exclusion.robots.policy;dur=0.201601, RedisCDXSource;dur=0.821437, esindex;dur=0.008593, LoadShardBlock;dur=89.609070, PetaboxLoader3.datanode;dur=29.656874, CDXLines.iter;dur=39.717038 content-length 0 x-archive-redirect-reason found capture at 20190109063032 x-ts 302 referrer-policy no-referrer-when-downgrade server nginx/1.19.5 x-tr 378 x-na 0 content-type text/plain; charset=utf-8 location https://web.archive.org/web/20190109063032cs_/http://fonts.googleapis.com/css?family=PT+Sans&subset=latin,cyrillic x-page-cache MISS permissions-policy interest-cohort=()
GET H2	200	fltiukqt.js Show response pixel.yabidos.com/ Redirect Chain https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://incom-service42.ru&x=&nci=&adtg=93589&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://incom-service42.ru&x=&nci=&adtg=93589&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=	3 KB 2 KB	34ms 34ms	Script application/javascript	104.16.200.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://incom-service42.ru&x=&nci=&adtg=93589&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= Requested by Host: incom-service42.ru URL: https://incom-service42.ru/ Protocol H2 Server 104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9b139a792c0d099156ead87471d4ec42ce7f26067c21fe96b852e1f01c5b3fd5 Request headers accept-language nl-NL,nl;q=0.9 Referer https://incom-service42.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 26 Dec 2022 15:29:31 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 30 Nov 2022 23:32:03 GMT server cloudflare age 2939 vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 77fada3c0ace2ba4-FRA content-length 1597 expires Mon, 26 Dec 2022 17:29:31 GMT Redirect headers location https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=https://incom-service42.ru&x=&nci=&adtg=93589&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= date Mon, 26 Dec 2022 15:29:31 GMT cache-control max-age=3600 server cloudflare cf-ray 77fada3bda792ba4-FRA vary Accept-Encoding expires Mon, 26 Dec 2022 16:29:31 GMT
GET		ima3434ges.jpg i.incom-service42.ru/u/pic/ea/ee9c9c4a0f72498d5426bd90cc3649/-/	0 0
GET		im455ages.jpg i.incom-service42.ru/u/pic/5c/a69175530af54c01fe5e980ae794f6/-/	0 0
GET		b117ee82361fbc9387499191b69c9e.png i.incom-service42.ru/u/pic/f0/	0 0
GET H2	200	adi Show response ads.betweendigital.com/ Frame DD3D Redirect Chain https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1	6 KB 3 KB	28ms 28ms	Document text/html	188.42.191.196 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Requested by Host: cache.betweendigital.com URL: https://cache.betweendigital.com/code/async_rtb.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash 4c4bab4bc25a66dd48a81993014f1c981d3294a3a1f7aec0551af946d9167c41 Request headers Referer https://incom-service42.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 vary Accept-Encoding Redirect headers cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0 location /adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1
GET H2	200	20321604 www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Redirect Chain https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/20321604 https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/20321604	43 B 297 B	54ms 54ms	Image image/gif	2001:6d0:4001::226 TNSMSK-
General Check archive.org Show headers Download Go to Show image Full URL https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/20321604 Requested by Host: incom-service42.ru URL: https://incom-service42.ru/ Protocol H2 Server 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU), Reverse DNS Software ms-counter-3.3.5/1.20.2 / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language nl-NL,nl;q=0.9 Referer https://incom-service42.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Mon, 26 Dec 2022 15:29:31 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server ms-counter-3.3.5/1.20.2 content-type image/gif cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate timing-allow-origin * content-length 43 expires Thu, 01 Jan 1970 00:00:01 GMT Redirect headers pragma no-cache date Mon, 26 Dec 2022 15:29:31 GMT strict-transport-security max-age=2678400 server ms-counter-3.3.5/1.20.2 content-type image/gif location https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/20321604 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate timing-allow-origin * content-length 0 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	impimg.gif pre.glotgrx.com/	26 B 231 B	82ms 29ms	Image image/gif	2606:4700::6810:79c3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/impimg.gif?cb=1672068571558&qid=53532313f523632313f5436393&cid=964&s=https://incom-service42.ru&p=BX&x=&adtg=93589&nsi=&si=&nci=&nai=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.124%20Safari/537.36&ai=&flsrc=1 Requested by Host: incom-service42.ru URL: https://incom-service42.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:79c3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers accept-language nl-NL,nl;q=0.9 Referer https://incom-service42.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 26 Dec 2022 15:29:31 GMT cf-cache-status HIT last-modified Wed, 30 Nov 2022 23:31:54 GMT server cloudflare age 2924 vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 77fada3c9e089b8c-FRA content-length 26 expires Mon, 26 Dec 2022 17:29:31 GMT
GET H2	200	pp_a80e576a3afcdff90d77625a286a6c8411fe7fc7.js Show response pushprofit.ru/scripts/2563/ Frame DD3D	56 KB 11 KB	235ms 101ms	Script application/javascript	92.38.252.165 DINET-AS
General Check archive.org Show headers Download Go to Full URL https://pushprofit.ru/scripts/2563/pp_a80e576a3afcdff90d77625a286a6c8411fe7fc7.js Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 92.38.252.165 Reutov, Russian Federation, ASN12695 (DINET-AS, RU), Reverse DNS Software nginx/1.16.1 / Resource Hash df3c88ddd49ef9d25ff272865ff30a26af9794ee4cb8c985975d3cffab8a95a6 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 26 Dec 2022 15:29:31 GMT content-encoding gzip last-modified Mon, 18 Feb 2019 11:37:40 GMT server nginx/1.16.1 etag W/"5c6a9904-df18" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin *
GET H2	200	/ hoster.ru/ Frame DD3D Redirect Chain https://www.hoster.ru/?from=0JQxNjQ3MjA= https://hoster.ru/?from=0JQxNjQ3MjA=	0 0	3308ms 3308ms	Image text/html	195.128.50.222 HOSTING-MSK
General Check archive.org Show headers Download Go to Show image Full URL https://hoster.ru/?from=0JQxNjQ3MjA= Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Server 195.128.50.222 , Russian Federation, ASN12616 (HOSTING-MSK, RU), Reverse DNS dproxy.hoster.ru Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Redirect headers location https://hoster.ru/?from=0JQxNjQ3MjA= date Mon, 26 Dec 2022 15:29:31 GMT server nginx/1.10.2 content-length 185 content-type text/html
GET H2	200	/ work-zilla.com/ Frame DD3D	0 0	128ms 61ms	Image text/html	2606:4700:10::ac43:2050 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://work-zilla.com/?ref=397883 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:2050 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers
GET H/1.1	200 OK	/ promopult.ru/ Frame DD3D Redirect Chain https://seopult.ru/ref/7aba1dea0c00951d https://promopult.ru/ref/7aba1dea0c00951d https://promopult.ru/ref.php?ref=7aba1dea0c00951d&r= https://promopult.ru/	0 0	179ms 179ms	Image text/html	217.197.112.94 E-STYLEISP-AS
General Check archive.org Show headers Download Go to Show image Full URL https://promopult.ru/ Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol HTTP/1.1 Server 217.197.112.94 , Russian Federation, ASN20655 (E-STYLEISP-AS, RU), Reverse DNS promopult.ru Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Redirect headers Date Mon, 26 Dec 2022 15:29:32 GMT Server nginx X-Powered-By PHP/8.0.26 Transfer-Encoding chunked X-Frame-Options SAMEORIGIN Content-Type text/html; charset=utf-8 Location / Cache-Control no-cache,no-store,max-age=0,must-revalidate Connection keep-alive
GET H3	200	/ www.turbotext.ru/ Frame DD3D Redirect Chain https://www.turbotext.ru/5849/ https://www.turbotext.ru/	0 0	129ms 82ms	Image text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.turbotext.ru/ Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H3 Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Redirect headers date Mon, 26 Dec 2022 15:29:31 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijkVoWNu4YSxJ4wYg6Ce56n7NC1mcsxTccblu5oLA9csdz%2FYy%2FmIyUx%2FWCp9jHwuqNRVwYvRycxoLBfru5GkM4AXUk6OlfTlyAbIRn4PzKDKn7On2Ui9MoHyAT46NYBS85O3zy6KTfiMLLvCTZMD"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 location / cf-ray 77fada3d0859994e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	/ www.turbotext.ru/promo/rabota/ Frame DD3D Redirect Chain https://www.turbotext.ru/go5849-promo/rabota/ https://www.turbotext.ru/promo/rabota/	0 0	118ms 73ms	Image text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.turbotext.ru/promo/rabota/ Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H3 Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Redirect headers date Mon, 26 Dec 2022 15:29:31 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71djrrh4Z3HumT3F6%2BrmOFKWn65%2BmBoW4DTk6IA6XaPdewT4Ovxrb%2BbOG7tLzWjUKc30%2BYvxaZ1DtRegP2spBX8APZkn%2F9TkDH9OhymluudH0bPgkBY06hYgjk56yGcgcb9A2Rd2Cyi1k3%2F%2B3s04"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 location /promo/rabota/ cf-ray 77fada3d085f994e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	/ www.mainlink.ru/ Frame DD3D	0 0	309ms 61ms	Image text/html	109.238.242.43 STACKGROUP
General Check archive.org Show headers Download Go to Show image Full URL https://www.mainlink.ru/?partnerid=24239 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 109.238.242.43 Moscow, Russian Federation, ASN200044 (STACKGROUP, RU), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers
GET H/1.1	200 OK	5366 www.linkfeed.ru/ Frame DD3D	1 KB 2 KB	310ms 55ms	Image application/octet-stream	95.163.111.139 DINET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.linkfeed.ru/5366 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.163.111.139 , Russian Federation, ASN12695 (DINET-AS, RU), Reverse DNS Software nginx / Resource Hash 8d5473b26c9de2d8138f6b1a5c44b4e3f6d13789858cd869d1a95d78eca9050e Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Mon, 26 Dec 2022 15:29:31 GMT Last-Modified Sat, 28 Jun 2014 14:33:33 GMT Server nginx ETag "53aed23d-57e" Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes Content-Length 1406
GET H/1.1	200 OK	5366 www.linkfeed.ru/reg/ Frame DD3D	0 0	352ms 98ms	Image text/html	95.163.111.139 DINET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.linkfeed.ru/reg/5366 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.163.111.139 , Russian Federation, ASN12695 (DINET-AS, RU), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers
GET H2	200	index.php www.sape.ru/ Frame DD3D Redirect Chain https://www.sape.ru/r.366ba9adfc.php https://www.sape.ru/index.php?set_refid=366ba9adfc	0 0	137ms 137ms	Image text/html	193.232.121.61 QWARTA
General Check archive.org Show headers Download Go to Show image Full URL https://www.sape.ru/index.php?set_refid=366ba9adfc Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Server 193.232.121.61 , Russian Federation, ASN50214 (QWARTA, RU), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Redirect headers location https://www.sape.ru/index.php?set_refid=366ba9adfc date Mon, 26 Dec 2022 15:29:31 GMT server nginx x-request-id 02faf8cc91b133f80d4e81a95a1f2006 content-type text/html; charset=utf-8
GET H2	200	/ www.sape.ru/ Frame DD3D Redirect Chain https://www.seowizard.ru/r.366ba9adfc.php https://www.sape.ru/?set_refid=366ba9adfc&r=seowizard&refurl=https%3A%2F%2Fwww.seowizard.ru%2Fr.366ba9adfc.php	0 0	84ms 84ms	Image text/html	193.232.121.61 QWARTA
General Check archive.org Show headers Download Go to Show image Full URL https://www.sape.ru/?set_refid=366ba9adfc&r=seowizard&refurl=https%3A%2F%2Fwww.seowizard.ru%2Fr.366ba9adfc.php Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Server 193.232.121.61 , Russian Federation, ASN50214 (QWARTA, RU), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Redirect headers location https://www.sape.ru/?set_refid=366ba9adfc&r=seowizard&refurl=https%3A%2F%2Fwww.seowizard.ru%2Fr.366ba9adfc.php date Mon, 26 Dec 2022 15:29:32 GMT server nginx content-length 138 content-type text/html
GET H2	200	/ www.sape.ru/ Frame DD3D Redirect Chain https://rtb.sape.ru/r.366ba9adfc.php https://www.sape.ru/?set_refid=366ba9adfc&r=rtb&refurl=https%3A%2F%2Frtb.sape.ru%2Fr.366ba9adfc.php	0 0	336ms 336ms	Image text/html	193.232.121.61 QWARTA
General Check archive.org Show headers Download Go to Show image Full URL https://www.sape.ru/?set_refid=366ba9adfc&r=rtb&refurl=https%3A%2F%2Frtb.sape.ru%2Fr.366ba9adfc.php Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Server 193.232.121.61 , Russian Federation, ASN50214 (QWARTA, RU), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Redirect headers Location https://www.sape.ru/?set_refid=366ba9adfc&r=rtb&refurl=https%3A%2F%2Frtb.sape.ru%2Fr.366ba9adfc.php Date Mon, 26 Dec 2022 15:29:32 GMT Server nginx Connection keep-alive Content-Length 138 X-Request-ID db98bfbc2fe8e11d8fab0fc8805c2cfc Content-Type text/html
GET H2	200	/ www.sape.ru/ Frame DD3D Redirect Chain https://rt.sape.ru/r.366ba9adfc.php https://traffic.sape.ru/r.366ba9adfc.php https://www.sape.ru/?set_refid=366ba9adfc&r=rt&refurl=https://traffic.sape.ru/r.366ba9adfc.php	0 0	80ms 80ms	Image text/html	193.232.121.61 QWARTA
General Check archive.org Show headers Download Go to Show image Full URL https://www.sape.ru/?set_refid=366ba9adfc&r=rt&refurl=https://traffic.sape.ru/r.366ba9adfc.php Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Server 193.232.121.61 , Russian Federation, ASN50214 (QWARTA, RU), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Redirect headers Location https://www.sape.ru/?set_refid=366ba9adfc&r=rt&refurl=https://traffic.sape.ru/r.366ba9adfc.php Date Mon, 26 Dec 2022 15:29:32 GMT Server nginx Connection keep-alive Content-Length 138 X-Request-ID a8b78f04d4b12c64aedc3eab97a0ce1d Content-Type text/html
GET		/ www.setlinks.ru/ Frame DD3D	0 0
GET H/1.1	200 OK	affiliate_id-11348 loveplanet.ru/a-main/ Frame DD3D Redirect Chain https://loveplanet.ru/a-main/affiliate_id-11348/ https://loveplanet.ru/a-main/affiliate_id-11348	0 0	147ms 147ms	Image text/html	185.134.204.229 ROSBUSINESSCONSUL...
General Check archive.org Show headers Download Go to Show image Full URL https://loveplanet.ru/a-main/affiliate_id-11348 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol HTTP/1.1 Server 185.134.204.229 , Russian Federation, ASN20848 (ROSBUSINESSCONSULTING-AS, RU), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Redirect headers Date Mon, 26 Dec 2022 15:29:32 GMT Last-Modified Tue, 15 Nov 2016 10:46:39 GMT Server nginx Transfer-Encoding chunked Content-Type text/html; charset=utf-8 Location /a-main/affiliate_id-11348 Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection keep-alive Expires Mon, 26 Dec 2022 15:29:32 GMT
GET H/1.1	404 Not Found	/ www.linkpad.ru/ Frame DD3D	0 0	287ms 53ms	Image text/html	5.188.75.68 SELECTEL
General Check archive.org Show headers Download Go to Show image Full URL https://www.linkpad.ru/?e=67805b57 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 5.188.75.68 Moscow, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers
GET H2	200	100pushups callbackhunter.com/ Frame DD3D	0 0	305ms 114ms	Image text/html	195.211.120.226 NOVOSYSTEM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://callbackhunter.com/100pushups Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.211.120.226 , Russian Federation, ASN34832 (NOVOSYSTEM-AS, RU), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers
GET H2	200	/ www.etxt.ru/ Frame DD3D Redirect Chain https://www.etxt.ru/?r=javadf https://www.etxt.ru/	0 0	97ms 96ms	Image text/html	2606:4700:10::ac43:aae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.etxt.ru/ Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Server 2606:4700:10::ac43:aae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Redirect headers location https://www.etxt.ru/ date Mon, 26 Dec 2022 15:29:32 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 77fada40189d6907-FRA content-type text/html; charset=windows-1251
GET H2	404	javadf text.ru/ Frame DD3D	0 0	245ms 185ms	Image text/html	2606:4700:20::681a:40d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://text.ru/javadf Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:40d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers
GET H/1.1	502 Bad Gateway	/ advego.com/ Frame DD3D Redirect Chain https://advego.ru/1HvTwYhrvu https://advego.com/1HvTwYhrvu https://advego.com/1HvTwYhrvu/ https://advego.com/	0 0	138ms 137ms	Image text/html	185.65.149.181 QRATOR
General Check archive.org Show headers Download Go to Show image Full URL https://advego.com/ Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol HTTP/1.1 Server 185.65.149.181 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Redirect headers Location https://advego.com/ Date Mon, 26 Dec 2022 15:29:32 GMT Server QRATOR Connection keep-alive Keep-Alive timeout=15 Content-Length 178 Content-Type text/html
GET H3	200	/ contentmonster.ru/ Frame DD3D Redirect Chain https://contentmonster.ru/?r=132917 https://contentmonster.ru/	0 0	134ms 90ms	Image text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://contentmonster.ru/ Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H3 Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Redirect headers pragma no-cache date Mon, 26 Dec 2022 15:29:32 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uST7vnJ1JPez6JoBk5Giv8pCDNWXsZ1hgs%2FZfh9D74AbSTzf%2FReLKAYJ25aHbtDj%2BNeu%2FInCnQrN7i1LJ1lVRZIeV0ClKk6vZcreZBToMk4jz%2BctVszrDjjzNkWoVKcTYYit%2BZ9rX3NF%2FS1r%2FCEIfw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 location https://contentmonster.ru/ cache-control no-store, no-cache, must-revalidate cf-ray 77fada411c189054-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET		setup copylancer.ru/part/ Frame DD3D	0 0
GET H2	200	/ www.textsale.ru/landings/1/ Frame DD3D Redirect Chain https://www.textsale.ru/team530894.html https://www.textsale.ru/landings/1/	0 0	67ms 67ms	Image text/html	77.222.62.73 SWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.textsale.ru/landings/1/ Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Server 77.222.62.73 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS dedi163.sweb.ru Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Redirect headers location https://www.textsale.ru/landings/1/ date Mon, 26 Dec 2022 15:29:32 GMT server nginx/1.19.1 x-powered-by PHP/5.3.29-pl0-gentoo content-length 0 content-type text/html; charset=windows-1251
GET H3	200	/ wmstream.pro/ Frame DD3D Redirect Chain https://wmstream.ru/index.php?partnerId=8499 https://wmstream.pro/index.php?partnerId=8499 https://wmstream.pro/	0 0	177ms 128ms	Image text/html	2606:4700:3037::6815:53b3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wmstream.pro/ Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H3 Server 2606:4700:3037::6815:53b3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Redirect headers date Mon, 26 Dec 2022 15:29:32 GMT strict-transport-security max-age=31536000; cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1MWSeZkHIi1U8%2BDW0Q2dslRdbBCHZo5a4%2BnWHF1PP7Ehv1HvCgoH1L261dVW4zaBOoEM6RfBWgvgL0wAJMRhsTRUmyYU63bHvYvGWj4LzbK9V123rkDh2guJjNWgd1QRMQzzxr3cSHdCUN0%3D"}],"group":"cf-nel","max_age":604800} content-type text/html location https://wmstream.pro/ cf-ray 77fada42bff55be5-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	/ www.webeffector.ru/ Frame DD3D Redirect Chain https://webeffector.ru/?invitation=50baee118aaf9b5f672690e9d7a9afe7 https://www.webeffector.ru/?invitation=50baee118aaf9b5f672690e9d7a9afe7	0 0	86ms 26ms	Image text/html	94.130.165.33 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.webeffector.ru/?invitation=50baee118aaf9b5f672690e9d7a9afe7 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Server 94.130.165.33 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS support.webeffector.ru Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Redirect headers location https://www.webeffector.ru/?invitation=50baee118aaf9b5f672690e9d7a9afe7 date Mon, 26 Dec 2022 15:29:32 GMT server nginx content-length 178 content-type text/html
GET		partner.asp www.changemoney.me/ Frame DD3D	0 0
GET H/1.1	200 OK	index.php superlend.ru/ Frame DD3D	0 0	544ms 423ms	Image text/html	95.183.54.122 SOLARCOM
General Check archive.org Show headers Download Go to Show image Full URL https://superlend.ru/index.php?pid=83077 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.183.54.122 , Switzerland, ASN197988 (SOLARCOM, CH), Reverse DNS superlend.ru Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers
GET H2	200	/ changetime.io/ Frame DD3D Redirect Chain https://changetime.ru/?partner=811 https://changetime.io/?partner=811	0 0	527ms 466ms	Image text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://changetime.io/?partner=811 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Redirect headers date Mon, 26 Dec 2022 15:29:32 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-redirect-by WordPress alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma no-cache server cloudflare access-control-allow-methods GET,PUT,POST,DELETE content-type text/html; charset=UTF-8 location https://changetime.io/?partner=811 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2i1tuxz1ejaIlteNsnYI7xths9uRbAUFkxXeI8A8lqu9gqBrjVHGLg0YnPi9F4zjDa1riFQjPABUWdXC9qFfhp54mrrf30zQ6VvqnuoPIAm6c%2FRKv771K%2Be%2FNc3nJV5vRklyICtbQ1DyUAz"}],"group":"cf-nel","max_age":604800} cf-ray 77fada42b92a9a33-FRA access-control-allow-headers Content-Type, Authorization expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	/ www.wmsim.ru/ Frame DD3D	0 0	1213ms 1039ms	Image text/html	2a00:f940:2:1:2::e5 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://www.wmsim.ru/?pid=781895912751 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:f940:2:1:2::e5 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers
GET H/1.1	200 OK	/ wmkredit.ru/ Frame DD3D Redirect Chain https://wmkredit.ru/?from=781895912751 https://wmkredit.ru/?p=main	0 0	227ms 227ms	Image text/html	185.253.32.246 RU-JSCIOT
General Check archive.org Show headers Download Go to Show image Full URL https://wmkredit.ru/?p=main Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol HTTP/1.1 Server 185.253.32.246 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS wmkredit.ru Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Redirect headers X-UA-Compatible IE=edge Pragma no-cache Date Mon, 26 Dec 2022 15:29:32 GMT Content-Encoding gzip Strict-Transport-Security max-age=31536000; Server nginx/1.14.1 X-Powered-By PHP/7.2.34 Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Location https://wmkredit.ru/?p=main Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	/ megabonus.com/ Frame DD3D	0 0	510ms 427ms	Image text/html	54.217.74.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://megabonus.com/?u=370870 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.217.74.74 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-217-74-74.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers
GET		e70735b52652e98279ef16d9 minergate.com/a/ Frame DD3D	0 0
GET H2	200	/ www.aviasales.ru/ Frame DD3D	0 0	340ms 271ms	Image text/html	2606:4700:10::6816:3d96 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aviasales.ru/?marker=129181 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3d96 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers
GET H2	200	/ search.hotellook.com/ Frame DD3D Redirect Chain https://hotellook.ru/?marker=129181 https://search.hotellook.com/?marker=129181&locale=ru_RU	0 0	159ms 92ms	Image text/html	23.111.238.40 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://search.hotellook.com/?marker=129181&locale=ru_RU Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Server 23.111.238.40 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Redirect headers location https://search.hotellook.com?marker=129181&locale=ru_RU date Mon, 26 Dec 2022 15:29:33 GMT cache-control no-cache content-type text/html server nginx/1.16.1 content-length 138 expires Mon, 26 Dec 2022 15:29:32 GMT
GET H2	200	/ www.travelpayouts.com/en/ Frame DD3D Redirect Chain https://www.travelpayouts.com/?marker=129181&locale=ru https://www.travelpayouts.com/en/?marker=129181&locale=ru	0 0	66ms 66ms	Image text/html	188.42.198.252 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://www.travelpayouts.com/en/?marker=129181&locale=ru Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Server 188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Redirect headers location /en/?marker=129181&locale=ru date Mon, 26 Dec 2022 15:29:33 GMT x-proxied-to-node true server nginx
GET H2	200	/ wm.cash/ Frame DD3D	0 0	702ms 502ms	Image text/html	2606:4700:20::681a:56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wm.cash/?p=4cdf56a26720da8f776d4a8ae13daad2 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:56 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers
GET H2	200	/ pushprofit.ru/ Frame DD3D	0 0	94ms 94ms	Image text/html	92.38.252.165 DINET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pushprofit.ru/?pid=b41939d9374f3077c764c9059c3b850f01b49ac5 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 92.38.252.165 Reutov, Russian Federation, ASN12695 (DINET-AS, RU), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers
GET H2	200	/ secretdiscounter.com/ Frame DD3D Redirect Chain https://secretdiscounter.ru/?r=94939 https://secretdiscounter.com/?r=94939	0 0	545ms 462ms	Image text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://secretdiscounter.com/?r=94939 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Redirect headers date Mon, 26 Dec 2022 15:29:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cF4J3n4%2FQ2eQlHCWtKXs7JCFjJgXEJLo3MpCk9ur0TtsaOwHijgZUjKPfu6Fq2LG0u5iCIj8Rb0TvFAAqeNGENmxGfBbVvv02yoej3jUM5LgcJyFojGoKu2K31U6GxWQZLhxNqMph%2B%2FWDnmg2K8CT%2F0h"}],"group":"cf-nel","max_age":604800} location https://secretdiscounter.com/?r=94939 cache-control max-age=3600 cf-ray 77fada47e917bbaa-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Mon, 26 Dec 2022 16:29:33 GMT
GET H2	200	/ kashback.com/cashback/aliexpress/ Frame DD3D Redirect Chain https://cash4brands.ru/569694/nrtVRcRfWqzQ/ https://kashback.com/569694/nrtVRcRfWqzQ/ https://kashback.com/cashback/aliexpress/?prefid=569694	0 0	357ms 356ms	Image text/html	146.185.211.174 VK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://kashback.com/cashback/aliexpress/?prefid=569694 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Server 146.185.211.174 London, United Kingdom, ASN47764 (VK-AS, RU), Reverse DNS 174.mcs.mail.ru Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Redirect headers date Mon, 26 Dec 2022 15:29:33 GMT x-content-type-options nosniff last-modified Thu, 01 Jan 1970 00:00:00 GMT server nginx/1.18.0 (Ubuntu) etag W/"369f4aea4072d514dd7526e50891c652" x-https 1 vary Cookie content-type text/html; charset=utf-8 location https://kashback.com/cashback/aliexpress/?prefid=569694 cache-control max-age=3600, s-maxage=3600 content-length 0 expires Mon, 26 Dec 2022 16:29:33 GMT
GET H2	200	/ 5bucks.ru/ Frame DD3D	0 0	670ms 474ms	Image text/html	45.130.41.89 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://5bucks.ru/?ref=25659 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.130.41.89 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.pinkman.beget.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers
GET H2	200	sspmatch-js Show response lbs-eu1.ads.betweendigital.com/ Frame DD3D	828 B 926 B	34ms 28ms	Script text/javascript	188.42.191.196 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://lbs-eu1.ads.betweendigital.com/sspmatch-js?randsalt=606963&p=32598&gdpr=0&consent= Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash 9ef7a12bc3df3e06d2d4e39be1090db42c844222e003cd405da89faa4d218430 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers cache-control no-cache, no-store, max-age=0, must-revalidate content-length 828 content-type text/javascript
GET H2	200	pmListener.js Show response cache.betweendigital.com/ Frame DD3D	3 KB 1 KB	26ms 20ms	Script application/javascript	151.236.118.146 CDNETWORKS
General Check archive.org Show headers Download Go to Full URL https://cache.betweendigital.com/pmListener.js Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 151.236.118.146 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU), Reverse DNS Software nginx / Resource Hash 7aa631033bbe188024b7562121e4bfa2fc17d00b5a982aec980c521b242d498e Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 26 Dec 2022 15:29:31 GMT content-encoding gzip last-modified Wed, 03 Feb 2021 14:20:14 GMT server nginx x-cdn-edge-id 310 etag W/"601ab11e-caf" content-type application/javascript x-cdn-edge-cache HIT x-cdn-request-id 1dd325a1690a023d8669d0e411df8194
GET H2	200	setup.com.600416.js Show response jsc.marketgid.com/s/e/ Frame 234F	124 KB 33 KB	581ms 512ms	Script text/javascript	2606:4700:3036::6815:2ebf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.marketgid.com/s/e/setup.com.600416.js?t=122112615 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:2ebf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36f7e7d877f471df87c6e799d97e903e98cad08e6e5788be5f40143221b972f8 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 26 Dec 2022 15:29:33 GMT x-amz-version-id null content-encoding br cf-cache-status MISS last-modified Tue, 21 May 2019 07:47:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"b840ebba21ded48b70b8a126a3b2ab02" x-cache-status MISS vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1u6MK4vzLUteaKMV50J85ZyxlilYWK%2FDGb529h%2Fa9YsJ8CRg4z8fYvVgvau9WivDRmDSOWPp2DV6yp1ECyCl9tUKzfXMsWFRxl%2BCllVnEl0YyAhkwtb4sy7d6ltSX6zBw5QD3HTmIy7fiQkURbcWDw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=31536000 cf-ray 77fada48282d9972-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	bidder_18.html Show response cache.betweendigital.com/code/ Frame 757D	4 KB 1 KB	23ms 20ms	Document text/html	151.236.118.146 CDNETWORKS
General Check archive.org Show headers Download Go to Full URL https://cache.betweendigital.com/code/bidder_18.html?USER_ID=4f58f554-3780-5268-b3eb-571cd042eac7&CACHEBUSTER=807065 Requested by Host: lbs-eu1.ads.betweendigital.com URL: https://lbs-eu1.ads.betweendigital.com/sspmatch-js?randsalt=606963&p=32598&gdpr=0&consent= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 151.236.118.146 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU), Reverse DNS Software nginx / Resource Hash 0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878 Request headers Referer https://ads.betweendigital.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers content-encoding gzip content-type text/html date Mon, 26 Dec 2022 15:29:31 GMT etag W/"638623e5-e7e" last-modified Tue, 29 Nov 2022 15:23:17 GMT server nginx x-cdn-edge-cache HIT x-cdn-edge-id 310 x-cdn-request-id bf2bf40cdcbd93486d84f756b7bfa2c9
GET H2	200	match ads.betweendigital.com/ Frame DD3D Redirect Chain https://x.bidswitch.net/sync?ssp=between https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=48a997aa-7a39-4372-b387-b313a6da19a2 https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=48a997aa-7a39-4372-b387-b313a6da19a2 https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=08e8162c-0872-45b9-b493-0a88a2d72a85&user_group=1&ssp=between&bsw_param=48a997aa-7a39-4372-b387-b313a6da19a2 https://ads.betweendigital.com/match?bidder_id=22&external_user_id=48a997aa-7a39-4372-b387-b313a6da19a2	68 B 607 B	28ms 28ms	Image image/png	188.42.191.196 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://ads.betweendigital.com/match?bidder_id=22&external_user_id=48a997aa-7a39-4372-b387-b313a6da19a2 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Server 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers cache-control no-cache, no-store, max-age=0, must-revalidate content-length 68 content-type image/png Redirect headers location //ads.betweendigital.com/match?bidder_id=22&external_user_id=48a997aa-7a39-4372-b387-b313a6da19a2 date Mon, 26 Dec 2022 15:29:33 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	match ads.betweendigital.com/ Frame DD3D Redirect Chain https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent= https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=&verify=true https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS0yaXBrb3JaRTJ1RlkzS0M4cWxxY1NZX2xtUTVZaFNwdzNkY0taN3ctfkE%3D&gdpr=0&gdpr_consent=	68 B 607 B	27ms 27ms	Image image/png	188.42.191.196 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS0yaXBrb3JaRTJ1RlkzS0M4cWxxY1NZX2xtUTVZaFNwdzNkY0taN3ctfkE%3D&gdpr=0&gdpr_consent= Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Server 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers cache-control no-cache, no-store, max-age=0, must-revalidate content-length 68 content-type image/png Redirect headers location https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS0yaXBrb3JaRTJ1RlkzS0M4cWxxY1NZX2xtUTVZaFNwdzNkY0taN3ctfkE%3D&gdpr=0&gdpr_consent= date Mon, 26 Dec 2022 15:29:33 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.25 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	match ads.betweendigital.com/ Frame DD3D Redirect Chain https://px.adhigh.net/p/cm/btw https://px.adhigh.net/p/cm/btw?bounced=1 https://ads.betweendigital.com/match?bidder_id=37&external_user_id=0hgPbyzVv4Q.AikABlGFTw2rXg	68 B 607 B	32ms 31ms	Image image/png	188.42.191.196 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://ads.betweendigital.com/match?bidder_id=37&external_user_id=0hgPbyzVv4Q.AikABlGFTw2rXg Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Server 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers cache-control no-cache, no-store, max-age=0, must-revalidate content-length 68 content-type image/png Redirect headers pragma no-cache date Mon, 26 Dec 2022 15:29:34 GMT server nginx x-backend-id f23-ru p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin * location https://ads.betweendigital.com/match?bidder_id=37&external_user_id=0hgPbyzVv4Q.AikABlGFTw2rXg cache-control no-cache, no-store access-control-allow-credentials true content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	204	btw sync.dmp.otm-r.com/match/ Frame DD3D	0 69 B	190ms 57ms	Image text/plain	194.55.244.186 PROCLOUD PROCLOUD...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.dmp.otm-r.com/match/btw?id=4f58f554-3780-5268-b3eb-571cd042eac7 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 194.55.244.186 , Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU), Reverse DNS Software nginx/1.23.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-origin * date Mon, 26 Dec 2022 15:29:34 GMT server nginx/1.23.2
GET H2	200	js ads.betweendigital.com/	68 B 159 B	28ms 27ms	Image image/png	188.42.191.196 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://ads.betweendigital.com/js?en=anNfcnVu&context=AAAAAKulojNhdgACdwA0A9VTT2vUQBRPXsNSSqlSxKMEkdCCyU6SSTaxhNpWsNg__qsWvCyTZNKdbpqsSdpte6o3vYgfYa9-AEXrZxDXm0fx5EXoQfDqZLvbLqWCR33JvJn33ryZ937vDSxGuOb6uq6rxDVsFbvEVl3LNlWrhi0LG7YRugT0d78-Ho4_f_nj6DUZ3WG0LQiAG0XRym9UqywJ0i01p9kOCyg2tGwb7D_bqnDZrGnY0VysmTZ8F1fSfRbHpGppSJ5aZ0mYtnN5dU3WkYZmZK6w8Yy8a-Npea7Viuk69ZdYUbX4IaYtTy0trq0sX5dj1qTybRo002l5oZGlW7SqI0dDmmVarqYbWH5IIpKxvh-MmYblOoOpYiC-dk3LceHrCHQqIIAEAIs4spyIw6CaNQeplmE7qm9Sn4OjByHCBiVB7S93XTsHJgEmM7pTzxskowAIynuFkkoOko44W13mS26TkhguncIDoMPELZo3i7QFY3eLBs16rnCl-6r7ofume_j5Gefv5cFxAlQW7q1AT4BvMCgQCXPNp0Wb0iRkG6wgscbD5Go2G2Wxh5RWmnt-ESnFPheiUpNmoWfYJnadGraxjSzDMJUs80KW0aBQojTwdCWr5_Qp31zEoUfWrU3fQEVgPN4Lt-LNJ2v395aTO7pSkI21vRb1-G1K2zMwUhoeRkjJvV4tlM288AhTgizydA7NxYjEsU-CJi8OTwPGDLOGOEYA_dFPtJci5-PHnQAV3gonMAzN_w8dzQ5LZ-Pn8sEsvC2faJ_31GIPhZ755hxneJ7rYMhbLHf8A6-xIwlnAimj60iVB4_mzyIBV9MkZgmts1a9keYFSzZAgPNLOhpv7-q9RH-ODHAUJ3ib7fImq3QmxIMX-33fTxfK_5gmh2CGL9JxT4m8w8RTw-kzPQlM4p8oDJN0Ur2B_jc=&tld=aW5jb20tc2VydmljZTQyLnJ1 Requested by Host: incom-service42.ru URL: https://incom-service42.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Request headers accept-language nl-NL,nl;q=0.9 Referer https://incom-service42.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers cache-control no-cache, no-store, max-age=0, must-revalidate content-length 68 content-type image/png
GET H2	200	match ads.betweendigital.com/ Frame 757D Redirect Chain https://x.bidswitch.net/sync?ssp=between https://x.bidswitch.net/ul_cb/sync?ssp=between https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween https://x.bidswitch.net/sync?dsp_id=59&user_id=98d1d95c-db90-41be-ac44-bf18fbd4e005&ssp=between https://ads.betweendigital.com/match?bidder_id=22&external_user_id=48a997aa-7a39-4372-b387-b313a6da19a2	68 B 607 B	29ms 29ms	Image image/png	188.42.191.196 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://ads.betweendigital.com/match?bidder_id=22&external_user_id=48a997aa-7a39-4372-b387-b313a6da19a2 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Server 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cache.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers cache-control no-cache, no-store, max-age=0, must-revalidate content-length 68 content-type image/png Redirect headers location //ads.betweendigital.com/match?bidder_id=22&external_user_id=48a997aa-7a39-4372-b387-b313a6da19a2 date Mon, 26 Dec 2022 15:29:31 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	style.css pushprofit.ru/p/p/ Frame DD3D	2 KB 2 KB	64ms 63ms	Stylesheet text/css	92.38.252.165 DINET-AS
General Check archive.org Show headers Download Go to Full URL https://pushprofit.ru/p/p/style.css Requested by Host: pushprofit.ru URL: https://pushprofit.ru/scripts/2563/pp_a80e576a3afcdff90d77625a286a6c8411fe7fc7.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 92.38.252.165 Reutov, Russian Federation, ASN12695 (DINET-AS, RU), Reverse DNS Software nginx/1.16.1 / Resource Hash ded715c740d9a872ff89710b9d67c226e025536fa3d163db3c9c60d69bd68796 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ads.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 26 Dec 2022 15:29:31 GMT last-modified Tue, 27 Aug 2019 11:22:11 GMT server nginx/1.16.1 etag "5d651263-7d7" content-type text/css access-control-allow-origin * accept-ranges bytes content-length 2007
GET DATA	200 OK	truncated / Frame DD3D	16 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash baa489235b654c67742369795c2a36d2afb907171435615fce2a14d4923e6571 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame DD3D	866 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 007fd3331ebca0d132ff9958526fa8e875b2d9b2b8a2ff5bd3ea1cbf3f5a7fb8 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/png
GET H2	200	184ad846-8532-11ed-a1c4-002590c82437 an.yandex.ru/mapuid/adsniperis/ Frame 757D Redirect Chain https://sync.bumlam.com/?src=aid0 https://sync.bumlam.com/?src=aid0&s_data=CAIQARjc-6adBqIBEBhK2EaFMhHtocQAJZDIJDc* https://x01.aidata.io/0.gif?pid=ADSNIPER&id=184ad846-8532-11ed-a1c4-002590c82437 https://x01.aidata.io/0.gif?pid=ADSNIPER&id=184ad846-8532-11ed-a1c4-002590c82437&bounce=1 https://sync.bumlam.com/?src=aid1&uid=LEk8n%2BxDlx9utSeGh5I%2BuQ& https://an.yandex.ru/mapuid/adsniperis/184ad846-8532-11ed-a1c4-002590c82437 https://an.yandex.ru/mapuid/adsniperis/184ad846-8532-11ed-a1c4-002590c82437?redir-setuniq=1	43 B 108 B	61ms 61ms	Image image/gif	2a02:6b8::90 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/adsniperis/184ad846-8532-11ed-a1c4-002590c82437?redir-setuniq=1 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://cache.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Mon, 26 Dec 2022 15:29:32 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 26 Dec 2022 15:29:32 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 26 Dec 2022 15:29:32 GMT Redirect headers pragma no-cache date Mon, 26 Dec 2022 15:29:32 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 26 Dec 2022 15:29:32 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://an.yandex.ru/mapuid/adsniperis/184ad846-8532-11ed-a1c4-002590c82437?redir-setuniq=1 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 26 Dec 2022 15:29:32 GMT
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame EC60 Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu	281 B 554 B	72ms 20ms	Document text/html	104.109.78.125 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu Requested by Host: cache.betweendigital.com URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=4f58f554-3780-5268-b3eb-571cd042eac7&CACHEBUSTER=807065 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-78-125.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Referer https://cache.betweendigital.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Mon, 26 Dec 2022 15:29:32 GMT ETag "403b9-119-5ec73a0a33d00" Last-Modified Wed, 02 Nov 2022 02:30:44 GMT Server Apache/2.2.15 (CentOS) Vary Accept-Encoding Redirect headers access-control-allow-credentials true access-control-allow-origin * content-length 0 date Mon, 26 Dec 2022 15:29:32 GMT location https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu server AkamaiGHost
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame EC60	34 KB 10 KB	22ms 22ms	Script text/html	104.109.78.125 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-78-125.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash f02d584e01f9b2375ce4b44e694fe86d666e3dfd83c7f46a5fec0f5cef6cb89b Request headers accept-language nl-NL,nl;q=0.9 Referer https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Mon, 26 Dec 2022 15:29:32 GMT Content-Encoding gzip Last-Modified Mon, 26 Dec 2022 07:39:31 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=58148 Connection keep-alive Content-Length 10067 Expires Tue, 27 Dec 2022 07:38:40 GMT
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame EC60	284 B 536 B	113ms 22ms	Image image/jpg	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers accept-language nl-NL,nl;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/jpg Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 284 X-RPHost 37b22a0c36bd84993dd2cda4a5e04b1d P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	counter top-fwz1.mail.ru/ Redirect Chain https://db.c9.b2.a2.top.mail.ru/counter?id=2267909;t=49;js=13;r=;j=false;s=1600*1200;d=24;rand=0.9909281930210536 https://top-fwz1.mail.ru/counter?id=2267909;t=49;js=13;r=;j=false;s=1600*1200;d=24;rand=0.9909281930210536	606 B 1 KB	167ms 54ms	Image image/gif	95.163.52.67 VK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://top-fwz1.mail.ru/counter?id=2267909;t=49;js=13;r=;j=false;s=1600*1200;d=24;rand=0.9909281930210536 Requested by Host: incom-service42.ru URL: https://incom-service42.ru/ Protocol H2 Server 95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS top-fwz1.mail.ru Software nginx / Resource Hash d6995184a71e9a814f414e491c1dba1dbc77c7fd650dd0c8ac45322535fdfb53 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://incom-service42.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 26 Dec 2022 15:29:33 GMT x-content-type-options nosniff p3p CP="NOI DSP COR NID CUR PSA OUR NOR" content-length 606 pragma no-cache amp-access-control-allow-source-origin * server nginx accept-ch DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version access-control-allow-methods GET, POST, HEAD, PUT, OPTIONS content-type image/gif access-control-allow-origin * accept-ch-lifetime 86400 access-control-expose-headers AMP-Access-Control-Allow-Source-Origin cache-control private, no-cache, no-store, max-age=0 access-control-allow-credentials true timing-allow-origin * access-control-allow-headers * Redirect headers date Mon, 26 Dec 2022 15:29:33 GMT x-content-type-options nosniff p3p CP="NOI DSP COR NID CUR PSA OUR NOR" content-length 0 pragma no-cache amp-access-control-allow-source-origin * server nginx accept-ch DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version access-control-allow-methods GET, POST, HEAD, PUT, OPTIONS accept-ch-lifetime 86400 location https://top-fwz1.mail.ru/counter?id=2267909;t=49;js=13;r=;j=false;s=1600*1200;d=24;rand=0.9909281930210536 access-control-allow-origin * access-control-expose-headers AMP-Access-Control-Allow-Source-Origin cache-control private, no-cache, no-store, max-age=0 access-control-allow-credentials true timing-allow-origin * access-control-allow-headers *
GET DATA	200 OK	truncated /	122 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 13a8676af1a0f8f24fb8a559fc7db67d518109a45168283c97248a80f8a84d1b Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	117 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a528f40c0cf896c25e43281a531615524cb6c4946c3b5916971a14e9c6c09ce6 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	240 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 163e71817996df558a987acc8d603fccedd6068a2fa2cb9e013c51b67082039d Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	117 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash df0f4c2aeb7f492fa8115334b0f2065f12401da39171f7dc0e44f82a6e76df32 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	hit counter.yadro.ru/ Redirect Chain https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttps%3A//incom-service42.ru/;0.15052816076614128 https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//incom-service42.ru/;0.15052816076614128	119 B 605 B	53ms 53ms	Image image/gif	88.212.201.198 UNITEDNET
General Check archive.org Show headers Download Go to Show image Full URL https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//incom-service42.ru/;0.15052816076614128 Requested by Host: incom-service42.ru URL: https://incom-service42.ru/ Protocol HTTP/1.1 Server 88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS host198.rax.ru Software nginx/1.17.9 / Resource Hash 6e8683af9a1562be54a15204a33238e1d04f7dea2760248a36cca6c88c619165 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language nl-NL,nl;q=0.9 Referer https://incom-service42.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Pragma no-cache Date Mon, 26 Dec 2022 15:29:33 GMT Strict-Transport-Security max-age=86400 Server nginx/1.17.9 Content-Type image/gif P3P policyref="/w3c/p3p.xml", CP="UNI" Access-Control-Allow-Origin * Cache-control no-cache Connection keep-alive Content-Length 119 Expires Sat, 25 Dec 2021 21:00:00 GMT Redirect headers Pragma no-cache Date Mon, 26 Dec 2022 15:29:33 GMT Strict-Transport-Security max-age=86400 Server nginx/1.17.9 Content-Type text/html Location https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//incom-service42.ru/;0.15052816076614128 P3P policyref="/w3c/p3p.xml", CP="UNI" Cache-control no-cache Connection keep-alive Content-Length 32 Expires Sat, 25 Dec 2021 21:00:00 GMT
GET		watch.js mc.asdasdasdasdasd.ru/metrika/	0 0
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	70ms 20ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: incom-service42.ru URL: https://incom-service42.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://incom-service42.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 26 Dec 2022 15:24:37 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 295 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Mon, 26 Dec 2022 17:24:37 GMT
GET H3	404	top.png incom-service42.ru/web/20190109012914im_/http://incom-service42.ru/_s/i/new/	196 B 196 B	157ms 157ms	Image text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://incom-service42.ru/web/20190109012914im_/http://incom-service42.ru/_s/i/new/top.png Requested by Host: incom-service42.ru URL: https://incom-service42.ru/css/common_e94d.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880 Request headers accept-language nl-NL,nl;q=0.9 Referer https://incom-service42.ru/css/common_e94d.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 26 Dec 2022 15:29:33 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cIPWbciJl%2BUVp6mjvdGcpVrBxNxuNn2j9%2FmCXUPv%2BJDqxIS0YKfqe08zJIZJpLUNQBqeURoq8%2BxCQi1o8FTH52R6syPooxdoRd8E%2BikYWVkfV8RFCDQAICZCWXtgLudRN0%2FsRcadx%2Fv1dpuhkrrOV%2FI%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 77fada449e249290-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	setup_bottom_logo_3x.png incom-service42.ru/web/20190109012914im_/http://incom-service42.ru/_s/i/	196 B 196 B	123ms 123ms	Image text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://incom-service42.ru/web/20190109012914im_/http://incom-service42.ru/_s/i/setup_bottom_logo_3x.png Requested by Host: incom-service42.ru URL: https://incom-service42.ru/css/common_e94d.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880 Request headers accept-language nl-NL,nl;q=0.9 Referer https://incom-service42.ru/css/common_e94d.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 26 Dec 2022 15:29:32 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mOWCZYz7d6pMUXhLXE%2ByoCmNHc%2F8fxHOaES7UptlzY%2F4%2B8pfHv%2B6riG8e314CkHiIn0f83zHyzXgNBLRP9i2WB8YIKvHFjdBf%2B9Lm79vFHnQGhHg%2BJeaI75WSP2hkagz%2ByNpsamJIo67S2AcRyUYow%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 77fada449e269290-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		jizaRExUiTo99u79D0aEwA.ttf web.archive.org/web/20190109063032im_/http://fonts.gstatic.com/s/ptsans/v9/	0 0
GET H2	200	807065 www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 757D	43 B 416 B	54ms 54ms	Image image/gif	2001:6d0:4001::226 TNSMSK-
General Check archive.org Show headers Download Go to Show image Full URL https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/807065 Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU), Reverse DNS Software ms-counter-3.3.5/1.20.2 / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=2678400 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cache.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Mon, 26 Dec 2022 15:29:32 GMT strict-transport-security max-age=2678400 last-modified Mon, 28 Sep 1970 06:00:00 GMT server ms-counter-3.3.5/1.20.2 content-type image/gif cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate timing-allow-origin * content-length 43 expires Thu, 01 Jan 1970 00:00:01 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	76ms 28ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1571294623&t=pageview&_s=1&dl=https%3A%2F%2Fincom-service42.ru%2F&ul=en-us&de=UTF-8&dt=%22%D0%98%D0%BD%D0%BA%D0%BE%D0%BC-%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%22%20%D0%A0%D0%B5%D0%BC%D0%BE%D0%BD%D1%82%20%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D0%BE%D0%B2%2C%20%D0%BD%D0%BE%D1%83%D1%82%D0%B1%D1%83%D0%BA%D0%BE%D0%B2%2C%20%D0%BF%D0%BB%D0%B0%D0%BD%D1%88%D0%B5%D1%82%D0%BE%D0%B2%2C%20%D0%BC%D0%BE%D0%BD%D0%B8%D1%82%D0%BE%D1%80%D0%BE%D0%B2%20%D0%B2%20%D0%9A%D0%B5%D0%BC%D0%B5%D1%80%D0%BE%D0%B2%D0%BE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2081473627&gjid=818823715&cid=91804144.1672068573&tid=UA-75006926-1&_gid=148072727.1672068573&_r=1&_slc=1&z=765007807 Requested by Host: cache.betweendigital.com URL: https://cache.betweendigital.com/code/async_rtb.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://incom-service42.ru/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 26 Dec 2022 15:29:33 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://incom-service42.ru cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	204 No Content	bidswitch921.gif us.ck-ie.com/ Frame 757D Redirect Chain https://x.bidswitch.net/sync?dsp_id=429&user_id=4f58f554-3780-5268-b3eb-571cd042eac7&expires=60 https://us.ck-ie.com/bidswitch921.gif?puid=48a997aa-7a39-4372-b387-b313a6da19a2&gdpr=&gdpr_consent=&us_privacy=&coppa=${COPPA}	0 129 B	286ms 96ms	Image text/plain	8.2.108.175 NATCOWEB
General Check archive.org Show headers Download Go to Show image Full URL https://us.ck-ie.com/bidswitch921.gif?puid=48a997aa-7a39-4372-b387-b313a6da19a2&gdpr=&gdpr_consent=&us_privacy=&coppa=${COPPA} Requested by Host: ads.betweendigital.com URL: https://ads.betweendigital.com/adi?frl=0&pos=btf&tz=0&fl=0&ord=2634987464605223&rr=direct&foc=1&r_seq=0&tld=aW5jb20tc2VydmljZTQyLnJ1&tagType=adi&w=240&h=400&s=93589&jst=ai&crf=1 Protocol HTTP/1.1 Server 8.2.108.175 , United States, ASN46636 (NATCOWEB, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cache.betweendigital.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Mon, 26 Dec 2022 15:29:33 GMT Server nginx Connection keep-alive Content-Type text/plain Redirect headers location //us.ck-ie.com/bidswitch921.gif?puid=48a997aa-7a39-4372-b387-b313a6da19a2&gdpr=&gdpr_consent=&us_privacy=&coppa=${COPPA} date Mon, 26 Dec 2022 15:29:33 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	204	/ onetag-sys.com/usync/ Frame 1644	0 0	81ms 23ms	Document text/plain	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?pubId=5d1628750185ace Requested by Host: cache.betweendigital.com URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=4f58f554-3780-5268-b3eb-571cd042eac7&CACHEBUSTER=807065 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://cache.betweendigital.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-store strict-transport-security max-age=15552000
GET H2	200	view ads.betweendigital.com/	68 B 159 B	30ms 30ms	Image image/png	188.42.191.196 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://ads.betweendigital.com/view?context=AAAAAKulojNhdgACdwA0A9VTT2vUQBRPXsNSSqlSxKMEkdCCyU6SSTaxhNpWsNg__qsWvCyTZNKdbpqsSdpte6o3vYgfYa9-AEXrZxDXm0fx5EXoQfDqZLvbLqWCR33JvJn33ryZ937vDSxGuOb6uq6rxDVsFbvEVl3LNlWrhi0LG7YRugT0d78-Ho4_f_nj6DUZ3WG0LQiAG0XRym9UqywJ0i01p9kOCyg2tGwb7D_bqnDZrGnY0VysmTZ8F1fSfRbHpGppSJ5aZ0mYtnN5dU3WkYZmZK6w8Yy8a-Npea7Viuk69ZdYUbX4IaYtTy0trq0sX5dj1qTybRo002l5oZGlW7SqI0dDmmVarqYbWH5IIpKxvh-MmYblOoOpYiC-dk3LceHrCHQqIIAEAIs4spyIw6CaNQeplmE7qm9Sn4OjByHCBiVB7S93XTsHJgEmM7pTzxskowAIynuFkkoOko44W13mS26TkhguncIDoMPELZo3i7QFY3eLBs16rnCl-6r7ofume_j5Gefv5cFxAlQW7q1AT4BvMCgQCXPNp0Wb0iRkG6wgscbD5Go2G2Wxh5RWmnt-ESnFPheiUpNmoWfYJnadGraxjSzDMJUs80KW0aBQojTwdCWr5_Qp31zEoUfWrU3fQEVgPN4Lt-LNJ2v395aTO7pSkI21vRb1-G1K2zMwUhoeRkjJvV4tlM288AhTgizydA7NxYjEsU-CJi8OTwPGDLOGOEYA_dFPtJci5-PHnQAV3gonMAzN_w8dzQ5LZ-Pn8sEsvC2faJ_31GIPhZ755hxneJ7rYMhbLHf8A6-xIwlnAimj60iVB4_mzyIBV9MkZgmts1a9keYFSzZAgPNLOhpv7-q9RH-ODHAUJ3ib7fImq3QmxIMX-33fTxfK_5gmh2CGL9JxT4m8w8RTw-kzPQlM4p8oDJN0Ur2B_jc=&jsp=rsize%3D240x400%26tld%3DaW5jb20tc2VydmljZTQyLnJ1%26utbo%3D-00%3A00%26fstc%3D-1 Requested by Host: incom-service42.ru URL: https://incom-service42.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Request headers accept-language nl-NL,nl;q=0.9 Referer https://incom-service42.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers cache-control no-cache, no-store, max-age=0, must-revalidate content-length 68 content-type image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/pic/74/9321e6660e11e3ac04a446f3284aaa/-/logo%20_new2.jpg

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/pic/40/08fc4a22ae11e49907fe04c55aa83f/-/thumbl_600x220.jpg

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/pic/f5/c462787acc11e5ab359a0e701908a7/-/remont_noutbukov.png

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/pic/fd/042cee7acc11e5b8cffb00484fb2b2/-/remont_kompjuterov.png

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/pic/00/7363ae7acd11e59e61fc20b0ec0297/-/i.jpg

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/pic/03/03bfce7acd11e5bc94d8896018b83f/-/1.jpg

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/pic/0c/6710667acd11e5ad92c5d82f4c375c/-/fon21a.png

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/f2/db496e7acc11e58a6193a64c673ff9/-/remont_noutbukov%20%281%29.png

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/01/dda0b479ee11e4a3e79bcdb598dda0/-/logo.png

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/70/c600247ac011e58d76d21a0ed3320f/-/%D0%B0%D0%BA%D0%B1.jpg

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/71/56983c7ac011e5b03ab6d0cee831ed/-/%D0%BA%D0%BB%D0%B0%D0%B2%D0%B8%D0%B0%D1%82%D1%83%D1%80%D0%B0.jpg

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/72/3109727ac011e59022b0a42b98462b/-/%D1%88%D0%B0%D1%80%D0%BD%D0%B8%D1%80%D1%8B.%D0%BF%D0%B5%D1%82%D0%BB%D0%B8.jpg

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/71/fd63387ac011e5a5748aa9bc1de1b2/-/%D1%80%D0%B0%D0%B7%D1%8A%D0%B5%D0%BC%D1%8B.jpg

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/71/ca290a7ac011e59ca2b6e555e069ec/-/%D0%BC%D0%B0%D1%82%D1%80%D0%B8%D1%86%D0%B0.jpg

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/71/95dcea7ac011e5ab90ce14dc028b0f/-/%D0%BA%D1%83%D0%BB%D0%B5%D1%80.jpg

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/71/179e707ac011e5aa3ec2227014b0b8/-/%D0%B1%D0%BF.jpg

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/d2/7203ec7ac311e59c8f97ad0b738920/-/%D1%81%D0%B5%D0%BD%D1%81%D0%BE%D1%80%D1%8B.jpg

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/72/6acbbc7ac011e5896fb68f55179b3f/-/%D1%88%D0%BB%D0%B5%D0%B9%D1%84%D1%8B%20%D0%BC%D0%B0%D1%82%D1%80%D0%B8%D1%86.jpg

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/49/c1a769d71a6d5389f859c838d26b81/-/logo%20_new2.jpg

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/80/e3ed9871cf3d2a91571c735396e605/-/ima454ges.jpg

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/pic/ea/ee9c9c4a0f72498d5426bd90cc3649/-/ima3434ges.jpg

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/pic/5c/a69175530af54c01fe5e980ae794f6/-/im455ages.jpg

Domain

i.incom-service42.ru

URL

https://i.incom-service42.ru/u/pic/f0/b117ee82361fbc9387499191b69c9e.png

Domain

www.setlinks.ru

URL

https://www.setlinks.ru/?pid=79565

Domain

copylancer.ru

URL

https://copylancer.ru/part/setup

Domain

www.changemoney.me

URL

https://www.changemoney.me/partner.asp?pid=8182

Domain

minergate.com

URL

https://minergate.com/a/e70735b52652e98279ef16d9

Domain

mc.asdasdasdasdasd.ru

URL

https://mc.asdasdasdasdasd.ru/metrika/watch.js

Domain

web.archive.org

URL

https://web.archive.org/web/20190109063032im_/http://fonts.gstatic.com/s/ptsans/v9/jizaRExUiTo99u79D0aEwA.ttf