urlscan.io logo urlscan.io
SecurityTrails logo

premiuminter.forum2x2.ru Open in urlscan Pro
178.33.44.177  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clck.ru/KtYhq
Effective URL: https://premiuminter.forum2x2.ru/forum
Submission: On July 14 via manual from RU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 44 IPs in 8 countries across 36 domains to perform 107 HTTP transactions. The main IP is 178.33.44.177, located in France and belongs to OVH, FR. The main domain is premiuminter.forum2x2.ru.
TLS certificate: Issued by R3 on May 23rd 2021. Valid for: 3 months.
This is the only time premiuminter.forum2x2.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a02:6b8::221 13238 (YANDEX)
1 1 2a02:6b8::232 13238 (YANDEX)
3 178.33.44.177 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 212.129.3.112 12876 (Online SAS)
3 2a02:2638::3 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 23.111.9.57 33438 (HIGHWINDS2)
13 2606:4700:20:... 13335 (CLOUDFLAR...)
7 2600:9000:215... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.101.13.44 54113 (FASTLY)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 87.98.153.73 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
5 54.76.164.24 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 5.135.94.16 16276 (OVH)
6 2600:9000:219... 16509 (AMAZON-02)
1 178.32.120.35 16276 (OVH)
2 37.187.190.91 16276 (OVH)
2 44.226.88.17 16509 (AMAZON-02)
2 178.250.2.131 44788 (ASN-CRITE...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 2a04:4e42:3::485 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 130.211.31.231 15169 (GOOGLE)
5 52.36.210.0 16509 (AMAZON-02)
2 4 185.33.221.14 29990 (ASN-APPNEX)
1 52.59.160.25 16509 (AMAZON-02)
1 185.94.180.123 35220 (SPOTX-AMS)
1 185.64.189.112 62713 (AS-PUBMATIC)
2 3 185.64.190.79 62713 (AS-PUBMATIC)
3 3 172.217.18.98 15169 (GOOGLE)
1 1 185.64.189.110 62713 (AS-PUBMATIC)
4 4 18.197.47.23 16509 (AMAZON-02)
3 6 3.126.56.137 16509 (AMAZON-02)
2 2 76.223.111.131 16509 (AMAZON-02)
2 2 151.101.14.49 54113 (FASTLY)
107 44
1    2a02:6b8::221 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
clck.ru
1    2a02:6b8::232 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
sba.yandex.net
3    178.33.44.177 (France)

ASN16276 (OVH, FR)
premiuminter.forum2x2.ru
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    2606:4700:3037::ac43:9661 (United States)

ASN13335 (CLOUDFLARENET, US)
illiweb.com
1    2606:4700:20::681a:466 (United States)

ASN13335 (CLOUDFLARENET, US)
cache.consentframework.com
1    212.129.3.112 (France)

ASN12876 (Online SAS, FR)
choices.consentframework.com
3    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    23.111.9.57 (United States)

ASN33438 (HIGHWINDS2, US)
twemoji.maxcdn.com
13    2606:4700:20::681a:e6c (United States)

ASN13335 (CLOUDFLARENET, US)
2img.net
7    2600:9000:2156:8a00:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.avantisvideo.com
cdn1.avantisvideo.com
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
1    2606:4700:3033::6815:3fe (United States)

ASN13335 (CLOUDFLARENET, US)
i.servimg.com
1    2606:4700::6810:a00d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.viglink.com
2    87.98.153.73 (France)

ASN16276 (OVH, FR)
l0w9d0la63.s.ad6media.fr
1    2606:4700:3033::6815:5aab (United States)

ASN13335 (CLOUDFLARENET, US)
connect.topicit.net
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:6c00::210:ba1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
static.avantisvideo.com
1    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    54.76.164.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-164-24.eu-west-1.compute.amazonaws.com
api.viglink.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
9    5.135.94.16 (France)

ASN16276 (OVH, FR)
PTR: ip16.ip-5-135-94.eu
c.ad6media.fr
st3.ad6.fr
6    2600:9000:2190:a800:3:748e:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)
avm.avantisvideo.com
1    178.32.120.35 (France)

ASN16276 (OVH, FR)
PTR: ip35.ip-178-32-120.eu
agi9rsy9yi.s.ad6media.fr
2    37.187.190.91 (France)

ASN16276 (OVH, FR)
PTR: ip91.ip-37-187-190.eu
m.ad6media.fr
2    44.226.88.17 (Boardman, United States)

ASN16509 (AMAZON-02, US)
events1.avantisvideo.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    2606:4700:3031::6815:4a69 (United States)

ASN13335 (CLOUDFLARENET, US)
adstune.com
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2600:9000:2156:5000:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
wrappers.geoedge.be
1    2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2606:4700:3037::ac43:bd78 (United States)

ASN13335 (CLOUDFLARENET, US)
superonclick.com
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2606:4700:3037::ac43:8e31 (United States)

ASN13335 (CLOUDFLARENET, US)
ufpcdn.com
2    130.211.31.231 (Kansas City, United States)

ASN15169 (GOOGLE, US)
discovernative.com
5    52.36.210.0 (Boardman, United States)

ASN16509 (AMAZON-02, US)
rtb.avantisvideo.com
4    185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    52.59.160.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.adaptv.advertising.com
1    185.94.180.123 (United States)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
3    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
cm.g.doubleclick.net
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
4    18.197.47.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
6    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
2    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
Apex Domain
Subdomains		 Transfer
21 avantisvideo.com
cdn.avantisvideo.com
static.avantisvideo.com
cdn1.avantisvideo.com
avm.avantisvideo.com
events1.avantisvideo.com
rtb.avantisvideo.com
657 KB
13 ad6media.fr
l0w9d0la63.s.ad6media.fr
c.ad6media.fr
agi9rsy9yi.s.ad6media.fr
m.ad6media.fr
155 KB
13 2img.net
2img.net
24 KB
6 yahoo.com
ups.analytics.yahoo.com
5 KB
6 viglink.com
cdn.viglink.com
api.viglink.com
31 KB
5 pubmatic.com
hbopenbid.pubmatic.com
image8.pubmatic.com
image2.pubmatic.com
1 KB
5 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
2 KB
5 doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
6 KB
4 adnxs.com
ib.adnxs.com
3 KB
4 superonclick.com
superonclick.com
11 KB
4 illiweb.com
illiweb.com
25 KB
3 criteo.com
bidder.criteo.com
gum.criteo.com
1 KB
3 google-analytics.com
www.google-analytics.com
39 KB
3 criteo.net
static.criteo.net
39 KB
3 forum2x2.ru
premiuminter.forum2x2.ru
74 KB
2 everesttech.net
sync-tm.everesttech.net
671 B
2 adsrvr.org
match.adsrvr.org
927 B
2 discovernative.com
discovernative.com
110 B
2 ufpcdn.com
ufpcdn.com
3 KB
2 googlesyndication.com
pagead2.googlesyndication.com
96 KB
2 adstune.com
adstune.com
40 KB
2 taboola.com
cdn.taboola.com
144 KB
2 googletagmanager.com
www.googletagmanager.com
74 KB
2 consentframework.com
cache.consentframework.com
choices.consentframework.com
126 KB
1 spotxchange.com
search.spotxchange.com
1 KB
1 jsdelivr.net
cdn.jsdelivr.net
2 KB
1 geoedge.be
wrappers.geoedge.be
3 KB
1 ad6.fr
st3.ad6.fr
173 B
1 google.de
www.google.de
107 B
1 google.com
www.google.com
107 B
1 topicit.net
connect.topicit.net
2 KB
1 servimg.com
i.servimg.com
2 KB
1 maxcdn.com
twemoji.maxcdn.com
5 KB
1 googleapis.com
ajax.googleapis.com
33 KB
1 yandex.net
sba.yandex.net
296 B
1 clck.ru
clck.ru
366 B
107 36
Domain Requested by
13 2img.net premiuminter.forum2x2.ru
8 c.ad6media.fr l0w9d0la63.s.ad6media.fr
premiuminter.forum2x2.ru
c.ad6media.fr
agi9rsy9yi.s.ad6media.fr
6 ups.analytics.yahoo.com 3 redirects
6 avm.avantisvideo.com cdn1.avantisvideo.com
cdn.avantisvideo.com
6 cdn.avantisvideo.com premiuminter.forum2x2.ru
cdn.avantisvideo.com
5 rtb.avantisvideo.com cdn.avantisvideo.com
5 api.viglink.com cdn.viglink.com
premiuminter.forum2x2.ru
4 pixel.advertising.com 4 redirects
4 ib.adnxs.com 2 redirects cdn.avantisvideo.com
4 superonclick.com premiuminter.forum2x2.ru
4 illiweb.com premiuminter.forum2x2.ru
3 cm.g.doubleclick.net 3 redirects
3 image8.pubmatic.com 2 redirects
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 static.criteo.net premiuminter.forum2x2.ru
3 premiuminter.forum2x2.ru premiuminter.forum2x2.ru
2 sync-tm.everesttech.net 2 redirects
2 match.adsrvr.org 2 redirects
2 discovernative.com premiuminter.forum2x2.ru
2 ufpcdn.com superonclick.com
2 pagead2.googlesyndication.com premiuminter.forum2x2.ru
2 adstune.com premiuminter.forum2x2.ru
adstune.com
2 bidder.criteo.com static.criteo.net
2 events1.avantisvideo.com cdn.avantisvideo.com
2 m.ad6media.fr premiuminter.forum2x2.ru
2 l0w9d0la63.s.ad6media.fr premiuminter.forum2x2.ru
2 cdn.taboola.com premiuminter.forum2x2.ru
cdn.taboola.com
2 www.googletagmanager.com premiuminter.forum2x2.ru
adstune.com
1 image2.pubmatic.com 1 redirects
1 hbopenbid.pubmatic.com cdn.avantisvideo.com
1 search.spotxchange.com cdn.avantisvideo.com
1 ads.adaptv.advertising.com cdn.avantisvideo.com
1 gum.criteo.com static.criteo.net
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 cdn.jsdelivr.net cdn.avantisvideo.com
1 wrappers.geoedge.be cdn.avantisvideo.com
1 st3.ad6.fr premiuminter.forum2x2.ru
1 agi9rsy9yi.s.ad6media.fr premiuminter.forum2x2.ru
1 cdn1.avantisvideo.com cdn.avantisvideo.com
1 www.google.de premiuminter.forum2x2.ru
1 www.google.com premiuminter.forum2x2.ru
1 stats.g.doubleclick.net www.google-analytics.com
1 static.avantisvideo.com cdn.avantisvideo.com
1 connect.topicit.net premiuminter.forum2x2.ru
1 cdn.viglink.com premiuminter.forum2x2.ru
1 i.servimg.com premiuminter.forum2x2.ru
1 twemoji.maxcdn.com premiuminter.forum2x2.ru
1 choices.consentframework.com premiuminter.forum2x2.ru
1 cache.consentframework.com premiuminter.forum2x2.ru
1 ajax.googleapis.com premiuminter.forum2x2.ru
1 sba.yandex.net 1 redirects
1 clck.ru 1 redirects
107 52

This site contains links to these domains. Also see Links.

Domain
www.forum2x2.ru
www.google.ru
help.forum2x2.ru
www.ad6media.fr
Subject Issuer Validity Valid
m91.maxns.net
R3		 2021-05-23 -
2021-08-21		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-22 -
2021-09-14		 3 months crt.sh
illiweb.com
Cloudflare Inc ECC CA-3		 2020-08-16 -
2021-08-16		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-23 -
2022-06-22		 a year crt.sh
choices.consentframework.com
R3		 2021-06-27 -
2021-09-25		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
twemoji.maxcdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2020-10-09 -
2021-11-09		 a year crt.sh
2img.net
Cloudflare Inc ECC CA-3		 2021-06-05 -
2022-06-04		 a year crt.sh
*.avantisvideo.com
Amazon		 2020-12-24 -
2022-01-22		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
servimg.com
Cloudflare Inc ECC CA-3		 2020-08-17 -
2021-08-17		 a year crt.sh
ssl1029306.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-07-12 -
2022-06-30		 a year crt.sh
*.s.ad6media.fr
R3		 2021-06-18 -
2021-09-16		 3 months crt.sh
topicit.net
Cloudflare Inc ECC CA-3		 2020-09-04 -
2021-09-04		 a year crt.sh
content.avantisvideo.com
R3		 2021-05-03 -
2021-08-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
viglink.com
Amazon		 2020-12-13 -
2022-01-11		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.ad6.fr
R3		 2021-07-02 -
2021-09-30		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.geoedge.be
Amazon		 2021-01-18 -
2022-02-16		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
discovernative.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-04 -
2022-03-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-24 -
2021-11-17		 6 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh

This page contains 10 frames:

Primary Page: https://premiuminter.forum2x2.ru/forum
Frame ID: 0D656D12AA39F830654AD1FD4FEB9303
Requests: 74 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 6EFBA716B72EC06BB141B0EF3846C2A7
Requests: 2 HTTP requests in this frame

Frame: https://agi9rsy9yi.s.ad6media.fr/?d=1626279966551&r=
Frame ID: E19FB991C4717F95A87F7511B9C286DE
Requests: 10 HTTP requests in this frame

Frame: https://adstune.com/ap/index.php?lang=ru&dim=728x90
Frame ID: 49065A5CA1297184849660A227854EF6
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: A2CF08BE2CFCF2D64079C3175B084783
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 022AE93C002428B4E819583178C4D15A
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210708/r20190131/zrt_lookup.html
Frame ID: DB70C256DC4B0E67934178E38AA89D6A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=premiuminter.forum2x2.ru
Frame ID: 4C4A05AC1CB97EDADA9246B896F83D6C
Requests: 1 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: AA4E9532788079185A428B2A24B92FC3
Requests: 1 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: E3AEDF34CAC9D4599DB917B0530B6E8E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://clck.ru/KtYhq HTTP 302
    https://sba.yandex.net/redirect?url=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Fforum&client=clck&sign... HTTP 302
    https://premiuminter.forum2x2.ru/forum Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

107
Requests

100 %
HTTPS

53 %
IPv6

36
Domains

52
Subdomains

44
IPs

8
Countries

1596 kB
Transfer

5069 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clck.ru/KtYhq HTTP 302
    https://sba.yandex.net/redirect?url=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Fforum&client=clck&sign=c4485055b9a7a42325865123a4962daf HTTP 302
    https://premiuminter.forum2x2.ru/forum Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96
  • https://ib.adnxs.com/getuid?https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=$UID&suid=7e883195-419e-41fe-b4f8-10fc765a6954 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.avantisvideo.com%2Fapi%2Fv1%2Fusersync%2Fsetuid%2F3%3Fuid%3D%24UID%26suid%3D7e883195-419e-41fe-b4f8-10fc765a6954 HTTP 302
  • https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=252228495801605525&suid=7e883195-419e-41fe-b4f8-10fc765a6954
Request Chain 102
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159970 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159970&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTY2MjE0REYtMkFDQi00MkNBLTgxOEQtNDk3NzA3ODVBNTEy&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTY2MjE0REYtMkFDQi00MkNBLTgxOEQtNDk3NzA3ODVBNTEy&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 103
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP36299338-e4c0-11eb-8f0f-02595dfe8d30 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP36299338-e4c0-11eb-8f0f-02595dfe8d30&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAzNjI5OTMzOC1lNGMwLTExZWItOGYwZi0wMjU5NWRmZThkMzA%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEAivRqFxTWJ_UUlj9WRWMHs&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEAivRqFxTWJ_UUlj9WRWMHs&google_cver=1&apid=UP36299338-e4c0-11eb-8f0f-02595dfe8d30
Request Chain 104
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=1959752a-7603-4c42-a4fe-5314b7f30cce&_origin=1&gdpr=1&gdpr_consent=
Request Chain 105
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YO8QJwACnAfBnQBg HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YO8QJwACnAfBnQBg&_origin=0&gdpr=0&gdpr_consent=&_test=YO8QJwACnAfBnQBg HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YO8QJwACnAfBnQBg&_origin=0&gdpr=0&gdpr_consent=&_test=YO8QJwACnAfBnQBg&apid=UP36299338-e4c0-11eb-8f0f-02595dfe8d30 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YO8QJwACnAfBnQBg&_origin=0&gdpr=0&gdpr_consent=&_test=YO8QJwACnAfBnQBg&apid=UP36299338-e4c0-11eb-8f0f-02595dfe8d30&verify=true

107 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request forum
premiuminter.forum2x2.ru/
Redirect Chain
  • https://clck.ru/KtYhq
  • https://sba.yandex.net/redirect?url=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Fforum&client=clck&sign=c4485055b9a7a42325865123a4962daf
  • https://premiuminter.forum2x2.ru/forum
93 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.33.44.177 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
7822709906185a3e00794cd8266d40fb3f9ba1cddd3a487b68e5bbcb15d8fb51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
premiuminter.forum2x2.ru
:scheme
https
:path
/forum
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache, no-store
pragma
no-cache
expires
Wed, 14 Jul 2021 00:00:00 GMT
last-modified
Wed, 14 Jul 2021 16:26:05 GMT
vary
User-Agent
x-content-type-options
nosniff
x-xss-protection
1
access-control-allow-origin
*
content-encoding
gzip

Redirect headers

Content-Length
283
Content-Type
text/html; charset=utf-8
Date
Wed, 14 Jul 2021 16:26:05 GMT
Location
https://premiuminter.forum2x2.ru/forum
Strict-Transport-Security
max-age=3600; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
0-ltr.css
premiuminter.forum2x2.ru/ 		159 KB
57 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://premiuminter.forum2x2.ru/0-ltr.css
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.33.44.177 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
5eaa1914be2754a54555e04d505439b22288e8460ed6b74117828cd36f2628f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:path
/0-ltr.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
premiuminter.forum2x2.ru
referer
https://premiuminter.forum2x2.ru/forum
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://premiuminter.forum2x2.ru/forum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Jul 2021 00:00:00 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
content-length
57834
x-xss-protection
1
x-cache-ma
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 11:37:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17345
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33845
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Jul 2022 11:37:00 GMT
ru.js
illiweb.com/rs3/30/frm/lang/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/30/frm/lang/ru.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9661 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
555e464dff65a50d53c635588a1664275f917aa3ee03849de3daaf81beaf0483
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1134152
cf-polished
origSize=73267
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-cache-ne
MISS
last-modified
Tue, 20 Apr 2021 12:25:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fHY4D5RjUoUyonK55JTkmirvhe3i28cycgWGpTT7I192gtEFIk6nMCBbMKQymdlgeZ1Kw5IibxUZrEQrDbl9HXYJa6I3H7RpYdxuvzWgpaD1bj5mPFOau%2B8rpXOcpOrPJKI%2BpJc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache-pr
MISS
cf-ray
66ec1c5938824dc4-FRA
expires
Fri, 01 Jul 2022 13:23:33 GMT
invision.js
illiweb.com/rs3/30/frm/ 		2 KB
866 B 		Script
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/30/frm/invision.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9661 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1b0a91fd6eb5029cabacc3c14c13144f97a64d3b261082bd78bd95c71a86d49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1134148
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-cache-ne
HIT
last-modified
Tue, 27 Aug 2019 14:00:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IbEWc9r59ZFAVYNrUTIlqfyoCNk8mjeOMGbijzTgMungkr3wdg1%2F4IDGOfkjUL2aFeCtKez5cfX0V%2FWbRHi0QwSibak506rZkAi9O%2F1TALfZrNhjWbuo1OGhL5%2FdedQ5Mj4FAZo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache-pr
HIT
cf-ray
66ec1c5938864dc4-FRA
expires
Fri, 01 Jul 2022 13:23:37 GMT
99850.js
premiuminter.forum2x2.ru/ 		62 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://premiuminter.forum2x2.ru/99850.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.33.44.177 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
74d3169e34286a8c8386a74e29aa6955c91090828c2cb4ecd15643b7a968004c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:path
/99850.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
premiuminter.forum2x2.ru
referer
https://premiuminter.forum2x2.ru/forum
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://premiuminter.forum2x2.ru/forum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Jan 1970 00:14:10 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=315360000
content-length
78
x-xss-protection
1
x-cache-ma
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
stub
cache.consentframework.com/js/pa/24697/c/IxWav/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cache.consentframework.com/js/pa/24697/c/IxWav/stub
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:466 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9298971a5bdb7470b87aa2bf89d39c6b13fd2f486d38c87b057b94ce54eb98bc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1408
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=E3l88%2Bum388Tt1hE8Y35W77c21O4ygEonI7GSbf56VeCwy9nmjh26YrOERUeww2hDfQZEs9lilfhmBi2J9KDxcVldoWh2gBL6DaN1RzOjHGNBcyrlm6DKzz5NtJH8Km5X5oIXOj0dTWHz89csq7fyJ5fKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=3600
strict-transport-security
max-age=15724800; includeSubDomains; preload
cf-ray
66ec1c593928324c-FRA
cmp
choices.consentframework.com/js/pa/24697/c/IxWav/ 		437 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.112 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
nginx/1.11.3 /
Resource Hash
095184d0e56ceefc7e5b2a64d7f7af54a3d195f3f5b4eb4db5279e7ef0563077
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
cache-control
private, max-age=3600
server
nginx/1.11.3
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains; preload
content-type
text/javascript; charset=UTF-8
publishertag.js
static.criteo.net/js/ld/ 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
758135feb6954c2501153f4a7846378a69e4189243d09272685850b10632358f

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
content-encoding
gzip
last-modified
Wed, 02 Jun 2021 14:10:01 GMT
server
nginx
etag
W/"60b79139-1d469"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 15 Jul 2021 16:26:05 GMT
js
www.googletagmanager.com/gtag/ 		93 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-144347007-1
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3771583adc6d098b0dc9eb3aae804229f87a92b751a3c6b9d2840f3710c096a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37896
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Jul 2021 16:26:05 GMT
jquery.cookie.js
illiweb.com/rs3/30/frm/jquery/cookie/ 		1011 B
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/30/frm/jquery/cookie/jquery.cookie.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9661 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1134158
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-cache-ne
MISS
last-modified
Wed, 09 Sep 2020 09:40:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NoW9C0hXyLjfwJaj%2BUbXehnnt7omOiZvsEQwtGNFOBXI4VTdW4PIwqS0VfGGqfR7G8cgfJ%2B9Do491kYhsQPOZ8EG2GxDbX5FYjv3%2F2CwedeN4f39xIpFccNWZhJUDnHHzp9JUIc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache-pr
MISS
cf-ray
66ec1c5938884dc4-FRA
expires
Fri, 01 Jul 2022 13:23:27 GMT
FAToolbar.js
illiweb.com/rs3/30/frm/jquery/toolbar/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://illiweb.com/rs3/30/frm/jquery/toolbar/FAToolbar.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9661 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ff8044afebdbbbbb5a559611b54329cb4a5b0b63e5eaff1316eda2863092780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1134157
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-cache-ne
HIT
last-modified
Wed, 05 May 2021 12:01:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=G%2BW7C23Hfs701Esv6%2BKDkMTYDis7lslSBieVyq1P%2BbzyLosgExoIIlW153wBgE2oM66dpfEMO2PBemdkxKbUfl3vFDwKW96gtZZxLqbmKzVpc2vDBwejS7ytsqqd%2FFINA%2BQRaj4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache-pr
HIT
cf-ray
66ec1c59388b4dc4-FRA
expires
Fri, 01 Jul 2022 13:23:28 GMT
twemoji.min.js
twemoji.maxcdn.com/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://twemoji.maxcdn.com/twemoji.min.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.57 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
637282f23b8352c04ecc9dd7b4e1ffb23f8102517d010afaa447b2fb889b689e

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
2ba0a7eb0c3949abcebe09d2af043e83c72938c2
date
Wed, 14 Jul 2021 16:26:05 GMT
content-encoding
gzip
x-cache
HIT
powered-by
MaxCDN
last-modified
Tue, 01 Jun 2021 07:52:48 GMT
server
NetDNA-cache/2.2
x-github-request-id
4212:5052:56EC4F:5FD130:60EDE4E8
etag
W/"60b5e750-3bc8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
permissions-policy
interest-cohort=()
x-origin-cache
HIT
x-proxy-cache
MISS
expires
Fri, 13 Aug 2021 16:26:05 GMT
empty.gif
2img.net/i/fa/ 		42 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2img.net/i/fa/empty.gif
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
9833103
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
42
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-2a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=h6LS%2FaOfjPhqhSuV6BhMx%2FAVXYr5h2tV%2BtaBBbDwrAK6iMA6K6IkV293MhSJ8H1a8HDnI264wLqtdbG%2BVTx8%2F%2BBY8PgRQ%2BBDqDfhhCLE706IQnKv82CeUztVE39GmvxtsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
66ec1c5a4aa205f5-FRA
cf-bgj
imgq:100,h2pri
empty.gif
2img.net/i/ 		43 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2img.net/i/empty.gif
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
9833103
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
43
x-xss-protection
1; mode=block
last-modified
Mon, 09 May 2016 08:45:50 GMT
server
cloudflare
etag
"57304e3e-2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1fygPWUVXAF0rZerjUv8iY9z3eJJEYkuOR15RraqNlGHTx2HLYmZZHeODiPtv6EAoAPm%2BLPupiBRTbYKfKfPawiDBcM7fZqSeZjC6l34gw6hz5seywMuredhSZj6%2Fy8gfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
66ec1c5aacf3c27c-FRA
cf-bgj
imgq:100,h2pri
video-loader.js
cdn.avantisvideo.com/avm/js/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=f4ae7e78-7270-4715-b468-988c541b35d8&tagId=1&subId=&callback=
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8a00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
0DrLkH_Ns8jDuJ7reO0cQzOfMbQ5KPOT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 09:58:31 GMT
server
AmazonS3
age
85337
etag
W/"cb2b3e45ae50a1cfc9646f528ea92b50"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
date
Tue, 13 Jul 2021 16:43:49 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Fn-TnhJHclIoY301maSU4YG59EccpAWrEfxmXKGr8tRDDIR5UtVFPQ==
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144347007-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
5706
date
Wed, 14 Jul 2021 14:50:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Wed, 14 Jul 2021 16:50:59 GMT
loader.js
cdn.taboola.com/libtrc/forumotion-ru/ 		240 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/forumotion-ru/loader.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24f6ddc749018d2178bf7f90019d9de40abde12a1b6bd329aa63bfef6061aaca

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
1xAc3xl4o1vEnIZeBU3ZIn3kVo9hFN8Y
content-encoding
gzip
etag
"767b80dfee8323d9d3c5bb403b9aa93a"
age
22456
x-cache
HIT
content-length
26647
x-amz-id-2
4uADcZMhHCp2+4Xiz4EuDfNdRkaKPbeughIi0LHjuKw0xFLs6BwwaZTYbQSWhtUf4LrHbokucnI=
x-served-by
cache-fra19123-FRA
last-modified
Wed, 14 Jul 2021 10:11:35 GMT
server
AmazonS3
x-timer
S1626279966.932549,VS0,VE0
date
Wed, 14 Jul 2021 16:26:05 GMT
vary
Accept-Encoding
x-amz-request-id
2HTZMCZD77EBV2ZB
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
68
x-cache-hits
11
f9847f10.png
i.servimg.com/u/f36/19/09/71/12/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.servimg.com/u/f36/19/09/71/12/f9847f10.png
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60ec113672b35cc4ba6f7176e42c212b0aba50f0c333d6e33e7a8eca8b8dcb94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5962308
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1066
x-xss-protection
1; mode=block
expires
Fri, 06 May 2022 16:14:17 GMT
last-modified
Sat, 11 Jan 2020 09:57:32 GMT
server
cloudflare
etag
"5e199c0c-42a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=p0e7NDGqSJFHWcqOXi0MpejWjt6ZRzCDdsvQ2jkcCEwGjuso8Nvw8k8STpBb3wG7V4eC1dGuFE5hctnw%2FTGvWMwLEAPp1mK1nxVN%2BgD88kzuN5OyIDiu88FzHURBk5MWtQt%2BWKr03A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
66ec1c5b0e38d6e5-FRA
cf-bgj
h2pri,csam-hash
pixel.gif
static.criteo.net/images/ 		43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 09 Jul 2022 16:26:05 GMT
pixel.gif
static.criteo.net/images/ 		43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 09 Jul 2022 16:26:05 GMT
nav.gif
2img.net/i/fa/invision/ 		158 B
829 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2img.net/i/fa/invision/nav.gif
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/0-ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16bd0b41944c9e99eb13a384cc608888ba4fbed6cb9232136d5491affee57435
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7362301
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
158
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-9e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gEoc2zNaWb25dMqHbB2VvW%2Bnl7tRP6OsaWrXGTLKoimGFKiYc%2Bsy8jmOPPYDPyvdDyweJrrPDNtMasO4SX727I4g2wsbfkfEqXdiIKnhZqHg59frBUwjIarWDt2l87Iz1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
66ec1c5b0d9bc27c-FRA
cf-bgj
imgq:100,h2pri
exp_minus.gif
2img.net/i/fa/invision/ 		51 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2img.net/i/fa/invision/exp_minus.gif
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/0-ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d58ecf69035b4a041d10538b72c2f161068a8c3208ac91dc3b5444cc788ceef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7362301
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
51
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yAUBOgbqa%2BqeoEYE0gb%2BAe9WTzoeLoxJzgypsb75uII0o8O4kkTBuH0IH0MUHsNcBY57c4Jf0yLJ8%2BfoaN8jZSm6a3K1jMZrfUgV1Jta5XKcvFz24pHy%2F83J4cHSybAXVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
66ec1c5b0d9cc27c-FRA
cf-bgj
imgq:100,h2pri
bf_nonew.gif
2img.net/i/fa/invision/ 		347 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2img.net/i/fa/invision/bf_nonew.gif
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88c316519db1cac5a1e26569c13777a8f1177fdb2d0f732e9af3e214efdac975
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7203594
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
347
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-15b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3iWbzFZARPFNPWO%2F%2BLFM%2ByJvuKPlkGMC3Tm5qyI2CEIHF7bl8wq%2B5vw3S76QhNOYSHk%2BDnpcnOhW65iGcazfj6TXSDr0AatUIx2r%2BL9bIjQekeGrSH9IhbubgOlJE21%2BeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
66ec1c5b2dfdc27c-FRA
cf-bgj
imgq:100,h2pri
lastpost.gif
2img.net/i/fa/invision/ 		53 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2img.net/i/fa/invision/lastpost.gif
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a2ae16febb6218317adbc00cf3a640256fcfd7f84c5ce3f612df78695739869
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7125090
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
53
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bVfB5YhAIodEWjWMCF72lFnq5FMfNLsKAZqPwkZr8Q4yET1m9cBsXrtfqTK6daGcvB%2F9rC2TowskDMaYURBxajheKty4rtpYG7JutD4H%2Ff98Qn%2FSDh7pBylhdEA7QH8trQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
66ec1c5b2e00c27c-FRA
cf-bgj
imgq:100,h2pri
user.gif
2img.net/i/fa/invision/ 		785 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2img.net/i/fa/invision/user.gif
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee42844f6e6c978ca10465fc9a5f4c61631caf8d37d81a8aa6468b8cf0153e57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7203593
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
785
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-311"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gAK%2FqRt%2FYV5svZePu3FMZhZFByQGDAWjKPVusg9sCOVin7FD9eHV9nTGtyeWnahL6bfP8Q9kLoJn7pdM%2BFdaRw%2Bg3f2uMcjXvWlHtzK3w6H8w%2FXmDyyGjJcVEKjii7khWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
66ec1c5b3e14c27c-FRA
cf-bgj
imgq:100,h2pri
calen.gif
2img.net/i/fa/invision/ 		743 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2img.net/i/fa/invision/calen.gif
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
989f8331f21edcea690ea3a05d646abae9688ae75e61b2a5379f98cccb84dd5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7203593
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
743
x-xss-protection
1; mode=block
last-modified
Mon, 16 May 2016 10:59:25 GMT
server
cloudflare
etag
"5739a80d-2e7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=c4DSqZ5z7HH8zGPXSnCrWN6vHNBCoTWakMwhrMnHH9hOqoKi%2FAQxxuNZzjGHE%2Bz55Z0y%2FQX5oyvni89erhtmNwBalfMpsuadmTWYQPs3KOALVmCCC7twwhI0Mi9qJWmzoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
66ec1c5b3e17c27c-FRA
cf-bgj
imgq:100,h2pri
stats.gif
2img.net/i/fa/invision/ 		768 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2img.net/i/fa/invision/stats.gif
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0cdaa0db2e3c35fdca1e81ab6e540e5408531266d2cb1f39f77b336b6d8c64a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7203593
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
768
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-300"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GyfUQ2iaVBav2osiUS7J%2FZy2SEC0UQyv%2F4YJU0Ss%2FdfWGplfE62tf6GkPCFlTRdP3whByC9T1mHP7%2FZrCztFvJBUa4fHqWA6XIY3f432%2FfEKScxMDkR9%2FPqeqzRJ7V%2FKrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
66ec1c5b3e1ac27c-FRA
cf-bgj
imgq:100,h2pri
bf_new.gif
2img.net/i/fa/invision/ 		347 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2img.net/i/fa/invision/bf_new.gif
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
655edd3c630302bcaf2690418226595dee314ed8ecf6747d7ef9a3e012e116a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7203593
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
347
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-15b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tN3ey2glbvRTME5ZmvzPfIjbqwQ%2F57rkkOuULqMNcGmEFrZ%2FBRhgazlDZluYTTWY%2BUPUwjiHULwP%2BxCSEDOH5XpvcmeTbiZ6HllBLuCakTPDwVIYojYhHskAtZPzKdZaTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
66ec1c5b3e1cc27c-FRA
cf-bgj
imgq:100,h2pri
bf_locked.gif
2img.net/i/fa/invision/ 		437 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2img.net/i/fa/invision/bf_locked.gif
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38d8555ff90122f749911d02b87f5006d576441e0b674a61ac202bbef74db7f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7203593
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
437
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-1b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FGrs%2Bsk8HtPbigcYzU6mPsUk%2B8Wu%2FmCZJqDLdUR9MDWF12TM5%2FBOc0tOhVhYufrA%2BUMUgNrYV3HgubuHjOQOq4aewYoMTeUap0YqDApeUT5NQYIiovI78g%2BI7OGpRf1HwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
66ec1c5b3e1dc27c-FRA
cf-bgj
imgq:100,h2pri
vglnk.js
cdn.viglink.com/api/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viglink.com/api/vglnk.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:06 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2243259
cf-ray
66ec1c5c7e022c2e-FRA
content-length
28567
x-amz-id-2
whnB+vg77noK5lQe7otGVePS9AitQ9hdwAgqmMuhEkkavWDzrHBL8QzrbPGAeVvg3QNIIasAhP0=
last-modified
Wed, 02 Dec 2020 18:57:12 GMT
server
cloudflare
etag
"072eaf64a771815874455704fca9301b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
32GRTD1DKPEMMRGQ
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 21 Jul 2021 16:26:06 GMT
/
l0w9d0la63.s.ad6media.fr/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l0w9d0la63.s.ad6media.fr/?d=1626279966113&r=
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
ffc299146efe41999da12f0c6e83704de93fd3a874df3fbe9c6c1d95aa17c342

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 16:26:06 GMT
Content-Type
application/javascript
Server
nginx
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Report-To
{ "url": "https://report.s.ad6media.fr/reports", "max_age": 10886400, "include_subdomains":true }
P3P
policyref="https://www.ad6media.fr/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI"
toolbar.png
2img.net/i/fa/i/toolbar/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2img.net/i/fa/i/toolbar/toolbar.png
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/0-ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be829da434dbe7a5719faeb28277229a36314202fb4553b4e87b12298100a133
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
9830489
cf-polished
origSize=11066
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10894
x-xss-protection
1; mode=block
last-modified
Mon, 16 May 2016 08:34:44 GMT
server
cloudflare
etag
"57398624-2b3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=olRUQ7YqkHtB1iod3CXqitvDAQFUgMUoYpOxbITZzKjGocone9qIbyjEhXG2IUKZZiWMxYviqC%2FIRZuNrb5bGPuJmXIWkPdM%2FQNZdwny6UeRBTUH6Y06HAykygpGLaunQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
66ec1c5c385fc27c-FRA
cf-bgj
imgq:100,h2pri
pa0.png
2img.net/i/fa/i/toolbar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2img.net/i/fa/i/toolbar/pa0.png
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/0-ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d9ec80f2c1316c1d793007aa535ad6f381cce1ed7446881a768b9baee45972b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7841250
cf-polished
origSize=1087
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1084
x-xss-protection
1; mode=block
last-modified
Mon, 16 May 2016 08:34:43 GMT
server
cloudflare
etag
"57398623-43f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=157CbgcvBasNLfilmwdzOs1P8A9gUiypf%2FEheb%2FdQ0%2BEdiguWzSRVVTGII9DPjYxFiVc1%2F8jEp8WEbbqhmimNt2QrSaZD%2FJyPJmJakk%2FrhVAyGKFByhkgLHIt%2BQlb0yPFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
66ec1c5c3860c27c-FRA
cf-bgj
imgq:100,h2pri
connect.js
connect.topicit.net/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.topicit.net/scripts/connect.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:5aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3970
cf-polished
origSize=5437
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 27 Aug 2019 14:04:48 GMT
server
cloudflare
etag
W/"5d653880-153d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A059HTRvg7TdBZny091x%2F1p6Mw9%2BgS5%2BEZHJunjdpJyj4OsVm6HvvchO2qb%2B8bckRFaglsewB8ZKticHaV2qCBAukilb9staQg3FSSXq%2FHdlpDyr2ZqXm7ffskbPWgWD7CfHf%2B0nHycfnXnF3r%2FYLAhT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
66ec1c5c9e29c2ea-FRA
cf-bgj
minify
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=944605924&t=pageview&_s=1&dl=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Fforum&ul=en-us&de=UTF-8&dt=Premium%20Partnerid&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1815740724&gjid=1973446979&cid=249002537.1626279966&tid=UA-144347007-1&_gid=1149361358.1626279966&_r=1&gtm=2ou7c0&z=629205218
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 14 Jul 2021 16:26:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://premiuminter.forum2x2.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
abc.txt
static.avantisvideo.com/data/ 		22 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=f4ae7e78-7270-4715-b468-988c541b35d8&tagId=1&subId=&callback=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
976ff06837c09e3eeabb7a7acef667f9699e5f05026a149e16f014699f85595e

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 14 Jul 2021 16:26:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Jul 2021 09:06:49 GMT
Server
AmazonS3
x-amz-request-id
BMT4S1AYK8ZN71ET
ETag
"e0857ef0ff6f1b62cf2cfac066e6a0b3"
Vary
Accept-Encoding
Content-Type
text/plain
Access-Control-Allow-Origin
*
CDN-Origin-Protocol
HTTP
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
5402
x-amz-id-2
l559lyqSgS13sJpm8ozAgTLq/O9ZPHFVQtuO2JCtut6u1E5xvNbb8geqHa31KPYGEtzn8SZrQUE=
impl.20210714-8-RELEASE.js
cdn.taboola.com/libtrc/ 		530 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210714-8-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
5559e0bc6f82e615d9a4a6c8748180334eb8efa2171a6e8d7d00d027117e491f

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
6Bo7EsH3yVc0J8Bprhc1ZQ5h3._l4HpJ
content-encoding
br
etag
"ffe57679a275479151e02bce56a16b0c"
age
23592
x-cache
HIT
content-length
120412
x-amz-id-2
Ehp1Sg5oAIfBslQg1ZygJg64IBDkm6L1DGR6TRnhFRw3JtVBlPiW+HSx/dYxHqUv2J73JsG/szM=
x-served-by
cache-fra19123-FRA
last-modified
Wed, 14 Jul 2021 09:52:28 GMT
server
AmazonS3-br
x-timer
S1626279966.255027,VS0,VE0
date
Wed, 14 Jul 2021 16:26:06 GMT
vary
Accept-Encoding
x-amz-request-id
EFNV9XG9MFAMR748
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
2
x-cache-hits
112416
collect
stats.g.doubleclick.net/j/ 		4 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-144347007-1&cid=249002537.1626279966&jid=1815740724&gjid=1973446979&_gid=1149361358.1626279966&_u=YEBAAUAAAAAAAC~&z=862254422
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 14 Jul 2021 16:26:06 GMT
content-type
text/plain
access-control-allow-origin
https://premiuminter.forum2x2.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
api.viglink.com/api/ 		260 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/ping
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.164.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-164-24.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
19091bd1f0f66c95e2e65cc731be966150ce0a5d6c2031114f1c6e26a05d1c16

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 16:26:06 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://premiuminter.forum2x2.ru
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
260
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-144347007-1&cid=249002537.1626279966&jid=1815740724&_u=YEBAAUAAAAAAAC~&z=365987494
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Jul 2021 16:26:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-144347007-1&cid=249002537.1626279966&jid=1815740724&_u=YEBAAUAAAAAAAC~&z=365987494
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Jul 2021 16:26:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
u_d.html
cdn1.avantisvideo.com/connect/ Frame 6EFB 		42 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=f4ae7e78-7270-4715-b468-988c541b35d8&tagId=1&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8a00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038

Request headers

:method
GET
:authority
cdn1.avantisvideo.com
:scheme
https
:path
/connect/u_d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://premiuminter.forum2x2.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://premiuminter.forum2x2.ru/

Response headers

content-type
text/html
date
Tue, 13 Jul 2021 18:57:36 GMT
last-modified
Tue, 30 Mar 2021 10:01:49 GMT
etag
W/"f5694815436f3e426c35d9ae8274ad04"
x-amz-version-id
Ftlos22uEwPvOcBw5odXpMxKfkl_0T1Q
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ur44YhqqE1pPqLFdGZVRuMa7PNuvms2KF-YB4aIpI28gtARDdrFKGg==
age
77311
si.js
c.ad6media.fr/ 		38 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.ad6media.fr/si.js?13
Requested by
Host: l0w9d0la63.s.ad6media.fr
URL: https://l0w9d0la63.s.ad6media.fr/?d=1626279966113&r=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.135.94.16 , France, ASN16276 (OVH, FR),
Reverse DNS
ip16.ip-5-135-94.eu
Software
nginx /
Resource Hash
893910ccaf34f7f66134f7b38b0d0927514476d355fc39174dda0f215abd6132

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:06 GMT
content-encoding
gzip
last-modified
Tue, 30 Mar 2021 08:55:58 GMT
server
nginx
etag
W/"6062e79e-9821"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=864000
expires
Sat, 24 Jul 2021 16:26:06 GMT
f.js
c.ad6media.fr/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.ad6media.fr/f.js?1
Requested by
Host: l0w9d0la63.s.ad6media.fr
URL: https://l0w9d0la63.s.ad6media.fr/?d=1626279966113&r=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.135.94.16 , France, ASN16276 (OVH, FR),
Reverse DNS
ip16.ip-5-135-94.eu
Software
nginx /
Resource Hash
3175aac9018fff52f29cf7b218ed499a04a41f6f1b27685290310e9d3bfa7797

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:06 GMT
content-encoding
gzip
last-modified
Tue, 30 Mar 2021 08:55:58 GMT
server
nginx
etag
W/"6062e79e-1874"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=864000
expires
Sat, 24 Jul 2021 16:26:06 GMT
geoip
avm.avantisvideo.com/api/v1/ Frame 6EFB 		125 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:a800:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5dc06f55ccdbe6d8c227da35d86a7c77d7227cbd4a55258c978c5f47620b17ad
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
ZRH50-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Origin
content-length
125
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Wed, 14 Jul 2021 16:26:06 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
x-amz-cf-id
Dkdx6_OKDRauxt_esx5oqwNnNlOl8rEwYhI4UZOgWu4O9VDCvMPt6w==
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Server
2600:9000:2190:a800:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://cdn1.avantisvideo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 14 Jul 2021 16:26:06 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
vary
Origin
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
x-cache
Miss from cloudfront
via
1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
YaiBjTwKoUx1j_u3agE6XulBCYX71f4vOfR9uAFroNIqrTqFtFsCTw==
sync.js
api.viglink.com/api/ 		43 B
390 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/sync.js?key=9019de09e2fbd24ca1be00a9fededd9e
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.164.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-164-24.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 16:26:05 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Type
image/gif;charset=UTF-8
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync.gif
api.viglink.com/api/ 		43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.viglink.com/api/sync.gif?key=9019de09e2fbd24ca1be00a9fededd9e
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.164.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-164-24.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 16:26:06 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Type
image/gif;charset=UTF-8
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
domains
api.viglink.com/api/ 		41 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.164.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-164-24.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
91647d0a630b7c5a0b1d623de7d7cfd8af69c0effa7dc8400c5d92e70dea6395

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 16:26:05 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://premiuminter.forum2x2.ru
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
41
Expires
Thu, 01 Jan 1970 00:00:00 GMT
i.png
c.ad6media.fr/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.ad6media.fr/i.png
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.135.94.16 , France, ASN16276 (OVH, FR),
Reverse DNS
ip16.ip-5-135-94.eu
Software
nginx /
Resource Hash
1292fa56b518ff6cf0a3e33554d22550bfe89de66ecd2c58609152291191f24a

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:06 GMT
last-modified
Wed, 12 Jun 2013 10:53:18 GMT
server
nginx
etag
"51b8531e-225f"
content-type
image/png
cache-control
max-age=864000
accept-ranges
bytes
content-length
8799
expires
Sat, 24 Jul 2021 16:26:06 GMT
/
agi9rsy9yi.s.ad6media.fr/ Frame E19F 		83 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://agi9rsy9yi.s.ad6media.fr/?d=1626279966551&r=
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.32.120.35 , France, ASN16276 (OVH, FR),
Reverse DNS
ip35.ip-178-32-120.eu
Software
nginx /
Resource Hash
b2de42b04591788419826ccad9aa24ffc7b6bdd9666a9dc932c955286c960b74

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:07 GMT
p3p
policyref="https://www.ad6media.fr/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI"
server
nginx
timing-allow-origin
*
report-to
{ "url": "https://report.s.ad6media.fr/reports", "max_age": 10886400, "include_subdomains":true }
content-type
application/javascript
ver.js
c.ad6media.fr/ Frame E19F 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.ad6media.fr/ver.js?10
Requested by
Host: c.ad6media.fr
URL: https://c.ad6media.fr/si.js?13
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.135.94.16 , France, ASN16276 (OVH, FR),
Reverse DNS
ip16.ip-5-135-94.eu
Software
nginx /
Resource Hash
93514b8b494c8435c97059bba7c58950a3158c4a098ae2a1324a93a21697da6f

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:06 GMT
content-encoding
gzip
last-modified
Tue, 30 Mar 2021 08:55:58 GMT
server
nginx
etag
W/"6062e79e-2fb7"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=864000
expires
Sat, 24 Jul 2021 16:26:06 GMT
0
m.ad6media.fr/sa/29580/si/405243/ Frame E19F 		43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.ad6media.fr/sa/29580/si/405243/0
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.187.190.91 , France, ASN16276 (OVH, FR),
Reverse DNS
ip91.ip-37-187-190.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 16:26:06 GMT
Cache-Control
max-age=60
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
Expires
Wed, 14 Jul 2021 16:27:06 GMT
slidein
l0w9d0la63.s.ad6media.fr/bv/16299763/2107141826063122110681042992/3893/e9b21175d8b632684aeaf4746062e640/0/0/ Frame E19F 		43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l0w9d0la63.s.ad6media.fr/bv/16299763/2107141826063122110681042992/3893/e9b21175d8b632684aeaf4746062e640/0/0/slidein
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 16:26:06 GMT
Cache-Control
no-cache, must-revalidate
Content-Type
image/gif
Server
nginx
P3P
policyref="https://www.ad6media.fr/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI"
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
vl-av-p-n-cr.js
cdn.avantisvideo.com/js/ 		128 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/vl-av-p-n-cr.js?tagId=23&id=f4ae7e78-7270-4715-b468-988c541b35d8&subId=&callback=
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=f4ae7e78-7270-4715-b468-988c541b35d8&tagId=1&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8a00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dde7ec4767e8df84f606eb034d1a34c53de71b2055a0ce8412b25c8c2a8ae617

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
jCdy6mNEzL59ecD53S2HiiEFhl9ObTSq
content-encoding
gzip
last-modified
Wed, 07 Jul 2021 07:01:21 GMT
server
AmazonS3
age
81382
etag
W/"1d3e438ae45fa5453da54e9b9653cf9d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
date
Tue, 13 Jul 2021 17:49:45 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
wsmLzTNiDofdE91LPMUkO2v7GVgfrfmV2eiVtFmuHr_csvE62lSbEw==
chk.php
st3.ad6.fr/ Frame E19F 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st3.ad6.fr/chk.php?sk=l0w9d0la63&id=16299763&fo=slidein&na=Chrome%2089.0.4389.72&d=1626279966737&if=1&r=&c=1&i=1600x1200|1600|1200|1600|1200|1600|2378|0|0|43|-120|en-US&to=1&ifs=1&st=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Fforum|https%3A%2F%2Fpremiuminter.forum2x2.ru%2Fforum&ti=Premium%20Partnerid&url=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Fforum&wo=
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.135.94.16 , France, ASN16276 (OVH, FR),
Reverse DNS
ip16.ip-5-135-94.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:07 GMT
cache-control
max-age=2592000
content-type
text/html; charset=UTF-8
server
nginx
content-encoding
gzip
vary
Accept-Encoding
expires
Fri, 13 Aug 2021 16:26:07 GMT
generate
avm.avantisvideo.com/api/v1/tag/f4ae7e78-7270-4715-b468-988c541b35d8/23/desktop/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/f4ae7e78-7270-4715-b468-988c541b35d8/23/desktop/generate?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Fforum&eu=true&country=DE&hour=18
Protocol
H2
Server
2600:9000:2190:a800:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://premiuminter.forum2x2.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 14 Jul 2021 16:26:06 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
vary
Origin
access-control-allow-origin
https://premiuminter.forum2x2.ru
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
x-cache
Miss from cloudfront
via
1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
TXPj8xyCIxqXmj1hMtG_5I9XjWw8Qj_l-OuZt27Ep2SnbscmXDiPnA==
/
events1.avantisvideo.com/ 		0
35 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/vl-av-p-n-cr.js?tagId=23&id=f4ae7e78-7270-4715-b468-988c541b35d8&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.226.88.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 14 Jul 2021 16:26:07 GMT
generate
avm.avantisvideo.com/api/v1/tag/f4ae7e78-7270-4715-b468-988c541b35d8/23/desktop/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/f4ae7e78-7270-4715-b468-988c541b35d8/23/desktop/generate?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Fforum&eu=true&country=DE&hour=18
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/vl-av-p-n-cr.js?tagId=23&id=f4ae7e78-7270-4715-b468-988c541b35d8&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:a800:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5d26487fa1ff0ae4d9877fac5cf23809f49fd677adf1819bb054d8fed0499167
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Jul 2021 16:26:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
ZRH50-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Accept-Encoding, Origin
x-xss-protection
0
access-control-allow-origin
https://premiuminter.forum2x2.ru
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
via
1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
access-control-allow-credentials
true
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-amz-cf-id
HAEBhzN4qVCGCyNZ-dFQbJ7RxjH7jrTWyNysJL2x5MMOxBJPMnA6NQ==
cdb
bidder.criteo.com/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=109&profileId=206&cb=25623790931
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://premiuminter.forum2x2.ru
date
Wed, 14 Jul 2021 16:26:06 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
0.vl-av-p-n-cr.js
cdn.avantisvideo.com/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/0.vl-av-p-n-cr.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/vl-av-p-n-cr.js?tagId=23&id=f4ae7e78-7270-4715-b468-988c541b35d8&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8a00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf85d36e3a410290e3b7287a442c5ea8c095b8e04b547b974054a2aa357ea598

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 19:53:36 GMT
content-encoding
gzip
last-modified
Wed, 07 Jul 2021 07:01:21 GMT
server
AmazonS3
age
73952
etag
W/"5d5cac9d8c44e9db281da0c2884f9935"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
uiy0MT5dQqQJy8Q6IMFWIGe6Kz7vJt0I
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
xk8Ty46apnnQKM31SRlUdrD4O1VH4cfcTe18Zd5suyGWBmtodf5RoA==
prebid.js
cdn.avantisvideo.com/js/ 		2 MB
532 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/prebid.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/vl-av-p-n-cr.js?tagId=23&id=f4ae7e78-7270-4715-b468-988c541b35d8&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8a00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82d61770620919ae319f505d190204866c54bb534ebf012ca394b27d5c3a4bd8

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
rckeqwsNm_GL2zHTSp6CWQxLF3J6y7BD
content-encoding
gzip
last-modified
Thu, 20 May 2021 09:38:42 GMT
server
AmazonS3
age
708
etag
W/"2c3a49f985144a053dccaadef2043180"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
date
Wed, 14 Jul 2021 16:14:42 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
vyzRvuYTkT0gX_6iJREOr6awZh6x5rigiP3k1mMtvLIbmKMXknUV0A==
2.vl-av-p-n-cr.js
cdn.avantisvideo.com/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/2.vl-av-p-n-cr.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/vl-av-p-n-cr.js?tagId=23&id=f4ae7e78-7270-4715-b468-988c541b35d8&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8a00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4fa2d9818f41b7afe30a6ce559354c6517eb24df4103fc14754d14996deacf7

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 19:01:24 GMT
content-encoding
gzip
last-modified
Wed, 07 Jul 2021 07:01:21 GMT
server
AmazonS3
age
77083
etag
W/"16cb604142ce5916175f47315a87f20f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
ZrFp632BSJ80tAyBiCa82pFPuucP1sfu
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
OvfOnhzvEKssFtS6tz2iG3zEIxL7A8Bbliz7-vAzFszJfwXLkF2raw==
jw-panKa7aU_8_19.1.js
cdn.avantisvideo.com/js/ 		111 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/jw-panKa7aU_8_19.1.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/vl-av-p-n-cr.js?tagId=23&id=f4ae7e78-7270-4715-b468-988c541b35d8&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8a00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0670e48bab6c1bfb0f365a1ee849d082fb3cfd69ac3c3fd6dbd7be8a14428b12

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
BP7yGUygqILt29JFHO.gcSXqOBnJWYAf
content-encoding
gzip
last-modified
Wed, 23 Jun 2021 11:53:29 GMT
server
AmazonS3
age
72447
etag
W/"541402557e95972f1f286acea0ab2dbd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
date
Tue, 13 Jul 2021 20:26:57 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
u5_sLz-nbtIYQCxmx-g9z5zp9a4vb1_WqFu7EJ28jdvCCQ79D__MkQ==
index.php
adstune.com/ap/ Frame 4906 		966 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adstune.com/ap/index.php?lang=ru&dim=728x90
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35e5b3f77ffe5a6a56d481a0ff76664c335f2913a6072b02fafb7f00a6322d47
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
adstune.com
:scheme
https
:path
/ap/index.php?lang=ru&dim=728x90
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://premiuminter.forum2x2.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://premiuminter.forum2x2.ru/

Response headers

date
Wed, 14 Jul 2021 16:26:07 GMT
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
x-xss-protection
1; mode=block
access-control-allow-origin
*
x-cache-ne
HIT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie
__cf_bm=166f559878381aedeec852071d6db25342828266-1626279967-1800-AXNQsbGhrLgdZG6QKGcr+vr4dribDGRCbnHQUY2tDyx69kj0Vjkyw6+LJ56GUh3ABvUG8nkN5Nif9ZHTFP2Zclw=; path=/; expires=Wed, 14-Jul-21 16:56:07 GMT; domain=.adstune.com; HttpOnly; Secure; SameSite=None
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=a1pFaBs8Hvv5wnI%2BOx04rdm2kn59JRgucWuOHQsNK3BMHIhjPe5w9MZoBtHODvp4rwI8UmOP61z8C6DqW0n1RbuG9Ds1BojvUfV7izHeVklElqUVCrImAeU%2Fzu7E7BVOUHcHgwk%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66ec1c6339854e5b-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame A2CF 		134 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d557ac01f6bfe50ee326ee5f2d49f424ec776af5da5abb4231083ab4a772feb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48558
x-xss-protection
0
server
cafe
etag
17065370731229648185
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 14 Jul 2021 16:26:07 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 022A 		134 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad10571351e34e54e5f7edab342656a89998c66fb0ff2cf44b44094f8ccbaadf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48566
x-xss-protection
0
server
cafe
etag
1591233459801440635
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 14 Jul 2021 16:26:07 GMT
events
bidder.criteo.com/csm/ 		0
197 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://premiuminter.forum2x2.ru
date
Wed, 14 Jul 2021 16:26:06 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
wrapper.html
wrappers.geoedge.be/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5000:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-amz-version-id
gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 12:46:04 GMT
server
AmazonS3
age
32290
etag
"4a6c546fe449447f2a620613c0655458"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
date
Wed, 14 Jul 2021 07:28:02 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
3121
x-amz-cf-id
WmtUWtZ2ja-eFo9FYVMTrWXrUdVbTjY_KOLLvXSOPN6kc8q5au-mlA==
freewheel-mapping.json
cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/ 		14 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/freewheel-mapping.json
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
32786
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1386
etag
W/"36b6-ffkBzh2j6c/gCM5tBPQMcNXdZI8"
x-served-by
cache-fra19157-FRA
date
Wed, 14 Jul 2021 16:26:07 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
domains
api.viglink.com/api/ 		42 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.164.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-164-24.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
54ed6287bac13196ac6ef3154d4c9457e36bc5d070aee80e0177f4d6921cffb0

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 16:26:06 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://premiuminter.forum2x2.ru
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT
nf.js
c.ad6media.fr/nf/ Frame E19F 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.ad6media.fr/nf/nf.js?255
Requested by
Host: agi9rsy9yi.s.ad6media.fr
URL: https://agi9rsy9yi.s.ad6media.fr/?d=1626279966551&r=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.135.94.16 , France, ASN16276 (OVH, FR),
Reverse DNS
ip16.ip-5-135-94.eu
Software
nginx /
Resource Hash
c25a1f77ca8204c8e125f5a54c187d03889cc3d8d335ae6198b64a369669cb06

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:07 GMT
content-encoding
gzip
last-modified
Wed, 30 Jun 2021 12:18:00 GMT
server
nginx
etag
W/"60dc60f8-657a"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=864000
expires
Sat, 24 Jul 2021 16:26:07 GMT
0
m.ad6media.fr/sa/78385/na/782877/ Frame E19F 		43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.ad6media.fr/sa/78385/na/782877/0
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.187.190.91 , France, ASN16276 (OVH, FR),
Reverse DNS
ip91.ip-37-187-190.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 16:26:07 GMT
Cache-Control
max-age=60
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
Expires
Wed, 14 Jul 2021 16:27:07 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210708/r20190131/ Frame DB70 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210708/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210708/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://premiuminter.forum2x2.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://premiuminter.forum2x2.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 14 Jul 2021 00:45:58 GMT
expires
Wed, 28 Jul 2021 00:45:58 GMT
content-type
text/html; charset=UTF-8
etag
15579341980913220427
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
56409
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
native_render.js
superonclick.com/script/ Frame A2CF 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superonclick.com/script/native_render.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bd78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ==
date
Wed, 14 Jul 2021 16:26:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2297
x-guploader-uploadid
ABg5-Ux3ugDbjZHv9rpPo7PWt7S1qud12-Vw4b8rTYh-k2UMds-oGdb-EGzLhtVd-VxsPwU_T52pajAPwTcwsdI7qDL8U18q4g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 13 Feb 2019 10:15:50 GMT
server
cloudflare
etag
W/"8b801d68c6f63f9ef8a9a7aa484b9c75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebXTZKLi0mzKiziB7KkzEIblCCs72mSGGC0ItAYTrcph9BtkCQRxB9tIFiUo49ZJfqrJCRRB5mMUuJsu6Q%2FyLKEyfLpi4kFFolhXyROgfe4rAqU4LQdpmrX2TFDsBrIQVm0TjS6noibZYTk4IurO"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1550052950916101
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
4285
cf-ray
66ec1c64ff052b59-FRA
expires
Wed, 14 Jul 2021 16:40:46 GMT
native_server.js
superonclick.com/script/ Frame A2CF 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superonclick.com/script/native_server.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bd78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw==
date
Wed, 14 Jul 2021 16:26:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3301
x-guploader-uploadid
ABg5-UztHarEA9WAL61ya9rea4JSaKO43c4uJRU5ju3QmZnd8lU0dTs1xERvBaCgxHtc9Mw1kzkD_hnNAYAJCEBbKOXI6RQA2w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 13 Feb 2019 10:15:52 GMT
server
cloudflare
etag
W/"51d87e9ebd831fccab6a016079a60793"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIKdL0d7eYB0fOOdRVbgwlio9yptNqwqv4r2UxyslumRvi%2BAOMY9BnHes7yROxZU3eOFJSQMdm6oDxVbVkSx9lppiwFCqZBa5oe90%2FwENtReQZN5enWmFjq96w3wn3GNGozhsb3KYN%2FVkaQYi9NI"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1550052952705094
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
9260
cf-ray
66ec1c64ff092b59-FRA
expires
Wed, 14 Jul 2021 15:40:59 GMT
native_render.js
superonclick.com/script/ Frame 022A 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superonclick.com/script/native_render.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bd78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ==
date
Wed, 14 Jul 2021 16:26:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2297
x-guploader-uploadid
ABg5-Ux3ugDbjZHv9rpPo7PWt7S1qud12-Vw4b8rTYh-k2UMds-oGdb-EGzLhtVd-VxsPwU_T52pajAPwTcwsdI7qDL8U18q4g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 13 Feb 2019 10:15:50 GMT
server
cloudflare
etag
W/"8b801d68c6f63f9ef8a9a7aa484b9c75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYiMC29kcGY20Y4UjBMCSNExmyzH6XpWT3qW5YAUgqKl0Pla6BmnzxGZX8uJ6Mr2yzgSZgpxuPyOufkXHMIkxryufQWx4j%2BWxzVlPav6jXuV%2FAh7AbHt8g9KeZOR3ktzaPMdseLAO4kZqaPnI%2BFO"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1550052950916101
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
4285
cf-ray
66ec1c650f582b59-FRA
expires
Wed, 14 Jul 2021 16:40:46 GMT
native_server.js
superonclick.com/script/ Frame 022A 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superonclick.com/script/native_server.js
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bd78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw==
date
Wed, 14 Jul 2021 16:26:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3301
x-guploader-uploadid
ABg5-UztHarEA9WAL61ya9rea4JSaKO43c4uJRU5ju3QmZnd8lU0dTs1xERvBaCgxHtc9Mw1kzkD_hnNAYAJCEBbKOXI6RQA2w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 13 Feb 2019 10:15:52 GMT
server
cloudflare
etag
W/"51d87e9ebd831fccab6a016079a60793"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51YP%2FRl7mL0IIt3E8yqv32lJVm2vVIsDY14tS2iBa5nJkE%2BGf5I7S%2BuGXhxtbs8uzO6CEz4rxyDmP4o7XQqupEh%2BQDL3K1hX2R2OKweqYcVU8ahAEXZ9egVy9BhMnzaOIEISCXwhUA%2BSG5eC9m%2Bg"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1550052952705094
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=14400
x-goog-stored-content-length
9260
cf-ray
66ec1c650f5f2b59-FRA
expires
Wed, 14 Jul 2021 15:40:59 GMT
js
www.googletagmanager.com/gtag/ Frame 4906 		93 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-121629819-1
Requested by
Host: adstune.com
URL: https://adstune.com/ap/index.php?lang=ru&dim=728x90
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3d506fed3b875271f3f79271c827ca1f94024cb3813d418e9770862a65b817c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://adstune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Jul 2021 16:26:07 GMT
mag-forum2x2.png
adstune.com/ap/ru/728x90/ Frame 4906 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adstune.com/ap/ru/728x90/mag-forum2x2.png
Requested by
Host: adstune.com
URL: https://adstune.com/ap/index.php?lang=ru&dim=728x90
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23c5a3f4174f9a5cc573d0d1e3d2d404a6f6d27c6fe617dfdf3ba0f26545570f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adstune.com/ap/index.php?lang=ru&dim=728x90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:07 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7124170
strict-transport-security
max-age=63072000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
38725
x-xss-protection
1; mode=block
last-modified
Fri, 20 Oct 2017 13:01:26 GMT
server
cloudflare
etag
"59e9f3a6-9745"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=72WxBW9J92O2AwfS0WelEvwAbkXo0tYcDAmtQCXKkMMR7FIBCYmY0PnTJ02W4QFCOmCY%2F8I9PESaBq3mWKb75hfh37dyppYd6ek5FNv7pYu5dKBwfGlSH3RPz8uhB7ogQmvCkEU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
66ec1c654dcd2c52-FRA
expires
Sat, 23 Apr 2022 05:29:57 GMT
base.native.js
c.ad6media.fr/nf/ Frame E19F 		91 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.ad6media.fr/nf/base.native.js?ver=143660
Requested by
Host: c.ad6media.fr
URL: https://c.ad6media.fr/nf/nf.js?255
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.135.94.16 , France, ASN16276 (OVH, FR),
Reverse DNS
ip16.ip-5-135-94.eu
Software
nginx /
Resource Hash
a56cd4a287e381d07d694428a212dfc894c6776e623312860fbc1699990fbff6

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:07 GMT
content-encoding
gzip
last-modified
Wed, 30 Jun 2021 12:18:00 GMT
server
nginx
etag
W/"60dc60f8-16a7b"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=864000
expires
Sat, 24 Jul 2021 16:26:07 GMT
1.native.js
c.ad6media.fr/nf/ Frame E19F 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.ad6media.fr/nf/1.native.js?ver=143660
Requested by
Host: c.ad6media.fr
URL: https://c.ad6media.fr/nf/nf.js?255
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.135.94.16 , France, ASN16276 (OVH, FR),
Reverse DNS
ip16.ip-5-135-94.eu
Software
nginx /
Resource Hash
1057cf580eaa82492400e2c3b746518e0c4f212a5d93f93e2af51929b0383032

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:07 GMT
content-encoding
gzip
last-modified
Wed, 30 Jun 2021 12:18:00 GMT
server
nginx
etag
W/"60dc60f8-399c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=864000
expires
Sat, 24 Jul 2021 16:26:07 GMT
iab.native.js
c.ad6media.fr/nf/ Frame E19F 		77 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.ad6media.fr/nf/iab.native.js?ver=143660
Requested by
Host: c.ad6media.fr
URL: https://c.ad6media.fr/nf/nf.js?255
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.135.94.16 , France, ASN16276 (OVH, FR),
Reverse DNS
ip16.ip-5-135-94.eu
Software
nginx /
Resource Hash
20d01d4056a5e21ce4801289776350e5f8ca3779e197e3cd9c4a27bcac6aef7d

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:07 GMT
content-encoding
gzip
last-modified
Wed, 30 Jun 2021 12:18:00 GMT
server
nginx
etag
W/"60dc60f8-1329f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=864000
expires
Sat, 24 Jul 2021 16:26:07 GMT
analytics.js
www.google-analytics.com/ Frame 4906 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-121629819-1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://adstune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
2121
date
Wed, 14 Jul 2021 15:50:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Wed, 14 Jul 2021 17:50:46 GMT
syncframe
gum.criteo.com/ Frame 4C4A 		291 B
724 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=premiuminter.forum2x2.ru
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=premiuminter.forum2x2.ru
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://premiuminter.forum2x2.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://premiuminter.forum2x2.ru/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1514
set-cookie
uid=64c8b9e1-af8a-44b9-896b-dd94fb5a3779; expires=Thu, 14 Jul 2022 16:26:07 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Wed, 14 Jul 2021 16:26:06 GMT
content-length
321
identify.html
ufpcdn.com/script/ Frame AA4E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: superonclick.com
URL: https://superonclick.com/script/native_server.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

:method
GET
:authority
ufpcdn.com
:scheme
https
:path
/script/identify.html?frmt=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://premiuminter.forum2x2.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://premiuminter.forum2x2.ru/

Response headers

date
Wed, 14 Jul 2021 16:26:07 GMT
content-type
text/html
last-modified
Tue, 15 May 2018 06:39:25 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie
__cf_bm=12496aba8d7a2840c6fbbdd519570ba4eec59eda-1626279967-1800-ARp/epDDCzCLfxM1KrV+HFdIy+RHSi1esDeUEfClNFPxK5I3Avl33wVFRRTgpPX8U9qSos68Rkh6Wt5Q84kXzAw=; path=/; expires=Wed, 14-Jul-21 16:56:07 GMT; domain=.ufpcdn.com; HttpOnly; Secure; SameSite=None
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=k4HoZgpsJj3l0mbDtaRJuhqP26cEFgqYLJB64jQEdbREmCXrwen%2BtkEQSeG6coowyYufcUZJ%2BQ8%2BC0DsvtasNOy9aqaHE1EIsgqSlufsI%2FEq09SaF9L0rN5p5JCbPmqpvMS0CA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66ec1c66ae4105f1-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
identify.html
ufpcdn.com/script/ Frame E3AE 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: superonclick.com
URL: https://superonclick.com/script/native_server.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

:method
GET
:authority
ufpcdn.com
:scheme
https
:path
/script/identify.html?frmt=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://premiuminter.forum2x2.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://premiuminter.forum2x2.ru/

Response headers

date
Wed, 14 Jul 2021 16:26:07 GMT
content-type
text/html
last-modified
Tue, 15 May 2018 06:39:25 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie
__cf_bm=bcff644b08dfb35e72aabd118e3c38672cb0417e-1626279967-1800-AfXHD6gajto7fOY0acrgnPTS10krRJug41L24Hk9nvidTTkH2kPUT9to0r0z1w4mW3MwUfeEn1LeZwz1XQ70UYY=; path=/; expires=Wed, 14-Jul-21 16:56:07 GMT; domain=.ufpcdn.com; HttpOnly; Secure; SameSite=None
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=j0I9wouCOlwB82C%2BI8iZuNugjRKZnC%2Fp0stjxmsfnCHMl609bXozqw%2BIUivEgDNZGXuXxA%2Be6QwGsumTkn497Oehb2tBpqwcbelhJovHxmfoBNMXSdwvHWhIaiigE7HKGPLLQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66ec1c66be5905f1-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
native.php
discovernative.com/script/ Frame A2CF 		0
71 B 		Script
General
Check archive.org
Download Go to
Full URL
https://discovernative.com/script/native.php?nwpsv=1&r=3133087&cbrandom=0.2654747023494928&cbWidth=300&cbHeight=250&cbtitle=&cbref=&cbdescription=%D0%9F%D0%BE%D1%82%D1%80%D0%B5%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20Premium%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BE%D1%80%D0%B8%D0%B5%D0%BD%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%B0%D1%88%D0%B8%D1%85%20%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%BE%D0%B2&cbkeywords=%D0%9F%D1%80%D0%B5%D0%BC%D0%B8%D1%83%D0%BC%2C%20%D0%9F%D0%BE%D1%82%D1%80%D0%B5%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%2C%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%2C%20Premium%2C%20%D0%9C%D0%9B%D0%9C%2C%20Premium%2C%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%20%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%2C%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BE%D0%BA%2C%20%D0%BB%D0%BE%D1%82%D0%B5%D1%80%D0%B5%D1%8F%2C%20%D0%BF%D0%BE%D1%82%D1%80%D0%B5%D0%B1%D0%BA%D0%BE%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%2C%20mlm%2C%20http%3A%2F%2Fpremiuminter.net%2Fr%2F%2C%20http%3A%2F%2Fsistemalide.ru%2F%2C%20http%3A%2F%2Fpremiuminter%2C&cbiframe=1&&callback=jsonp511998
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.31.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 14 Jul 2021 16:26:08 GMT
via
1.1 google
server
openresty
alt-svc
clear
native.php
discovernative.com/script/ Frame 022A 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://discovernative.com/script/native.php?nwpsv=1&r=3133087&cbrandom=0.6052904925466387&cbWidth=300&cbHeight=250&cbtitle=&cbref=&cbdescription=%D0%9F%D0%BE%D1%82%D1%80%D0%B5%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20Premium%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BE%D1%80%D0%B8%D0%B5%D0%BD%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%B0%D1%88%D0%B8%D1%85%20%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%BE%D0%B2&cbkeywords=%D0%9F%D1%80%D0%B5%D0%BC%D0%B8%D1%83%D0%BC%2C%20%D0%9F%D0%BE%D1%82%D1%80%D0%B5%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%2C%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%2C%20Premium%2C%20%D0%9C%D0%9B%D0%9C%2C%20Premium%2C%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%20%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%2C%20%D0%B7%D0%B0%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BE%D0%BA%2C%20%D0%BB%D0%BE%D1%82%D0%B5%D1%80%D0%B5%D1%8F%2C%20%D0%BF%D0%BE%D1%82%D1%80%D0%B5%D0%B1%D0%BA%D0%BE%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81%2C%20mlm%2C%20http%3A%2F%2Fpremiuminter.net%2Fr%2F%2C%20http%3A%2F%2Fsistemalide.ru%2F%2C%20http%3A%2F%2Fpremiuminter%2C&cbiframe=1&&callback=jsonp558150
Requested by
Host: premiuminter.forum2x2.ru
URL: https://premiuminter.forum2x2.ru/forum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.31.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 14 Jul 2021 16:26:08 GMT
via
1.1 google
server
openresty
alt-svc
clear
83a59926-32a4-4bfb-8307-e2fff3e4d63e
avm.avantisvideo.com/api/v1/channel/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/channel/83a59926-32a4-4bfb-8307-e2fff3e4d63e?pub_id=f4ae7e78-7270-4715-b468-988c541b35d8&tag_id=23&hour=18&browser=chrome&os=windows&osv=10.0&domain=premiuminter.forum2x2.ru&url=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Fforum&device=desktop&country=DE
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/vl-av-p-n-cr.js?tagId=23&id=f4ae7e78-7270-4715-b468-988c541b35d8&subId=&callback=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:a800:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e0aba7935acb42ba91c04ffcb16b03b04a932be112676b2c1eef994cff91daff
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Jul 2021 16:26:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
ZRH50-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Accept-Encoding, Origin
x-xss-protection
0
access-control-allow-origin
https://premiuminter.forum2x2.ru
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/plain; charset=utf-8
via
1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
access-control-allow-credentials
true
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-amz-cf-id
71odFZ7eNPt46jmtY5QkKEp5gHZlkjtzlahaqOUtk1pZyyWstpRZGg==
83a59926-32a4-4bfb-8307-e2fff3e4d63e
avm.avantisvideo.com/api/v1/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/channel/83a59926-32a4-4bfb-8307-e2fff3e4d63e?pub_id=f4ae7e78-7270-4715-b468-988c541b35d8&tag_id=23&hour=18&browser=chrome&os=windows&osv=10.0&domain=premiuminter.forum2x2.ru&url=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Fforum&device=desktop&country=DE
Protocol
H2
Server
2600:9000:2190:a800:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://premiuminter.forum2x2.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 14 Jul 2021 16:26:09 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
vary
Origin
access-control-allow-origin
https://premiuminter.forum2x2.ru
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
x-cache
Miss from cloudfront
via
1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
4z63UK2xQdG35fBgFgyDyn7TvdjezFNwZIKGSUp5xrQR6495gDbouw==
getuid
rtb.avantisvideo.com/api/v1/usersync/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/usersync/getuid?ssps=3
Protocol
H2
Server
52.36.210.0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://premiuminter.forum2x2.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 14 Jul 2021 16:26:10 GMT
vary
Origin
access-control-allow-origin
https://premiuminter.forum2x2.ru
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/vl-av-p-n-cr.js?tagId=23&id=f4ae7e78-7270-4715-b468-988c541b35d8&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.226.88.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 14 Jul 2021 16:26:09 GMT
ptv
ib.adnxs.com/ 		27 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=20615038&referrer=https%3A%2F%2Fpremiuminter.forum2x2.ru%2Fforum&us_privacy=1---&imp_id=e9f8705b-ba40-482d-ae2f-b0361f9a5ba3&cb=1626279969676
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/vl-av-p-n-cr.js?tagId=23&id=f4ae7e78-7270-4715-b468-988c541b35d8&subId=&callback=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 16:26:09 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3ae295b0-e18e-460e-ac7a-88a0142f0ec3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://premiuminter.forum2x2.ru
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
27
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
rtb.avantisvideo.com/api/v1/usersync/ 		57 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/usersync/getuid?ssps=3
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/vl-av-p-n-cr.js?tagId=23&id=f4ae7e78-7270-4715-b468-988c541b35d8&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.210.0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
05ae2b57ebfc5d8db47b520609e27865ade267a3a3f5548883fcc3a37774b7b4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Jul 2021 16:26:10 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-download-options
noopen
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://premiuminter.forum2x2.ru
access-control-allow-credentials
true
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
content-length
57
x-xss-protection
1; mode=block
getbid
rtb.avantisvideo.com/api/v1/auction/ 		11 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/auction/getbid
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/vl-av-p-n-cr.js?tagId=23&id=f4ae7e78-7270-4715-b468-988c541b35d8&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.210.0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Jul 2021 16:26:11 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-download-options
noopen
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://premiuminter.forum2x2.ru
access-control-allow-credentials
true
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
content-length
11
x-xss-protection
1; mode=block
3
rtb.avantisvideo.com/api/v1/usersync/setuid/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=$UID&suid=7e883195-419e-41fe-b4f8-10fc765a6954
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Frtb.avantisvideo.com%2Fapi%2Fv1%2Fusersync%2Fsetuid%2F3%3Fuid%3D%24UID%26suid%3D7e883195-419e-41fe-b4f8-10fc765a6954
  • https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=252228495801605525&suid=7e883195-419e-41fe-b4f8-10fc765a6954
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=252228495801605525&suid=7e883195-419e-41fe-b4f8-10fc765a6954
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.210.0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 16:26:10 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
958e8f1e-5eb0-40ab-a18b-d023b1e87aff
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=252228495801605525&suid=7e883195-419e-41fe-b4f8-10fc765a6954
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getbid
rtb.avantisvideo.com/api/v1/auction/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/auction/getbid
Protocol
H2
Server
52.36.210.0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://premiuminter.forum2x2.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 14 Jul 2021 16:26:10 GMT
vary
Origin
access-control-allow-origin
https://premiuminter.forum2x2.ru
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
openrtb
ads.adaptv.advertising.com/rtb/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.160.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://premiuminter.forum2x2.ru
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
292699
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/292699
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Wed, 14 Jul 2021 16:26:12 GMT
X-SpotX-Timing-Transform
0.000357
X-spotx-Exception-Message
SpotMarket execution was halted.
Access-Control-Allow-Origin
https://premiuminter.forum2x2.ru
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000568
X-fe
020
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
X-SpotX-Timing-Page
0.017406
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.004483
Last-Modified
Wed, 14 Jul 2021 16:26:12 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-Mux
0.002297
X-SpotX-Timing-SpotMarket-Primary
0.007383
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
X-spotx-Exception-global_blacklist-Message
The referer 'premiuminter.forum2x2.ru' is blacklisted.
X-SpotX-Timing-Page-Misc
0.002267
X-SpotX-Timing-Page-Exception
0.000027
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000020
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.007383
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://premiuminter.forum2x2.ru
date
Wed, 14 Jul 2021 16:26:12 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 14 Jul 2021 16:26:12 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a3368ce0-249a-4919-9d57-f45be04c7dea
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://premiuminter.forum2x2.ru
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159970
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159970&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTY2MjE0REYtMkFDQi00MkNBLTgxOEQtNDk3NzA3ODVBNTEy&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTY2MjE0REYtMkFDQi00MkNBLTgxOEQtNDk3NzA3ODVBNTEy&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 16:26:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Wed, 14 Jul 2021 16:26:15 GMT
cache-control
no-store, no-cache, private
x-lat
amspug004:0:427
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP36299338-e4c0-11eb-8f0f-02595dfe8d30
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP36299338-e4c0-11eb-8f0f-02595dfe8d30&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVAzNjI5OTMzOC1lNGMwLTExZWItOGYwZi0wMjU5NWRmZThkMzA%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEAivRqFxTWJ_UUlj9WRWMHs&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEAivRqFxTWJ_UUlj9WRWMHs&google_cver=1&apid=UP36299338-e4c0-11eb-8f0f-02595dfe8d30
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEAivRqFxTWJ_UUlj9WRWMHs&google_cver=1&apid=UP36299338-e4c0-11eb-8f0f-02595dfe8d30
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 16:26:16 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEAivRqFxTWJ_UUlj9WRWMHs&google_cver=1&apid=UP36299338-e4c0-11eb-8f0f-02595dfe8d30
date
Wed, 14 Jul 2021 16:26:16 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=1959752a-7603-4c42-a4fe-5314b7f30cce&_origin=1&gdpr=1&gdpr_consent=
0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=1959752a-7603-4c42-a4fe-5314b7f30cce&_origin=1&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 16:26:16 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Wed, 14 Jul 2021 16:26:15 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=1959752a-7603-4c42-a4fe-5314b7f30cce&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
sync
ups.analytics.yahoo.com/ups/55986/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
  • https://pixel.advertising.com/ups/55986/sync?uid=YO8QJwACnAfBnQBg&_origin=0&gdpr=0&gdpr_consent=&_test=YO8QJwACnAfBnQBg
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YO8QJwACnAfBnQBg&_origin=0&gdpr=0&gdpr_consent=&_test=YO8QJwACnAfBnQBg&apid=UP36299338-e4c0-11eb-8f0f-02595dfe8d30
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YO8QJwACnAfBnQBg&_origin=0&gdpr=0&gdpr_consent=&_test=YO8QJwACnAfBnQBg&apid=UP36299338-e4c0-11eb-8f0f-02595dfe8d30&verify=true
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YO8QJwACnAfBnQBg&_origin=0&gdpr=0&gdpr_consent=&_test=YO8QJwACnAfBnQBg&apid=UP36299338-e4c0-11eb-8f0f-02595dfe8d30&verify=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://premiuminter.forum2x2.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 16:26:16 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date
Wed, 14 Jul 2021 16:26:16 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YO8QJwACnAfBnQBg&_origin=0&gdpr=0&gdpr_consent=&_test=YO8QJwACnAfBnQBg&apid=UP36299338-e4c0-11eb-8f0f-02595dfe8d30&verify=true
Connection
keep-alive
Content-Length
0

Verdicts & Comments Add Verdict or Comment

343 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery boolean| imageTag boolean| theSelection string| clientPC number| clientVer boolean| is_ie boolean| is_nav number| is_moz boolean| is_win boolean| is_mac object| selectId function| helpline function| getarraysize function| arraypush function| arraypop function| checkForm function| emoticon function| emoticonp function| emoticonw function| constructBBcode function| BBcodeVideo function| bbfontstyle function| bbstyle function| FindXY function| selectWysiwyg function| mozWrap function| storeCaret object| html string| document_dir object| item number| mouse_y number| mouse_x function| get_mouseX function| get_mouseY function| get_mouse_pos function| showhide function| insert_search_menu function| insert_search_menu_new function| insert_plus_menu function| insert_plus_menu_new function| insert_plus_album function| insert_plus_album_new function| insert_plus_pic function| insert_plus_pic_new function| link_bbcode function| ShowHideLayer function| ShowHideMenu function| expandLayer function| fa_endpage function| hdr_ref function| hdr_expand function| hdr_contract function| hdr_toggle function| select_switch_col function| disabled1 function| disabled2 string| agt undefined| originalFirstChild function| createTitle function| destroyTitle function| my_getcookie function| my_setcookie function| writeCookie function| expandAllLayer function| check function| checkBySel function| refresh_username function| refresh_username_new function| timestamp function| insertChatBox function| insertChatBoxNew function| insertChatBoxPopup function| showMenu function| action_user function| hideMenu function| js_urlencode function| ajax_refresh_chatbox function| ajax_submit_chatbox function| ajax_refresh_chatterlist function| insert_chatboxsmilie function| change_display_by_icon function| switchuploadaddress function| do_mark function| checkreport function| insert_smilie function| unban_user function| checkmodcp function| check_rotation_radiobuttons function| select_switch_search function| verify_select function| select_switch_line function| select_switch_privmsg function| GetParam function| google_afs_request_done function| set_solved function| bbstyle_table function| display_upload_servimg function| display_upload_imageshack function| onMessage object| gw_window object| gw_style number| offsetx number| offsety number| curX number| curY number| distX number| distY string| obj_ietruebody function| gws_show undefined| elem undefined| divHeight undefined| mouseX undefined| mouseY function| returnNumber function| resizeElement function| resize function| stopResize function| update_dst function| ajax_exec function| div_marquee function| togglePostMultiQuote function| initPostMultiQuote function| initSetFunction function| runLogInPopUp function| privmsg_add_username function| resize_images function| FM_widget_share object| FA function| SystemPoint string| b_help string| i_help string| u_help string| q_help string| c_help string| l_help string| o_help string| p_help string| w_help string| a_help string| s_help string| f_help string| k_help string| e_help string| r_help string| j_help string| v_help string| m_help string| d_help string| t_help string| g_help string| x_help string| y_help string| z_help string| h_help string| sp_help string| wo_help string| ft_help string| jt_help string| sub_help string| sup_help string| tab_help string| hr_help string| fl_help string| vd_help string| _help object| bbcode object| bbtags function| initCategories function| toggleCategory function| togglePopUpMenu function| toggleDiv function| togglePoll function| getElementsByClassName function| initProfilePopUps boolean| openedPopUp function| __tcfapi object| adsbygoogle object| criteo_pubtag object| criteo_pubtag_109 object| Criteo object| Criteo_109 object| google_tag_manager object| dataLayer object| _toolbar function| _manageStateAndCSS function| _moveUp function| _moveDown function| _onResize function| _delItem function| _addItem function| _readItem function| refresh function| _setConfig function| compileNotif object| Toolbar function| gtag function| setScreen number| width boolean| isMobile object| CriteoAdUnits function| CriteoAdblock object| _userdata object| _lang object| _board object| google_tag_data string| GoogleAnalyticsObject function| ga object| _taboola function| urlB64ToUint8Array function| updateSubscriptionOnServer function| subscribeUser function| unsubscribeUser object| twemoji function| AT_adFillSlot object| SDDAN object| regeneratorRuntime function| vglnk string| cname number| cpos object| jQuery1720490614906938188 object| gaplugins object| gaGlobal object| gaData object| TRC object| _tblConsole undefined| msg boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16262799662506 undefined| vglnk_16262799662517 number| compteur object| tiButtons string| tiClass function| useQuerySelector undefined| div undefined| span undefined| result undefined| currentElement undefined| elementClass function| _replaceElement function| topicit_action function| isInt function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl string| ad6_sip object| _ad6si undefined| vglnk_16262799665389 object| _0xb308 object| ad6si object| styleElement function| b number| f undefined| h number| j string| k string| m string| p function| n string| q undefined| t string| w number| x string| y number| A object| B function| C number| D string| E object| F number| G object| H number| I number| J number| place string| title_alerte string| title_alerte_min number| timeoutIDContent object| avntsWebpackJsonp number| avnts_player object| jwDefaults object| webpackJsonpjwplayer function| jwplayer function| avnts_pbChunk object| avnts_pb object| _pbjsGlobals function| JSEncrypt object| ADAGIO object| invibes object| mnet string| nobidVersion object| nobid object| top1 object| realvu_aa_fifo object| realvu_aa number| boost_poll undefined| vglnk_162627996741210 object| google_reactive_ads_global_state object| __MEDIANF___metrics object| __MEDIANF___bidding_metrics object| __MEDIANF___meta object| cookies object| cookie object| divs boolean| has_innerText

8 Cookies

Domain/Path Name / Value
.adstune.com/ Name: __cf_bm
Value: 166f559878381aedeec852071d6db25342828266-1626279967-1800-AXNQsbGhrLgdZG6QKGcr+vr4dribDGRCbnHQUY2tDyx69kj0Vjkyw6+LJ56GUh3ABvUG8nkN5Nif9ZHTFP2Zclw=
.ufpcdn.com/ Name: __cf_bm
Value: bcff644b08dfb35e72aabd118e3c38672cb0417e-1626279967-1800-AfXHD6gajto7fOY0acrgnPTS10krRJug41L24Hk9nvidTTkH2kPUT9to0r0z1w4mW3MwUfeEn1LeZwz1XQ70UYY=
.forum2x2.ru/ Name: _gid
Value: GA1.2.1149361358.1626279966
.forum2x2.ru/ Name: _ga
Value: GA1.2.249002537.1626279966
premiuminter.forum2x2.ru/ Name: toolbar_state
Value: fa_show
.criteo.com/ Name: uid
Value: 64c8b9e1-af8a-44b9-896b-dd94fb5a3779
.forum2x2.ru/ Name: _gat_gtag_UA_144347007_1
Value: 1
.premiuminter.forum2x2.ru/ Name: _fa-screen
Value: %7B%22w%22%3A1600%2C%22h%22%3A1200%7D

1 Console Messages

Source Level URL
Text
console-api log URL: https://premiuminter.forum2x2.ru/forum(Line 54)
Message:
{"w":1600,"h":1200}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2img.net
ads.adaptv.advertising.com
adstune.com
agi9rsy9yi.s.ad6media.fr
ajax.googleapis.com
api.viglink.com
avm.avantisvideo.com
bidder.criteo.com
c.ad6media.fr
cache.consentframework.com
cdn.avantisvideo.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.viglink.com
cdn1.avantisvideo.com
choices.consentframework.com
clck.ru
cm.g.doubleclick.net
connect.topicit.net
discovernative.com
events1.avantisvideo.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
i.servimg.com
ib.adnxs.com
illiweb.com
image2.pubmatic.com
image8.pubmatic.com
l0w9d0la63.s.ad6media.fr
m.ad6media.fr
match.adsrvr.org
pagead2.googlesyndication.com
pixel.advertising.com
premiuminter.forum2x2.ru
rtb.avantisvideo.com
sba.yandex.net
search.spotxchange.com
st3.ad6.fr
static.avantisvideo.com
static.criteo.net
stats.g.doubleclick.net
superonclick.com
sync-tm.everesttech.net
twemoji.maxcdn.com
ufpcdn.com
ups.analytics.yahoo.com
wrappers.geoedge.be
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
130.211.31.231
151.101.13.44
151.101.14.49
172.217.18.98
178.250.2.131
178.32.120.35
178.33.44.177
18.197.47.23
185.33.221.14
185.64.189.110
185.64.189.112
185.64.190.79
185.94.180.123
212.129.3.112
23.111.9.57
2600:9000:2156:5000:2:d490:4d80:93a1
2600:9000:2156:8a00:1c:38a0:8a40:93a1
2600:9000:2190:a800:3:748e:7940:93a1
2606:4700:20::681a:466
2606:4700:20::681a:e6c
2606:4700:3031::6815:4a69
2606:4700:3033::6815:3fe
2606:4700:3033::6815:5aab
2606:4700:3037::ac43:8e31
2606:4700:3037::ac43:9661
2606:4700:3037::ac43:bd78
2606:4700::6810:a00d
2a00:1450:4001:803::2002
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c06::9c
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00::210:ba1a
2a02:6b8::221
2a02:6b8::232
2a04:4e42:3::485
3.126.56.137
37.187.190.91
44.226.88.17
5.135.94.16
52.36.210.0
52.59.160.25
54.76.164.24
76.223.111.131
87.98.153.73
05ae2b57ebfc5d8db47b520609e27865ade267a3a3f5548883fcc3a37774b7b4
0670e48bab6c1bfb0f365a1ee849d082fb3cfd69ac3c3fd6dbd7be8a14428b12
095184d0e56ceefc7e5b2a64d7f7af54a3d195f3f5b4eb4db5279e7ef0563077
0a2ae16febb6218317adbc00cf3a640256fcfd7f84c5ce3f612df78695739869
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
1057cf580eaa82492400e2c3b746518e0c4f212a5d93f93e2af51929b0383032
1292fa56b518ff6cf0a3e33554d22550bfe89de66ecd2c58609152291191f24a
16bd0b41944c9e99eb13a384cc608888ba4fbed6cb9232136d5491affee57435
19091bd1f0f66c95e2e65cc731be966150ce0a5d6c2031114f1c6e26a05d1c16
1ff8044afebdbbbbb5a559611b54329cb4a5b0b63e5eaff1316eda2863092780
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
20d01d4056a5e21ce4801289776350e5f8ca3779e197e3cd9c4a27bcac6aef7d
23c5a3f4174f9a5cc573d0d1e3d2d404a6f6d27c6fe617dfdf3ba0f26545570f
24f6ddc749018d2178bf7f90019d9de40abde12a1b6bd329aa63bfef6061aaca
2d58ecf69035b4a041d10538b72c2f161068a8c3208ac91dc3b5444cc788ceef
3175aac9018fff52f29cf7b218ed499a04a41f6f1b27685290310e9d3bfa7797
35e5b3f77ffe5a6a56d481a0ff76664c335f2913a6072b02fafb7f00a6322d47
3771583adc6d098b0dc9eb3aae804229f87a92b751a3c6b9d2840f3710c096a4
38d8555ff90122f749911d02b87f5006d576441e0b674a61ac202bbef74db7f1
39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542
3d506fed3b875271f3f79271c827ca1f94024cb3813d418e9770862a65b817c1
3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ed6287bac13196ac6ef3154d4c9457e36bc5d070aee80e0177f4d6921cffb0
5559e0bc6f82e615d9a4a6c8748180334eb8efa2171a6e8d7d00d027117e491f
555e464dff65a50d53c635588a1664275f917aa3ee03849de3daaf81beaf0483
5d26487fa1ff0ae4d9877fac5cf23809f49fd677adf1819bb054d8fed0499167
5d9ec80f2c1316c1d793007aa535ad6f381cce1ed7446881a768b9baee45972b
5dc06f55ccdbe6d8c227da35d86a7c77d7227cbd4a55258c978c5f47620b17ad
5eaa1914be2754a54555e04d505439b22288e8460ed6b74117828cd36f2628f2
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
60ec113672b35cc4ba6f7176e42c212b0aba50f0c333d6e33e7a8eca8b8dcb94
637282f23b8352c04ecc9dd7b4e1ffb23f8102517d010afaa447b2fb889b689e
655edd3c630302bcaf2690418226595dee314ed8ecf6747d7ef9a3e012e116a5
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
74d3169e34286a8c8386a74e29aa6955c91090828c2cb4ecd15643b7a968004c
758135feb6954c2501153f4a7846378a69e4189243d09272685850b10632358f
7822709906185a3e00794cd8266d40fb3f9ba1cddd3a487b68e5bbcb15d8fb51
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
82d61770620919ae319f505d190204866c54bb534ebf012ca394b27d5c3a4bd8
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88c316519db1cac5a1e26569c13777a8f1177fdb2d0f732e9af3e214efdac975
893910ccaf34f7f66134f7b38b0d0927514476d355fc39174dda0f215abd6132
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
91647d0a630b7c5a0b1d623de7d7cfd8af69c0effa7dc8400c5d92e70dea6395
9298971a5bdb7470b87aa2bf89d39c6b13fd2f486d38c87b057b94ce54eb98bc
93514b8b494c8435c97059bba7c58950a3158c4a098ae2a1324a93a21697da6f
976ff06837c09e3eeabb7a7acef667f9699e5f05026a149e16f014699f85595e
989f8331f21edcea690ea3a05d646abae9688ae75e61b2a5379f98cccb84dd5f
a4fa2d9818f41b7afe30a6ce559354c6517eb24df4103fc14754d14996deacf7
a56cd4a287e381d07d694428a212dfc894c6776e623312860fbc1699990fbff6
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
ad10571351e34e54e5f7edab342656a89998c66fb0ff2cf44b44094f8ccbaadf
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2de42b04591788419826ccad9aa24ffc7b6bdd9666a9dc932c955286c960b74
b6d018729b6cc00b3732df6a76d2d350e205062eac8b2e6ac254db938eeab31b
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
be829da434dbe7a5719faeb28277229a36314202fb4553b4e87b12298100a133
bf85d36e3a410290e3b7287a442c5ea8c095b8e04b547b974054a2aa357ea598
c1b0a91fd6eb5029cabacc3c14c13144f97a64d3b261082bd78bd95c71a86d49
c25a1f77ca8204c8e125f5a54c187d03889cc3d8d335ae6198b64a369669cb06
c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542
d0cdaa0db2e3c35fdca1e81ab6e540e5408531266d2cb1f39f77b336b6d8c64a
d557ac01f6bfe50ee326ee5f2d49f424ec776af5da5abb4231083ab4a772feb9
dde7ec4767e8df84f606eb034d1a34c53de71b2055a0ce8412b25c8c2a8ae617
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0aba7935acb42ba91c04ffcb16b03b04a932be112676b2c1eef994cff91daff
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee42844f6e6c978ca10465fc9a5f4c61631caf8d37d81a8aa6468b8cf0153e57
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a
ffc299146efe41999da12f0c6e83704de93fd3a874df3fbe9c6c1d95aa17c342