ancientrome.ru Open in urlscan Pro
213.170.65.253 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ancientrome.ru/
Submission Tags: falconsandbox
Submission: On January 03 via api (January 3rd 2022, 4:34:34 am UTC) from US — Scanned from DE

Summary HTTP 140 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 42 IPs in 8 countries across 49 domains to perform 140 HTTP transactions. The main IP is 213.170.65.253, located in St Petersburg, Russian Federation and belongs to QUANTUM, RU. The main domain is ancientrome.ru.

This is the only time ancientrome.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	213.170.65.253 213.170.65.253	12418 (QUANTUM) (QUANTUM)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4 8	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
8	2a02:6b8:20::215 2a02:6b8:20::215	208722 (YNDX) (YNDX)
1 4	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
6	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
5 17	46.4.114.109 46.4.114.109	24940 (HETZNER-AS) (HETZNER-AS)
3 4	96.46.186.57 96.46.186.57	7979 (SERVERS-COM) (SERVERS-COM)
1 1	116.202.82.143 116.202.82.143	24940 (HETZNER-AS) (HETZNER-AS)
4	195.201.243.71 195.201.243.71	24940 (HETZNER-AS) (HETZNER-AS)
2 2	193.232.150.45 193.232.150.45	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2 2	195.209.108.51 195.209.108.51	52007 (ADRIVER-AS) (ADRIVER-AS)
2	81.222.128.214 81.222.128.214	20597 (ELTEL-AS) (ELTEL-AS)
1	2606:4700:20:... 2606:4700:20::681a:4db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	194.190.117.93 194.190.117.93	204600 (REPUBLER-AS) (REPUBLER-AS)
2 4	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	37.18.103.16 37.18.103.16	205675 (HYBRID-AS) (HYBRID-AS)
2	185.15.175.130 185.15.175.130	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	116.202.236.228 116.202.236.228	24940 (HETZNER-AS) (HETZNER-AS)
2 2	148.251.78.49 148.251.78.49	24940 (HETZNER-AS) (HETZNER-AS)
1 1	148.251.236.118 148.251.236.118	24940 (HETZNER-AS) (HETZNER-AS)
2 2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1 1	109.248.237.36 109.248.237.36	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	95.163.37.253 95.163.37.253	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1 1	185.147.80.35 185.147.80.35	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
1 2	88.99.213.228 88.99.213.228	24940 (HETZNER-AS) (HETZNER-AS)
1 1	80.64.106.148 80.64.106.148	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1 1	5.200.44.34 5.200.44.34	48096 (ITGRAD) (ITGRAD)
1 1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1 2	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
4 4	217.66.147.163 217.66.147.163	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
2 3	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
1 1	94.130.13.220 94.130.13.220	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	65.108.1.47 65.108.1.47	24940 (HETZNER-AS) (HETZNER-AS)
1	217.65.2.150 217.65.2.150	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
2	2606:4700:10:... 2606:4700:10::6816:457	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	23.111.109.220 23.111.109.220	7979 (SERVERS-COM) (SERVERS-COM)
2 4	185.15.175.147 185.15.175.147	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
3	185.29.132.246 185.29.132.246	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	94.130.102.164 94.130.102.164	24940 (HETZNER-AS) (HETZNER-AS)
11	52.212.227.251 52.212.227.251	16509 (AMAZON-02) (AMAZON-02)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
3	138.201.135.164 138.201.135.164	24940 (HETZNER-AS) (HETZNER-AS)
4	37.157.2.239 37.157.2.239	198622 (ADFORM) (ADFORM)
17	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
140	42

14 213.170.65.253 (St Petersburg, Russian Federation)

ASN12418 (QUANTUM, RU)
PTR: tc3.ptl.ru

ancientrome.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

site.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 46.4.114.109 (Germany) 5 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1271137.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 96.46.186.57 (United States) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.82.143 (Osterhofen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1325744.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.201.243.71 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ingolstadt.aucourant.info

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.45 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp18.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.51 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.214 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad14.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:4db (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.117.93 (Russian Federation) 2 redirects

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb1.kavanga.ru

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.172.81.159 (Muehlheim am Main, Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.160 (Muehlheim am Main, Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.16 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.130 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.236.228 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.228.236.202.116.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.78.49 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-8.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.236.118 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-4.community.moscow

111911c6-4073-4944-8552-6755732dd7f2.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.36 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Purmer, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io

relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.147.80.35 (Russian Federation) 1 redirects

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: ssp2.bestssp.com

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.213.228 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-213-228.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.148 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr3.rutarget.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.200.44.34 (Moscow, Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation) 1 redirects

ASN16345 (BEE-AS Russia, RU)

0100007fd57cd26156058c0402402b0b-sp.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.97.2 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.66.147.163 (St Petersburg, Russian Federation) 4 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-163-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Moscow, Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.108.120.76 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.13.220 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.220.13.130.94.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.1.47 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.47.1.108.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:457 (United States)

ASN13335 (CLOUDFLARENET, US)

s3.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.109.220 (Russian Federation)

ASN7979 (SERVERS-COM, US)

api.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.15.175.147 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.246 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.212.227.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-227-251.eu-west-1.compute.amazonaws.com

s.update.mediamathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.135.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de

hal900015.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	adform.net track.adform.net s1.adform.net	214 KB
21	acint.net 5 redirects www.acint.net acint.net	17 KB
14	ancientrome.ru ancientrome.ru	380 KB
11	mediamathtag.com s.update.mediamathtag.com	52 KB
10	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	192 KB
10	google.com cse.google.com www.google.com clients1.google.com adservice.google.com	169 KB
7	yandex.ru 3 redirects mc.yandex.ru an.yandex.ru	135 KB
6	mts.ru 6 redirects sm.rtb.mts.ru tech.rtb.mts.ru	4 KB
6	digitaltarget.ru 2 redirects tag.digitaltarget.ru dmg.digitaltarget.ru	22 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
5	doubleclick.net 2 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	16 KB
5	yastatic.net yastatic.net	190 KB
4	redintelligence.net hal9000.redintelligence.net hal900015.redintelligence.net	6 KB
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
4	bumlam.com 2 redirects sync.bumlam.com	2 KB
4	adriver.ru 2 redirects ad.adriver.ru ssp.adriver.ru	2 KB
4	betweendigital.com 3 redirects ads.betweendigital.com	3 KB
3	cloudflare.com cdnjs.cloudflare.com	25 KB
3	advarkads.com s3.advarkads.com api.advarkads.com	8 KB
3	aidata.io 2 redirects x01.aidata.io	1 KB
3	upravel.com 3 redirects sync.upravel.com 111911c6-4073-4944-8552-6755732dd7f2.sync.upravel.com	2 KB
3	yandex.net site.yandex.net	26 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	501 B
2	rktch.com 1 redirects ut.rktch.com	683 B
2	1dmp.io 1 redirects sync.1dmp.io	814 B
2	adsniper.ru 2 redirects sync3.adsniper.ru	1 KB
2	republer.com 2 redirects sync.republer.com	951 B
2	adhigh.net 2 redirects px.adhigh.net	826 B
1	googletagservices.com www.googletagservices.com	37 KB
1	google.de adservice.google.de	792 B
1	googleadservices.com partner.googleadservices.com	647 B
1	gnezdo.ru fcgi4.gnezdo.ru	189 B
1	new-programmatic.com match.new-programmatic.com	215 B
1	bidvol.com 1 redirects ssp.bidvol.com	455 B
1	uuidksinc.net 1 redirects s.uuidksinc.net	208 B
1	buzzoola.com 1 redirects exchange.buzzoola.com	176 B
1	beeline.ru 1 redirects 0100007fd57cd26156058c0402402b0b-sp.ops.beeline.ru	635 B
1	adlook.me 1 redirects ads.adlook.me	164 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru	416 B
1	bestssp.com 1 redirects ssp.bestssp.com	304 B
1	relap.io relap.io	1019 B
1	adlmerge.com adlmerge.com	115 B
1	adlabs.ru 1 redirects stat.adlabs.ru	108 B
1	otm-r.com sync.dmp.otm-r.com	70 B
1	hybrid.ai dm-eu.hybrid.ai	239 B
1	utraff.com a.utraff.com	819 B
1	mail.ru ad.mail.ru	764 B
1	sape.ru 1 redirects ssp-rtb.sape.ru	566 B
1	jquery.com code.jquery.com	82 KB
140	49

	Domain	Requested by
17	s1.adform.net	track.adform.net s1.adform.net ancientrome.ru
17	www.acint.net	5 redirects ancientrome.ru www.acint.net
14	ancientrome.ru	ancientrome.ru
11	s.update.mediamathtag.com	tags.mathtag.com s.update.mediamathtag.com
6	www.google.com	cse.google.com www.google.com ancientrome.ru tpc.googlesyndication.com
6	pagead2.googlesyndication.com	ancientrome.ru pagead2.googlesyndication.com tpc.googlesyndication.com
5	mc.yandex.com	2 redirects ancientrome.ru
5	yastatic.net	site.yandex.net an.yandex.ru
4	track.adform.net	hal900015.redintelligence.net s1.adform.net
4	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	dmg.digitaltarget.ru	2 redirects www.acint.net
4	sm.rtb.mts.ru	4 redirects
4	sync.bumlam.com	2 redirects www.acint.net
4	acint.net	www.acint.net
4	ads.betweendigital.com	3 redirects www.acint.net
4	an.yandex.ru	1 redirects ancientrome.ru www.acint.net
3	cdnjs.cloudflare.com	s1.adform.net
3	hal900015.redintelligence.net	hal9000.redintelligence.net hal900015.redintelligence.net
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	x01.aidata.io	2 redirects www.acint.net
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	site.yandex.net	ancientrome.ru site.yandex.net
3	mc.yandex.ru	2 redirects ancientrome.ru
2	s3.advarkads.com	www.acint.net s3.advarkads.com
2	tech.rtb.mts.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	ut.rktch.com	1 redirects www.acint.net
2	sync.1dmp.io	1 redirects www.acint.net
2	cm.g.doubleclick.net	2 redirects
2	sync.upravel.com	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	sync3.adsniper.ru	2 redirects
2	sync.republer.com	2 redirects
2	ssp.adriver.ru	www.acint.net
2	ad.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	cse.google.com	ancientrome.ru www.google.com
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	ancientrome.ru
1	www.googletagservices.com	googleads.g.doubleclick.net
1	api.advarkads.com	s3.advarkads.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	clients1.google.com	ancientrome.ru
1	fcgi4.gnezdo.ru	www.acint.net
1	match.new-programmatic.com	www.acint.net
1	ssp.bidvol.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	exchange.buzzoola.com	1 redirects
1	0100007fd57cd26156058c0402402b0b-sp.ops.beeline.ru	1 redirects
1	ads.adlook.me	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	ssp.bestssp.com	1 redirects
1	relap.io	www.acint.net
1	adlmerge.com	www.acint.net
1	stat.adlabs.ru	1 redirects
1	111911c6-4073-4944-8552-6755732dd7f2.sync.upravel.com	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm-eu.hybrid.ai	www.acint.net
1	a.utraff.com	www.acint.net
1	ad.mail.ru	www.acint.net
1	ssp-rtb.sape.ru	1 redirects
1	code.jquery.com	ancientrome.ru
140	64

This site contains links to these domains. Also see Links.

Domain
www.livejournal.com
www.domkadrov.ru

Subject Issuer	Validity	Valid
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.yastatic.net Yandex CA	`2021-08-18` - `2022-02-16`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.acint.net R3	`2021-12-16` - `2022-03-16`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
tag.digitaltarget.ru R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
relap.io GeoTrust RSA CA 2018	`2021-08-26` - `2022-09-26`	a year	crt.sh
new-programmatic.com R3	`2021-10-24` - `2022-01-22`	3 months	crt.sh
fcgi4.gnezdo.ru R3	`2021-11-08` - `2022-02-06`	3 months	crt.sh
*.bumlam.com R3	`2021-12-08` - `2022-03-08`	3 months	crt.sh
advarkads.com Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.advarkads.com GlobalSign GCC R3 DV TLS CA 2020	`2020-12-03` - `2022-01-04`	a year	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
redintelligence.net R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh
update.mediamathtag.com R3	`2021-12-26` - `2022-03-26`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh

This page contains 11 frames:

Primary Page: http://ancientrome.ru/
Frame ID: C6B2B17A1B8D36DDD84054E6A269457E
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 18920BB05B14A213D4B741533EE65BDC
Requests: 1 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: 044B0B0300B2C4AA7EE67A126BF5D201
Requests: 35 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FD57CD26156058C0402402B0B
Frame ID: DD2039A7526B06D38BD7FE973C160015
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6823977357041013&output=html&h=600&slotname=9748514512&adk=2282830014&adf=2209427468&pi=t.ma~as.9748514512&w=300&lmt=1641184469&psa=0&format=300x600&url=http%3A%2F%2Fancientrome.ru%2F&flash=0&wgl=1&dt=1641184469111&bpp=1&bdt=379&idt=233&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=6616527211461&frm=20&pv=2&ga_vid=1383487822.1641184469&ga_sid=1641184469&ga_hid=2031283866&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31062930&oid=2&pvsid=553686927995087&pem=317&tmod=263&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&xpc=oQyjBhCEz1&p=http%3A//ancientrome.ru&dtd=249
Frame ID: 5904C6D25ED8CB363660BF1E7A6C7B7A
Requests: 23 HTTP requests in this frame

Frame: https://hal900015.redintelligence.net/request_content.php?s=97730800038705903891616011828015&a=e9e8a754
Frame ID: 9B000DD3C92973F1CDDB70F1455548FA
Requests: 9 HTTP requests in this frame

Frame: blob://https://googleads.g.doubleclick.net/28d5ffbc-73db-47b9-8f43-85273a120044
Frame ID: 1038A16E81AFE8EEAF7AD1FF5F12CED8
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/10664241/10664241.js?ADFassetID=10664241&bv=258
Frame ID: 37B0B2E22CCB0F725694BE425C1F7B96
Requests: 18 HTTP requests in this frame

Frame: data://truncated
Frame ID: 9B70CB4D2DCE3A83F795EC24C6F3E467
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F291F2C611A3D953636897F17CDACC52
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3F42E4B77ED7398B3A62D22ADC3F22DB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ИСТОРИЯ ДРЕВНЕГО РИМАпоиск

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

140
Requests

64 %
HTTPS

24 %
IPv6

49
Domains

64
Subdomains

42
IPs

8
Countries

1578 kB
Transfer

3827 kB
Size

90
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.livejournal.com/update.bml?event=%D0%92%D0%B5%D0%BA%2C%20%D0%BA%D0%BE%D0%B3%D0%B4%D0%B0%20%D0%BF%D1%80%D0%B0%D0%B2%D0%B8%D0%BB%20%D0%A1%D0%B0%D1%82%D1%83%D1%80%D0%BD%2C%20%D0%B7%D0%BE%D0%BB%D0%BE%D1%82%D1%8B%D0%BC%20%D0%B8%D0%BC%D0%B5%D0%BD%D1%83%D0%B5%D1%82%D1%81%D1%8F%20%D0%BD%D1%8B%D0%BD%D0%B5%3A%3Cbr%3E%D0%9C%D0%B8%D1%80%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D1%80%D0%BE%D1%82%D0%BA%D0%BE%20%D1%86%D0%B0%D1%80%D0%B8%D0%BB%20%D0%BD%D0%B0%D0%B4%20%D0%BD%D0%B0%D1%80%D0%BE%D0%B4%D0%B0%D0%BC%D0%B8%20%D0%B1%D0%BE%D0%B3%2C%20%E2%80%94%20%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D1%81%D0%BC%D0%B5%D0%BD%D1%83%3Cbr%3E%D0%A5%D1%83%D0%B4%D1%88%D0%B8%D0%B9%20%D0%B2%D0%B5%D0%BA%20%D0%BD%D0%B0%D1%81%D1%82%D1%83%D0%BF%D0%B8%D0%BB%2C%20%D0%B8%20%D0%BB%D1%8E%D0%B4%D1%81%D0%BA%D0%BE%D0%B5%20%D0%B8%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B8%D0%BB%D0%BE%D1%81%D1%8C%20%D0%BF%D0%BB%D0%B5%D0%BC%D1%8F%2C%3Cbr%3E%D0%AF%D1%80%D0%BE%D1%81%D1%82%D0%BD%D0%BE%D0%B9%20%D0%B6%D0%B0%D0%B6%D0%B4%D0%BE%D0%B9%20%D0%B2%D0%BE%D0%B9%D0%BD%D1%8B%20%D0%BE%D0%B4%D0%B5%D1%80%D0%B6%D0%B8%D0%BC%D0%BE%20%D0%B8%20%D1%81%D1%82%D1%80%D0%B0%D1%81%D1%82%D1%8C%D1%8E%20%D0%BA%20%D0%BD%D0%B0%D0%B6%D0%B8%D0%B2%D0%B5.%20(%3Ca%20href%3Dhttp%3A%2F%2Fancientrome.ru%2Fantlitr%2Ft.htm%3Fa%3D1375300008%3E%D0%92%D0%B5%D1%80%D0%B3%D0%B8%D0%BB%D0%B8%D0%B9.%20%D0%AD%D0%BD%D0%B5%D0%B8%D0%B4%D0%B0.%20%D0%9A%D0%BD.%20VIII%3C%2Fa%3E).&subject=%D0%92%D0%B5%D1%80%D0%B3%D0%B8%D0%BB%D0%B8%D0%B9.%20%D0%AD%D0%BD%D0%B5%D0%B8%D0%B4%D0%B0.%20%D0%9A%D0%BD.%20VIII.

Search URL Search Domain Scan URL

URL: https://www.domkadrov.ru/
Title: вакансии для Вас

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://mc.yandex.ru/metrika/watch.js HTTP 302
https://mc.yandex.ru/metrika/watch.js

Request Chain 30

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9506.31HJZKwcVDb47iQMfJgSEoRoQEyv9Q7-1EF6-VdfKv_umVLTFa05BJvZV3iKK5YV.sSTULM0SYHw0hU_hjbOG7MWPD74%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9506.ZdLwxbWJCW7XoCWsIejvGBxnTuMfNmvkietlOhReaXbop7c5_Efp1E9lMXOBtKgcW87uhrUTOOBMeXfPnaiVWg%2C%2C.3o9REQwZZUoUIMX2nWhQA3fkfCI%2C

Request Chain 32

http://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10&tc=1

Request Chain 33

http://www.acint.net/hit/?v=0.4.0&uid=3d1e0efb-d22c-441d-a538-f63dd54650b7&dp=10&tz=%2B00%3A00&nc=86166184&u=http%3A%2F%2Fancientrome.ru%2F&r=&rs=1600x1200&t=%D0%98%D0%A1%D0%A2%D0%9E%D0%A0%D0%98%D0%AF%20%D0%94%D0%A0%D0%95%D0%92%D0%9D%D0%95%D0%93%D0%9E%20%D0%A0%D0%98%D0%9C%D0%90&oE=1&oP=1&dT=2022-01-03T04%3A34%3A29.168&fu=7c72e38b-7062-4d7f-b221-c30695fbbe82 HTTP 302
https://www.acint.net/hit/?v=0.4.0&uid=3d1e0efb-d22c-441d-a538-f63dd54650b7&dp=10&tz=%2B00%3A00&nc=86166184&u=http%3A%2F%2Fancientrome.ru%2F&r=&rs=1600x1200&t=%D0%98%D0%A1%D0%A2%D0%9E%D0%A0%D0%98%D0%AF%20%D0%94%D0%A0%D0%95%D0%92%D0%9D%D0%95%D0%93%D0%9E%20%D0%A0%D0%98%D0%9C%D0%90&oE=1&oP=1&dT=2022-01-03T04%3A34%3A29.168&fu=7c72e38b-7062-4d7f-b221-c30695fbbe82

Request Chain 36

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FD57CD26156058C0402402B0B HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FD57CD26156058C0402402B0B&crf=1

Request Chain 37

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=0100007FD57CD2611300C1AB029705DE

Request Chain 38

https://px.adhigh.net/p/cm/sape?u=0100007FD57CD26156058C0402402B0B HTTP 302
https://px.adhigh.net/p/cm/sape?u=0100007FD57CD26156058C0402402B0B&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=7G2f2Y1dZQI.AikABlF-HjehcA

Request Chain 40

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4504447599 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=APE6Ghgx2HBAoqG0MiTbGNg&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FD57CD26156058C0402402B0B

Request Chain 42

https://sync.republer.com/match?dsp=sape HTTP 307
https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
https://sync.bumlam.com/?src=rp1&uid=ffcbd9b8-ff00-4382-af28-7486520955c7 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjV-cmOBlIEioaQK2IkZmZjYmQ5YjgtZmYwMC00MzgyLWFmMjgtNzQ4NjUyMDk1NWM3 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjV-cmOBlIEioaQK2IkZmZjYmQ5YjgtZmYwMC00MzgyLWFmMjgtNzQ4NjUyMDk1NWM3ogEQcLBINGxOEeyG4AAlkMBkfA** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQABjV-cmOBmIkZmZjYmQ5YjgtZmYwMC00MzgyLWFmMjgtNzQ4NjUyMDk1NWM3ogEQcLBINGxOEeyG4AAlkMBkfA** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQARjV-cmOBmIkZmZjYmQ5YjgtZmYwMC00MzgyLWFmMjgtNzQ4NjUyMDk1NWM3ogEQcLBINGxOEeyG4AAlkMBkfA**

Request Chain 46

https://sync.upravel.com/sape/sync HTTP 302
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP 302
https://111911c6-4073-4944-8552-6755732dd7f2.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP 302
https://www.acint.net/match?dp=71&euid=111911c6-4073-4944-8552-6755732dd7f2

Request Chain 47

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf9V80mFWBYwEAkArCw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf9V80mFWBYwEAkArCw&google_tc= HTTP 302
https://www.acint.net/match?dp=77&euid=

Request Chain 48

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007FD57CD26156058C0402402B0B HTTP 302
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007FD57CD26156058C0402402B0B

Request Chain 51

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP 302
https://www.acint.net/match?dp=95&euid=BWWBJFZC

Request Chain 52

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FD57CD26156058C0402402B0B HTTP 302
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FD57CD26156058C0402402B0B&cs=1

Request Chain 53

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=YBu6R5F8kfRs

Request Chain 54

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://acint.net/match?dp=107&euid=76d2253f-b650-5303-bc67-5ec4ddb52211

Request Chain 55

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=13fffd7abf5e43109bd6388a30ed5462

Request Chain 56

https://0100007fd57cd26156058c0402402b0b-sp.ops.beeline.ru/p?ssp=sp&id=0100007FD57CD26156058C0402402B0B HTTP 301
https://www.acint.net/match?dp=111&euid=07f652ed-9cbb-4e85-b5f8-25a579c92642

Request Chain 57

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007FD57CD26156058C0402402B0B HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1023628667 HTTP 302
https://ut.rktch.com/matchspm?pi=1000006&pui=5.UmRpZeWkTmIcoDOvkkh.&noredirect

Request Chain 58

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007FD57CD26156058C0402402B0B HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FD57CD26156058C0402402B0B HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=58c11045-24a6-4a62-b51c-76b99278e510&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D2%2526ssp%253Daidata%2526id%253D%2524UID HTTP 302
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID

Request Chain 59

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=18b8d3a7-deda-4d96-4088-c2595bdac509

Request Chain 60

https://s.uuidksinc.net/match/396/?remote_uid=0100007FD57CD26156058C0402402B0B HTTP 302
https://www.acint.net/match?dp=127&euid=Zm8Y2JPvhNhAf6ivYOg9

Request Chain 61

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=za3v44xm2p

Request Chain 64

https://x01.aidata.io/0.gif?pid=9401454&id=0100007FD57CD26156058C0402402B0B HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007FD57CD26156058C0402402B0B&bounce=1 HTTP 302
https://sm.rtb.mts.ru/p?ssp=aidata&id=2SuMky5N29MDH4u1LxHWKg HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=51&exu=2SuMky5N29MDH4u1LxHWKg HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=58c11045-24a6-4a62-b51c-76b99278e510&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FWMEQRSSmSmK1HHa5knjlEA%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D51%2526em%253D0%2526exu%253D2SuMky5N29MDH4u1LxHWKg%26sign%3D2434464838 HTTP 302
https://an.yandex.ru/setud/mts_banner/WMEQRSSmSmK1HHa5knjlEA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3D2SuMky5N29MDH4u1LxHWKg&sign=2434464838

Request Chain 66

https://an.yandex.ru/mapuid/sapeis/0100007FD57CD26156058C0402402B0B HTTP 302
https://an.yandex.ru/mapuid/sapeis/0100007FD57CD26156058C0402402B0B?redir-setuniq=1

Request Chain 68

https://mc.yandex.com/watch/12699646?wmode=7&page-url=http%3A%2F%2Fancientrome.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A273%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A891546325266%3Ahid%3A518369605%3Az%3A0%3Ai%3A20220103043429%3Aet%3A1641184469%3Ac%3A1%3Arn%3A452755278%3Arqn%3A1%3Au%3A1641184469214268818%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1641184468580%3Ads%3A50%2C38%2C61%2C1%2C0%2C0%2C%2C380%2C%2C%2C%2C%2C%3Adsn%3A50%2C38%2C61%2C1%2C0%2C0%2C%2C381%2C%2C%2C%2C%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1641184469%3At%3A%D0%98%D0%A1%D0%A2%D0%9E%D0%A0%D0%98%D0%AF%20%D0%94%D0%A0%D0%95%D0%92%D0%9D%D0%95%D0%93%D0%9E%20%D0%A0%D0%98%D0%9C%D0%90&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/12699646/1?wmode=7&page-url=http%3A%2F%2Fancientrome.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A273%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A891546325266%3Ahid%3A518369605%3Az%3A0%3Ai%3A20220103043429%3Aet%3A1641184469%3Ac%3A1%3Arn%3A452755278%3Arqn%3A1%3Au%3A1641184469214268818%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1641184468580%3Ads%3A50%2C38%2C61%2C1%2C0%2C0%2C%2C380%2C%2C%2C%2C%2C%3Adsn%3A50%2C38%2C61%2C1%2C0%2C0%2C%2C381%2C%2C%2C%2C%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1641184469%3At%3A%D0%98%D0%A1%D0%A2%D0%9E%D0%A0%D0%98%D0%AF%20%D0%94%D0%A0%D0%95%D0%92%D0%9D%D0%95%D0%93%D0%9E%20%D0%A0%D0%98%D0%9C%D0%90&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 80

https://dmg.digitaltarget.ru/1/1093/i/i?i=77254935676084.97699253157403&a=77&e=0100007FD57CD26156058C0402402B0B&pref=http%3A%2F%2Fancientrome.ru%2F&c=ss:77.up:0100007FD57CD26156058C0402402B0B.sync:up.xdua:duMVPBn2pNaqubu4E75E6gaE.xps:xps1Qyj4C0DR7iGgQKDxCN7Sp.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=77254935676084.97699253157403&a=77&e=0100007FD57CD26156058C0402402B0B&pref=http%3A%2F%2Fancientrome.ru%2F&c=ss:77.up:0100007FD57CD26156058C0402402B0B.sync:up.xdua:duMVPBn2pNaqubu4E75E6gaE.xps:xps1Qyj4C0DR7iGgQKDxCN7Sp.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Request Chain 81

https://dmg.digitaltarget.ru/1/1093/i/i?i=77254935676084.606431592927958&a=77&e=0100007FD57CD26156058C0402402B0B&pref=http%3A%2F%2Fancientrome.ru%2F&c=ss:77.up:0100007FD57CD26156058C0402402B0B.sync:up.xdua:duMVPBn2pNaqubu4E75E6gaE.xps:xps1Qyj4C0DR7iGgQKDxCN7Sp.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=77254935676084.606431592927958&a=77&e=0100007FD57CD26156058C0402402B0B&pref=http%3A%2F%2Fancientrome.ru%2F&c=ss:77.up:0100007FD57CD26156058C0402402B0B.sync:up.xdua:duMVPBn2pNaqubu4E75E6gaE.xps:xps1Qyj4C0DR7iGgQKDxCN7Sp.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Request Chain 140

http://www.acint.net/ping/?v=0.4.0&uid=3d1e0efb-d22c-441d-a538-f63dd54650b7&dp=10&tz=%2B00%3A00&nc=88932940&dT=2022-01-03T04%3A34%3A32.171 HTTP 302
https://www.acint.net/ping/?v=0.4.0&uid=3d1e0efb-d22c-441d-a538-f63dd54650b7&dp=10&tz=%2B00%3A00&nc=88932940&dT=2022-01-03T04%3A34%3A32.171

140 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
ancientrome.ru/ 21 KB
6 KB 149ms
61ms Document
text/html 213.170.65.253
QUANTUM

General

Check archive.org

Show headers Download Go to

Full URL: http://ancientrome.ru/
Protocol: HTTP/1.1
Server: 213.170.65.253 St Petersburg, Russian Federation, ASN12418 (QUANTUM, RU),
Reverse DNS: tc3.ptl.ru
Software: Apache/2.4.10 (Debian) / PHP/5.6.40
Resource Hash: c1fb50d33478f4e3111fd3e0cbf9049286a2c3f33467eecf2d236b29b6b79771

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Mon, 03 Jan 2022 04:34:28 GMT
Server: Apache/2.4.10 (Debian)
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6146
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=windows-1251

GET
H/1.1 200
OK jquery-latest.js Show response
code.jquery.com/ 276 KB
82 KB 41ms
15ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery-latest.js
Requested by: Host: ancientrome.ru
URL: http://ancientrome.ru/
Protocol: HTTP/1.1
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:28 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Aug 2021 17:47:53 GMT
Server: nginx
ETag: W/"611feac9-4508e"
Vary: Accept-Encoding
X-HW: 1641184468.dop248.am5.t,1641184468.cds291.am5.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 83875

GET
H/1.1 200
OK 2015-plus01.png
ancientrome.ru/ 1017 B
1 KB 40ms
40ms Image
image/png 213.170.65.253
QUANTUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ancientrome.ru/2015-plus01.png
Requested by: Host: ancientrome.ru
URL: http://ancientrome.ru/
Protocol: HTTP/1.1
Server: 213.170.65.253 St Petersburg, Russian Federation, ASN12418 (QUANTUM, RU),
Reverse DNS: tc3.ptl.ru
Software: Apache/2.4.10 (Debian) /
Resource Hash: ed36aad4621b3cd4e89eadb45021cedfd2e5dcaf31a04732fe13e5e1d2d33cbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:28 GMT
Last-Modified: Fri, 05 Jun 2015 05:08:59 GMT
Server: Apache/2.4.10 (Debian)
ETag: "3f9-517be4a2ddae3"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1017

GET
H/1.1 200
OK share42.js Show response
ancientrome.ru/site/share42/cit/ 3 KB
2 KB 40ms
39ms Script
application/javascript 213.170.65.253
QUANTUM

General

Check archive.org

Show headers Download Go to

Full URL: http://ancientrome.ru/site/share42/cit/share42.js
Requested by: Host: ancientrome.ru
URL: http://ancientrome.ru/
Protocol: HTTP/1.1
Server: 213.170.65.253 St Petersburg, Russian Federation, ASN12418 (QUANTUM, RU),
Reverse DNS: tc3.ptl.ru
Software: Apache/2.4.10 (Debian) /
Resource Hash: 3d71f2e5df370d16157c84edc2261201ea80f022a4506f7f736b0286e6e154c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Apr 2019 06:25:52 GMT
Server: Apache/2.4.10 (Debian)
ETag: "c85-58740c5fac8df-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1336

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 184ms
74ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-6823977357041013:6516223532

Requested by

Host: ancientrome.ru
URL: http://ancientrome.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

df52175a82afa071b5a1fceb149bb96581def8c516708c611f269fb0d4e05fa0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Mon, 03 Jan 2022 04:34:28 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3595
x-xss-protection: 0
expires: Mon, 03 Jan 2022 04:34:28 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 93ms
57ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ancientrome.ru
URL: http://ancientrome.ru/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c644366f2968bf9c12b25aaf2604eb05fd76446c95c3ed6229edf1e19d38137d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Mon, 03 Jan 2022 04:34:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 3244066188556479824
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 51752
X-XSS-Protection: 0
Expires: Mon, 03 Jan 2022 04:34:28 GMT

GET
H2

200

watch.js Show response
mc.yandex.ru/metrika/
Redirect Chain

http://mc.yandex.ru/metrika/watch.js
https://mc.yandex.ru/metrika/watch.js

134 KB
48 KB

124ms
61ms

Script
application/javascript

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: ancientrome.ru
URL: http://ancientrome.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

13478bdce3b05abe223de8fe7aeab8fa7e1c0599adde7b20944739374757ecfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:28 GMT
content-encoding: br
last-modified: Tue, 28 Dec 2021 12:05:22 GMT
etag: "61cad352-bd04"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 48388
expires: Mon, 03 Jan 2022 05:34:28 GMT

Redirect headers

Location: https://mc.yandex.ru/metrika/watch.js
Content-Length: 0

GET
H/1.1 200
OK all.js Show response
site.yandex.net/v2.0/js/ 56 KB
18 KB 161ms
30ms Script
application/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

http://site.yandex.net/v2.0/js/all.js

Requested by

Host: ancientrome.ru
URL: http://ancientrome.ru/

Protocol

HTTP/1.1

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

70a0083e92cf715231f7734f0ecf0365c77ec3fdfe97921d75b39afd09871711

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:28 GMT
Content-Encoding: gzip
NEL: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Report-To: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Connection: keep-alive
Content-Length: 17550
Timing-Allow-Origin: *
Last-Modified: Thu, 14 Jan 2021 10:10:45 GMT
Server: nginx/1.17.9
Etag: "8f2519316a4049b587937d3aad5b2c1c"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=43200000; includeSubDomains;
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=216013
Accept-Ranges: bytes
X-Robots-Tag: noindex, noarchive, nofollow
Keep-Alive: timeout=5
Expires: Wed, 05 Jan 2022 16:30:22 GMT

GET
H/1.1 200
OK 2015-body02.jpg
ancientrome.ru/ 104 KB
104 KB 40ms
39ms Image
image/jpeg 213.170.65.253
QUANTUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ancientrome.ru/2015-body02.jpg
Requested by: Host: ancientrome.ru
URL: http://ancientrome.ru/
Protocol: HTTP/1.1
Server: 213.170.65.253 St Petersburg, Russian Federation, ASN12418 (QUANTUM, RU),
Reverse DNS: tc3.ptl.ru
Software: Apache/2.4.10 (Debian) /
Resource Hash: 21e2a89aa806062dc702710197d808cad0376f4b13a9d7650b32907d0adc9527

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:28 GMT
Last-Modified: Sat, 27 Jun 2015 02:50:46 GMT
Server: Apache/2.4.10 (Debian)
ETag: "19e4d-51976ec65750b"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 106061

GET
H/1.1 200
OK 2015-right10.jpg
ancientrome.ru/ 56 KB
56 KB 86ms
43ms Image
image/jpeg 213.170.65.253
QUANTUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ancientrome.ru/2015-right10.jpg
Requested by: Host: ancientrome.ru
URL: http://ancientrome.ru/
Protocol: HTTP/1.1
Server: 213.170.65.253 St Petersburg, Russian Federation, ASN12418 (QUANTUM, RU),
Reverse DNS: tc3.ptl.ru
Software: Apache/2.4.10 (Debian) /
Resource Hash: fd55422ffde72e3fea5a615a48dc75bb77bdea7f1b24227e0d3af38d3b4cdd62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:28 GMT
Last-Modified: Wed, 18 Jan 2017 19:22:36 GMT
Server: Apache/2.4.10 (Debian)
ETag: "de26-5466356d6aaf0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 56870

GET
H/1.1 200
OK 2015-main09.jpg
ancientrome.ru/ 59 KB
59 KB 93ms
47ms Image
image/jpeg 213.170.65.253
QUANTUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ancientrome.ru/2015-main09.jpg
Requested by: Host: ancientrome.ru
URL: http://ancientrome.ru/
Protocol: HTTP/1.1
Server: 213.170.65.253 St Petersburg, Russian Federation, ASN12418 (QUANTUM, RU),
Reverse DNS: tc3.ptl.ru
Software: Apache/2.4.10 (Debian) /
Resource Hash: bbbb2e618b91c4b652c76496811c6cf13128e8dd7507d90443853496430fdc5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:28 GMT
Last-Modified: Thu, 04 Jun 2015 15:14:28 GMT
Server: Apache/2.4.10 (Debian)
ETag: "eaad-517b2a1b65dd5"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 60077

GET
H/1.1 200
OK 2015-titlefon01.jpg
ancientrome.ru/ 4 KB
4 KB 117ms
39ms Image
image/jpeg 213.170.65.253
QUANTUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ancientrome.ru/2015-titlefon01.jpg
Requested by: Host: ancientrome.ru
URL: http://ancientrome.ru/
Protocol: HTTP/1.1
Server: 213.170.65.253 St Petersburg, Russian Federation, ASN12418 (QUANTUM, RU),
Reverse DNS: tc3.ptl.ru
Software: Apache/2.4.10 (Debian) /
Resource Hash: d524a5362d8ff7b99e09e50ddb42ab81018f788d24a1fc226177f4b09ff3257c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:28 GMT
Last-Modified: Sat, 27 Jun 2015 15:12:20 GMT
Server: Apache/2.4.10 (Debian)
ETag: "104b-5198148797729"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4171

GET
H/1.1 200
OK 2015-title07.png
ancientrome.ru/ 7 KB
7 KB 119ms
40ms Image
image/png 213.170.65.253
QUANTUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ancientrome.ru/2015-title07.png
Requested by: Host: ancientrome.ru
URL: http://ancientrome.ru/
Protocol: HTTP/1.1
Server: 213.170.65.253 St Petersburg, Russian Federation, ASN12418 (QUANTUM, RU),
Reverse DNS: tc3.ptl.ru
Software: Apache/2.4.10 (Debian) /
Resource Hash: 1970fec97e8655839cb89c913427124f7c85a08a6280ea26028fd560da252963

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:28 GMT
Last-Modified: Fri, 26 Jun 2015 22:54:06 GMT
Server: Apache/2.4.10 (Debian)
ETag: "1c9b-519739dfd278f"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7323

GET
H/1.1 200
OK 2015-title08.png
ancientrome.ru/ 8 KB
9 KB 157ms
39ms Image
image/png 213.170.65.253
QUANTUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ancientrome.ru/2015-title08.png
Requested by: Host: ancientrome.ru
URL: http://ancientrome.ru/
Protocol: HTTP/1.1
Server: 213.170.65.253 St Petersburg, Russian Federation, ASN12418 (QUANTUM, RU),
Reverse DNS: tc3.ptl.ru
Software: Apache/2.4.10 (Debian) /
Resource Hash: 56be483d7176b82d080965721955e9247c6d17ce81d772b02393ae2867afc3a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:28 GMT
Last-Modified: Fri, 26 Jun 2015 23:08:24 GMT
Server: Apache/2.4.10 (Debian)
ETag: "20f0-51973d1294117"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 8432

GET
H/1.1 200
OK 2015-title09.png
ancientrome.ru/ 6 KB
6 KB 70ms
39ms Image
image/png 213.170.65.253
QUANTUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ancientrome.ru/2015-title09.png
Requested by: Host: ancientrome.ru
URL: http://ancientrome.ru/
Protocol: HTTP/1.1
Server: 213.170.65.253 St Petersburg, Russian Federation, ASN12418 (QUANTUM, RU),
Reverse DNS: tc3.ptl.ru
Software: Apache/2.4.10 (Debian) /
Resource Hash: 1ab4cfef93a4e37bd115bd517767f9c066efa58fe67a50952ad8596a8930dd3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:28 GMT
Last-Modified: Fri, 26 Jun 2015 23:13:12 GMT
Server: Apache/2.4.10 (Debian)
ETag: "16fd-51973e24ed79b"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5885

GET
H/1.1 200
OK 2015-cit11.jpg
ancientrome.ru/ 66 KB
66 KB 68ms
39ms Image
image/jpeg 213.170.65.253
QUANTUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ancientrome.ru/2015-cit11.jpg
Requested by: Host: ancientrome.ru
URL: http://ancientrome.ru/
Protocol: HTTP/1.1
Server: 213.170.65.253 St Petersburg, Russian Federation, ASN12418 (QUANTUM, RU),
Reverse DNS: tc3.ptl.ru
Software: Apache/2.4.10 (Debian) /
Resource Hash: 725a7d8d1f0b5a207399291b63d6f6082ffe2206edf784db1101e8d3c3e60308

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:28 GMT
Last-Modified: Sat, 27 Jun 2015 15:12:20 GMT
Server: Apache/2.4.10 (Debian)
ETag: "10641-51981486ec8c9"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 67137

GET
H/1.1 200
Ok context.js Show response
an.yandex.ru/system/ 306 KB
86 KB 123ms
87ms Script
text/javascript 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

http://an.yandex.ru/system/context.js

Requested by

Host: ancientrome.ru
URL: http://ancientrome.ru/

Protocol

HTTP/1.1

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

cf064b2379e5628636e24f5a913249e7177fef995d750900c290206fa2c2a9cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://ancientrome.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Timing-Allow-Origin: *
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Yandex-Req-Id: 1641184468937441-1693487335005816864200258-production-app-host-sas-pcode-107
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
X-Robots-Tag: noindex, noarchive, nofollow
Keep-Alive: timeout=600
Expires: Mon, 03 Jan 2022 05:34:28 GMT

GET
H/1.1 200
OK 2015-centerbot01.png
ancientrome.ru/ 2 KB
3 KB 66ms
40ms Image
image/png 213.170.65.253
QUANTUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ancientrome.ru/2015-centerbot01.png
Requested by: Host: ancientrome.ru
URL: http://ancientrome.ru/
Protocol: HTTP/1.1
Server: 213.170.65.253 St Petersburg, Russian Federation, ASN12418 (QUANTUM, RU),
Reverse DNS: tc3.ptl.ru
Software: Apache/2.4.10 (Debian) /
Resource Hash: ea3f3506fd8c2077599873ebde7b425c91fff1e1fc2e23328faa550588804092

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:28 GMT
Last-Modified: Sat, 27 Jun 2015 00:25:27 GMT
Server: Apache/2.4.10 (Debian)
ETag: "9df-51974e4bb96ed"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2527

GET
H2 200 cse_element__ru.js Show response
www.google.com/cse/static/element/ff97a008b4153450/ 304 KB
100 KB 133ms
46ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/ff97a008b4153450/cse_element__ru.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6823977357041013:6516223532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24a8d0334c4e95b7516a53cd7c2ae6b5dd4bcfaa706729f4ea7ce0d75a89c093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 22:57:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102609
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 15:35:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 29 Dec 2022 22:57:04 GMT

GET
H2 200 default+ru.css
www.google.com/cse/static/element/ff97a008b4153450/ 41 KB
9 KB 127ms
40ms Stylesheet
text/css 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/ff97a008b4153450/default+ru.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6823977357041013:6516223532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 22:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 15:35:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 31 Dec 2022 22:54:48 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 125ms
40ms Stylesheet
text/css 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6823977357041013:6516223532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 03 Jan 2022 05:03:53 GMT

GET
H2 200 jquery.min.js Show response
yastatic.net/jquery/1.6.2/ 89 KB
28 KB 128ms
59ms Script
application/x-javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/jquery/1.6.2/jquery.min.js

Requested by

Host: site.yandex.net
URL: http://site.yandex.net/v2.0/js/all.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 28368
x-nginx-request-id: 5880a031f8692a6a
last-modified: Mon, 12 Nov 2018 13:13:42 GMT
server: nginx/1.17.9
etag: "57f5e4ce99f95e1eb0f18d52b65b6769"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Dec 2022 22:04:30 GMT

GET
H2 200 df33dbe1402aaf687b35.js Show response
yastatic.net/partner-code-bundles/51606/ 13 KB
5 KB 94ms
33ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/51606/df33dbe1402aaf687b35.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

372dffde99de75a38cffd9e91b3a243fcc2ee27a830ab88828977f3cc445c02e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ancientrome.ru/
Origin: http://ancientrome.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4461
last-modified: Thu, 30 Dec 2021 16:20:56 GMT
server: nginx/1.17.9
etag: "32b256be5edf52db2324bcc6effd920d"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jan 2052 11:09:41 GMT

GET
H2 200 a61e3ee7550ae5bc35ff.js Show response
yastatic.net/partner-code-bundles/51606/ 80 KB
17 KB 168ms
109ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/51606/a61e3ee7550ae5bc35ff.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ac7a0dc25d42c08d084f913c18056485eb69816c85cddef6495218cd362b1289

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ancientrome.ru/
Origin: http://ancientrome.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17113
last-modified: Thu, 30 Dec 2021 16:20:56 GMT
server: nginx/1.17.9
etag: "5e1bf24edbd6f9ae03e13d4dc92e9a8c"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jan 2052 11:09:41 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 168ms
109ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ancientrome.ru/
Origin: http://ancientrome.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jan 2052 11:09:41 GMT

GET
H2 200 62a7c7c9150fc4826c55.js Show response
yastatic.net/partner-code-bundles/51606/ 641 KB
131 KB 117ms
62ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/51606/62a7c7c9150fc4826c55.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

106ccb7fc4f13ebede7aad729095182dadd2fc305750d01c99dfbefc426be17d

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ancientrome.ru/
Origin: http://ancientrome.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 133233
last-modified: Thu, 30 Dec 2021 16:20:56 GMT
server: nginx/1.17.9
etag: "0edbf8296c6f4e5bb6feeda44bc21720"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jan 2052 11:08:27 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 276 KB
100 KB 149ms
63ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6823977357041013&plah=ancientrome.ru

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101734
x-xss-protection: 0
server: cafe
etag: 4507154694380913909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 04:34:29 GMT

GET
H/1.1 200
OK 2015-left05.jpg
ancientrome.ru/ 50 KB
51 KB 47ms
47ms Image
image/jpeg 213.170.65.253
QUANTUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ancientrome.ru/2015-left05.jpg
Requested by: Host: ancientrome.ru
URL: http://ancientrome.ru/
Protocol: HTTP/1.1
Server: 213.170.65.253 St Petersburg, Russian Federation, ASN12418 (QUANTUM, RU),
Reverse DNS: tc3.ptl.ru
Software: Apache/2.4.10 (Debian) /
Resource Hash: 2883eb90e67c7c0a2ff6037de2138b7cba7038bf6f85d01cd2504a71e934792c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Last-Modified: Sat, 27 Jun 2015 13:02:16 GMT
Server: Apache/2.4.10 (Debian)
ETag: "c928-5197f774468cd"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 51496

GET
H/1.1 200
OK 2015-nav02.png
ancientrome.ru/ 6 KB
6 KB 44ms
43ms Image
image/png 213.170.65.253
QUANTUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ancientrome.ru/2015-nav02.png
Requested by: Host: ancientrome.ru
URL: http://ancientrome.ru/
Protocol: HTTP/1.1
Server: 213.170.65.253 St Petersburg, Russian Federation, ASN12418 (QUANTUM, RU),
Reverse DNS: tc3.ptl.ru
Software: Apache/2.4.10 (Debian) /
Resource Hash: 54d0bf7d5ca422489033413e60ec49257e7365bba8ff49f0b284aedc5e057dbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Last-Modified: Sat, 27 Jun 2015 22:56:24 GMT
Server: Apache/2.4.10 (Debian)
ETag: "180e-51987c41b7441"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6158

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 1892 11 KB
5 KB 125ms
39ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 02 Jan 2022 18:37:20 GMT
expires: Sun, 16 Jan 2022 18:37:20 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 35829
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aci.js Show response
www.acint.net/ 22 KB
7 KB 43ms
11ms Script
application/x-javascript 46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: ancientrome.ru
URL: http://ancientrome.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
content-encoding: gzip
last-modified: Mon, 29 Nov 2021 13:21:32 GMT
server: openresty
etag: "61a4d3dc-1d25"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7461
expires: Mon, 03 Jan 2022 16:34:29 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9506.31HJZKwcVDb47iQMfJgSEoRoQEyv9Q7-1EF6-VdfKv_umVLTFa05BJvZV3iKK5YV.sSTULM0SYHw0hU_hjbOG7MWPD74%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9506.ZdLwxbWJCW7XoCWsIejvGBxnTuMfNmvkietlOhReaXbop7c5_Efp1E9lMXOBtKgcW87uhrUTOOBMeXfPnaiVWg%2C%2C.3o9REQwZZUoUIMX2nWhQA3fkfCI%2C

75 B
75 B

31ms
31ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9506.ZdLwxbWJCW7XoCWsIejvGBxnTuMfNmvkietlOhReaXbop7c5_Efp1E9lMXOBtKgcW87uhrUTOOBMeXfPnaiVWg%2C%2C.3o9REQwZZUoUIMX2nWhQA3fkfCI%2C

Requested by

Host: ancientrome.ru
URL: http://ancientrome.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9506.ZdLwxbWJCW7XoCWsIejvGBxnTuMfNmvkietlOhReaXbop7c5_Efp1E9lMXOBtKgcW87uhrUTOOBMeXfPnaiVWg%2C%2C.3o9REQwZZUoUIMX2nWhQA3fkfCI%2C
date: Mon, 03 Jan 2022 04:34:29 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
160 B 32ms
31ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: ancientrome.ru
URL: http://ancientrome.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
last-modified: Thu, 23 Dec 2021 16:10:01 GMT
etag: "61c47529-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 03 Jan 2022 05:34:29 GMT

GET
H2

200

/ Show response
www.acint.net/mc/ Frame 044B
Redirect Chain

http://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10&tc=1

4 KB
4 KB

12ms
12ms

Document
text/html

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=10&tc=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: 56d647ad05efa43da978dfe0f5f90bbc990992d21dceb92b682eafa24d962732

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/

Response headers

server: openresty
date: Mon, 03 Jan 2022 04:34:29 GMT
content-type: text/html
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip

Redirect headers

server: openresty
date: Mon, 03 Jan 2022 04:34:29 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1

GET
H2

200

/
www.acint.net/hit/
Redirect Chain

http://www.acint.net/hit/?v=0.4.0&uid=3d1e0efb-d22c-441d-a538-f63dd54650b7&dp=10&tz=%2B00%3A00&nc=86166184&u=http%3A%2F%2Fancientrome.ru%2F&r=&rs=1600x1200&t=%D0%98%D0%A1%D0%A2%D0%9E%D0%A0%D0%98%D0...
https://www.acint.net/hit/?v=0.4.0&uid=3d1e0efb-d22c-441d-a538-f63dd54650b7&dp=10&tz=%2B00%3A00&nc=86166184&u=http%3A%2F%2Fancientrome.ru%2F&r=&rs=1600x1200&t=%D0%98%D0%A1%D0%A2%D0%9E%D0%A0%D0%98%D...

43 B
341 B

11ms
10ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.4.0&uid=3d1e0efb-d22c-441d-a538-f63dd54650b7&dp=10&tz=%2B00%3A00&nc=86166184&u=http%3A%2F%2Fancientrome.ru%2F&r=&rs=1600x1200&t=%D0%98%D0%A1%D0%A2%D0%9E%D0%A0%D0%98%D0%AF%20%D0%94%D0%A0%D0%95%D0%92%D0%9D%D0%95%D0%93%D0%9E%20%D0%A0%D0%98%D0%9C%D0%90&oE=1&oP=1&dT=2022-01-03T04%3A34%3A29.168&fu=7c72e38b-7062-4d7f-b221-c30695fbbe82
Requested by: Host: ancientrome.ru
URL: http://ancientrome.ru/
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/hit/?v=0.4.0&uid=3d1e0efb-d22c-441d-a538-f63dd54650b7&dp=10&tz=%2B00%3A00&nc=86166184&u=http%3A%2F%2Fancientrome.ru%2F&r=&rs=1600x1200&t=%D0%98%D0%A1%D0%A2%D0%9E%D0%A0%D0%98%D0%AF%20%D0%94%D0%A0%D0%95%D0%92%D0%9D%D0%95%D0%93%D0%9E%20%D0%A0%D0%98%D0%9C%D0%90&oE=1&oP=1&dT=2022-01-03T04%3A34%3A29.168&fu=7c72e38b-7062-4d7f-b221-c30695fbbe82
Date: Mon, 03 Jan 2022 04:34:29 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H2 200 opensearch.js Show response
site.yandex.net/v2.0/js/ 22 KB
7 KB 32ms
32ms Script
application/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://site.yandex.net/v2.0/js/opensearch.js

Requested by

Host: site.yandex.net
URL: http://site.yandex.net/v2.0/js/all.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

cb680dda19a174fc226c8d0df81c04ed7496e9ad226df863f98b6d87b7a9392e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 6188
last-modified: Thu, 14 Jan 2021 10:10:45 GMT
server: nginx/1.17.9
etag: "1df256fb3e065fdf3b47b6ac51380393"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jan 2022 16:30:22 GMT

GET
H2 200 search.png
site.yandex.net/v2.0/i/ 771 B
1 KB 32ms
31ms Image
image/png 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://site.yandex.net/v2.0/i/search.png

Requested by

Host: ancientrome.ru
URL: http://ancientrome.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

49c6ca26c2e3b18d1ef9f08f6f5eb5d3b26ebf13fd246e717072b9075df6fd2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 771
last-modified: Thu, 14 Jan 2021 10:10:45 GMT
server: nginx/1.17.9
etag: "95698da59d3786c4b32c0172ccf23009"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jan 2022 16:32:29 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 044B
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FD57CD26156058C0402402B0B
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FD57CD26156058C0402402B0B&crf=1

68 B
607 B

93ms
93ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FD57CD26156058C0402402B0B&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=0100007FD57CD26156058C0402402B0B&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 044B
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=0100007FD57CD2611300C1AB029705DE

43 B
270 B

93ms
11ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=0100007FD57CD2611300C1AB029705DE
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Server: openresty
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location: https://acint.net/match?dp=14&euid=0100007FD57CD2611300C1AB029705DE
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: text/html
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 044B
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007FD57CD26156058C0402402B0B
https://px.adhigh.net/p/cm/sape?u=0100007FD57CD26156058C0402402B0B&bounced=1
https://acint.net/match?dp=17&euid=7G2f2Y1dZQI.AikABlF-HjehcA

43 B
269 B

12ms
11ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=7G2f2Y1dZQI.AikABlF-HjehcA
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jan 2022 04:34:29 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f18-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://acint.net/match?dp=17&euid=7G2f2Y1dZQI.AikABlF-HjehcA
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 044B 43 B
764 B 160ms
52ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007FD57CD26156058C0402402B0B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Last-Modified: Mon, 03 Jan 2022 04:34:29 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Mon, 03 Jan 2022 10:34:29 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 044B
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4504447599
https://www.acint.net/rmatch?dp=45&euid=APE6Ghgx2HBAoqG0MiTbGNg&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FD57CD26156058C0402402B0B

42 B
201 B

231ms
61ms

Image
image/gif

81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FD57CD26156058C0402402B0B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Mon, 03 Jan 2022 04:34:29 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FD57CD26156058C0402402B0B
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame 044B 0
819 B 53ms
26ms Image
text/plain 2606:4700:20::681a:4db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=sape
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jueZbbcG8ORh5AcgPOaT0G3%2B190HFlFqUXdVuOO7Pcqf0qn2FT3uQca7s0Dc3XkumzqE1PcpjcVp82Sm4zLG6Omuc36tpmEBGZ%2BnV4yfQgf1o5vPQktgkQLXjbHFmf9%2BQJRfZRg%2FiQylqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 6c7983d4e9471782-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 044B
Redirect Chain

https://sync.republer.com/match?dsp=sape
https://sync.republer.com/match?dsp=sape&qset=1
https://sync.bumlam.com/?src=rp1&uid=ffcbd9b8-ff00-4382-af28-7486520955c7
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjV-cmOBlIEioaQK2IkZmZjYmQ5YjgtZmYwMC00MzgyLWFmMjgtNzQ4NjUyMDk1NWM3
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjV-cmOBlIEioaQK2IkZmZjYmQ5YjgtZmYwMC00MzgyLWFmMjgtNzQ4NjUyMDk1NWM3ogEQcLBINGxOEeyG4AAlkMBkfA**
https://sync.bumlam.com/?src=rp1&s_data=CAIQABjV-cmOBmIkZmZjYmQ5YjgtZmYwMC00MzgyLWFmMjgtNzQ4NjUyMDk1NWM3ogEQcLBINGxOEeyG4AAlkMBkfA**
https://sync.bumlam.com/?src=rp1&s_data=CAIQARjV-cmOBmIkZmZjYmQ5YjgtZmYwMC00MzgyLWFmMjgtNzQ4NjUyMDk1NWM3ogEQcLBINGxOEeyG4AAlkMBkfA**

43 B
552 B

6ms
6ms

Image
image/gif

31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=rp1&s_data=CAIQARjV-cmOBmIkZmZjYmQ5YjgtZmYwMC00MzgyLWFmMjgtNzQ4NjUyMDk1NWM3ogEQcLBINGxOEeyG4AAlkMBkfA**
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 31.172.81.159 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Server: nginx
ETag: 70b04834-6c4e-11ec-86e0-002590c0647c
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=rp1&s_data=CAIQARjV-cmOBmIkZmZjYmQ5YjgtZmYwMC00MzgyLWFmMjgtNzQ4NjUyMDk1NWM3ogEQcLBINGxOEeyG4AAlkMBkfA**
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2 204 match
dm-eu.hybrid.ai/ Frame 044B 0
239 B 61ms
15ms Image
text/plain 37.18.103.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=0100007FD57CD26156058C0402402B0B

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.16 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 04:34:29 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 505
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame 044B 3 KB
3 KB 171ms
53ms Script
application/javascript 185.15.175.130
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.130 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Last-Modified: Tue, 16 Nov 2021 09:48:08 GMT
Server: nginx
ETag: "61937e58-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame 044B 0
70 B 48ms
11ms Image
text/plain 116.202.236.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007FD57CD26156058C0402402B0B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.236.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.228.236.202.116.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 03 Jan 2022 04:34:29 GMT
server: nginx/1.17.10

GET
H2

200

match
www.acint.net/ Frame 044B
Redirect Chain

https://sync.upravel.com/sape/sync
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
https://111911c6-4073-4944-8552-6755732dd7f2.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
https://www.acint.net/match?dp=71&euid=111911c6-4073-4944-8552-6755732dd7f2

43 B
269 B

14ms
14ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=71&euid=111911c6-4073-4944-8552-6755732dd7f2
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Mon, 03 Jan 2022 04:34:29 GMT
server: nginx
location: https://www.acint.net/match?dp=71&euid=111911c6-4073-4944-8552-6755732dd7f2
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 044B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf9V80mFWBYwEAkArCw
https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf9V80mFWBYwEAkArCw&google_tc=
https://www.acint.net/match?dp=77&euid=

43 B
269 B

11ms
10ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=77&euid=
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jan 2022 04:34:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.acint.net/match?dp=77&euid=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adlmerge.com/merge_gpsid/ Frame 044B
Redirect Chain

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007FD57CD26156058C0402402B0B
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007FD57CD26156058C0402402B0B

43 B
115 B

64ms
15ms

Image
image/gif

95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adlmerge.com/merge_gpsid/?sid=50&id=0100007FD57CD26156058C0402402B0B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 95.211.66.35 Purmer, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

iseu: eu
server: nginx/1.16.0
date: Mon, 03 Jan 2022 04:34:29 GMT
content-type: image/gif

Redirect headers

location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007FD57CD26156058C0402402B0B
date: Mon, 03 Jan 2022 04:27:55 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 044B 42 B
201 B 296ms
55ms Image
image/gif 81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FD57CD26156058C0402402B0B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 sprcs
relap.io/partners/ Frame 044B 43 B
1019 B 249ms
62ms Image
image/gif 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/partners/sprcs?uid=0100007FD57CD26156058C0402402B0B

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 04:34:29 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-server: back02
content-length: 43
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2

200

match
www.acint.net/ Frame 044B
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
https://www.acint.net/match?dp=95&euid=BWWBJFZC

43 B
269 B

12ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=95&euid=BWWBJFZC
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=95&euid=BWWBJFZC
Date: Mon, 03 Jan 2022 04:34:29 GMT
Server: nginx/1.16.1
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 044B
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FD57CD26156058C0402402B0B
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FD57CD26156058C0402402B0B&cs=1

35 B
376 B

11ms
11ms

Image
image/gif

88.99.213.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FD57CD26156058C0402402B0B&cs=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 88.99.213.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-213-228.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FD57CD26156058C0402402B0B&cs=1
date: Mon, 03 Jan 2022 04:34:29 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

match
www.acint.net/ Frame 044B
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=YBu6R5F8kfRs

43 B
269 B

11ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=YBu6R5F8kfRs
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=YBu6R5F8kfRs
Date: Mon, 03 Jan 2022 04:34:29 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame 044B
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
https://acint.net/match?dp=107&euid=76d2253f-b650-5303-bc67-5ec4ddb52211

43 B
269 B

11ms
11ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=76d2253f-b650-5303-bc67-5ec4ddb52211
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=76d2253f-b650-5303-bc67-5ec4ddb52211
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 044B
Redirect Chain

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=13fffd7abf5e43109bd6388a30ed5462

43 B
269 B

12ms
11ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=13fffd7abf5e43109bd6388a30ed5462
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=13fffd7abf5e43109bd6388a30ed5462
date: Mon, 03 Jan 2022 04:34:29 GMT
server: Kestrel
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 044B
Redirect Chain

https://0100007fd57cd26156058c0402402b0b-sp.ops.beeline.ru/p?ssp=sp&id=0100007FD57CD26156058C0402402B0B
https://www.acint.net/match?dp=111&euid=07f652ed-9cbb-4e85-b5f8-25a579c92642

43 B
269 B

12ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=111&euid=07f652ed-9cbb-4e85-b5f8-25a579c92642
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Mon, 03 Jan 2022 04:34:29 GMT
x-route: http://upstream_cookiesync
server: nginx
location: https://www.acint.net/match?dp=111&euid=07f652ed-9cbb-4e85-b5f8-25a579c92642
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.59
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

matchspm
ut.rktch.com/ Frame 044B
Redirect Chain

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007FD57CD26156058C0402402B0B
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1023628667
https://ut.rktch.com/matchspm?pi=1000006&pui=5.UmRpZeWkTmIcoDOvkkh.&noredirect

88 B
88 B

42ms
42ms

Image
image/png

89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000006&pui=5.UmRpZeWkTmIcoDOvkkh.&noredirect
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Server: nginx/1.18.0
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Content-Length: 88

Redirect headers

pragma: no-cache
date: Mon, 03 Jan 2022 04:34:29 GMT
via: 1.1 google
last-modified: Mon, 03 Jan 2022 04:34:29 GMT
server: nginx/1.12.0
location: https://ut.rktch.com/matchspm?pi=1000006&pui=5.UmRpZeWkTmIcoDOvkkh.&noredirect
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

204

0.gif
x01.aidata.io/ Frame 044B
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007FD57CD26156058C0402402B0B
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FD57CD26156058C0402402B0B
https://tech.rtb.mts.ru/?dsp_uid=58c11045-24a6-4a62-b51c-76b99278e510&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D3...
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID

0
433 B

44ms
43ms

Image
text/plain

89.108.120.76
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51804.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 04:34:29 GMT
last-modified: Mon, 03 Jan 2022 04:34:28 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Mon, 03 Jan 2022 04:34:28 GMT

Redirect headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

match
www.acint.net/ Frame 044B
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=18b8d3a7-deda-4d96-4088-c2595bdac509

43 B
269 B

11ms
10ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=18b8d3a7-deda-4d96-4088-c2595bdac509
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=18b8d3a7-deda-4d96-4088-c2595bdac509
date: Mon, 03 Jan 2022 04:34:29 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 044B
Redirect Chain

https://s.uuidksinc.net/match/396/?remote_uid=0100007FD57CD26156058C0402402B0B
https://www.acint.net/match?dp=127&euid=Zm8Y2JPvhNhAf6ivYOg9

43 B
269 B

11ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=Zm8Y2JPvhNhAf6ivYOg9
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=Zm8Y2JPvhNhAf6ivYOg9
date: Mon, 03 Jan 2022 04:34:29 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 044B
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=za3v44xm2p

43 B
269 B

11ms
10ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=129&euid=za3v44xm2p
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jan 2022 04:34:29 GMT
server: nginx/1.14.0
access-control-allow-origin: *
surrogate-control: no-store
vary: Origin
location: https://www.acint.net/match?dp=129&euid=za3v44xm2p
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: 5ec1f202-16a6-4a2b-a881-73f6f3816f10
expires: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame 044B 0
215 B 137ms
42ms Image
text/plain 217.65.2.150
CITYTELECOM-AS Fi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007FD57CD26156058C0402402B0B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Jan 2022 04:34:29 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 204 0100007FD57CD26156058C0402402B0B
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame 044B 0
189 B 211ms
53ms Image
text/plain 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007FD57CD26156058C0402402B0B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2

404

WMEQRSSmSmK1HHa5knjlEA
an.yandex.ru/setud/mts_banner/ Frame 044B
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007FD57CD26156058C0402402B0B
https://x01.aidata.io/0.gif?pid=9401454&id=0100007FD57CD26156058C0402402B0B&bounce=1
https://sm.rtb.mts.ru/p?ssp=aidata&id=2SuMky5N29MDH4u1LxHWKg
https://sm.rtb.mts.ru/match/second?ssp=51&exu=2SuMky5N29MDH4u1LxHWKg
https://tech.rtb.mts.ru/?dsp_uid=58c11045-24a6-4a62-b51c-76b99278e510&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FWMEQRSSmSmK1HHa5knjlEA%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
https://an.yandex.ru/setud/mts_banner/WMEQRSSmSmK1HHa5knjlEA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3D2SuMky5N29MDH4u1LxHWKg&sign=2434464838

43 B
176 B

39ms
39ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/WMEQRSSmSmK1HHa5knjlEA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3D2SuMky5N29MDH4u1LxHWKg&sign=2434464838

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 04:34:30 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 04:34:30 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 03 Jan 2022 04:34:30 GMT

Redirect headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/WMEQRSSmSmK1HHa5knjlEA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3D2SuMky5N29MDH4u1LxHWKg&sign=2434464838
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame 044B 0
523 B 6ms
6ms Image
text/html 31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&uid=0100007FD57CD26156058C0402402B0B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.159 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

0100007FD57CD26156058C0402402B0B
an.yandex.ru/mapuid/sapeis/ Frame 044B
Redirect Chain

https://an.yandex.ru/mapuid/sapeis/0100007FD57CD26156058C0402402B0B
https://an.yandex.ru/mapuid/sapeis/0100007FD57CD26156058C0402402B0B?redir-setuniq=1

43 B
108 B

32ms
32ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007FD57CD26156058C0402402B0B?redir-setuniq=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 04:34:29 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 04:34:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 03 Jan 2022 04:34:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jan 2022 04:34:29 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 04:34:29 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/sapeis/0100007FD57CD26156058C0402402B0B?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 03 Jan 2022 04:34:29 GMT

GET
H2 200 frame.html Show response
s3.advarkads.com/modules/match/ Frame DD20 187 B
404 B 123ms
98ms Document
text/html 2606:4700:10::6816:457
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FD57CD26156058C0402402B0B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:457 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
content-type: text/html
cache-control: max-age=60
last-modified: Wed, 13 Oct 2021 12:55:49 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c7983d4eff8698b-FRA
content-encoding: gzip

GET
H2

200

1 Show response
mc.yandex.com/watch/12699646/
Redirect Chain

https://mc.yandex.com/watch/12699646?wmode=7&page-url=http%3A%2F%2Fancientrome.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A273%3Afu%3A0%3Aen%3Awindows-1251%...
https://mc.yandex.com/watch/12699646/1?wmode=7&page-url=http%3A%2F%2Fancientrome.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A273%3Afu%3A0%3Aen%3Awindows-125...

331 B
413 B

32ms
32ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/12699646/1?wmode=7&page-url=http%3A%2F%2Fancientrome.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A273%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A891546325266%3Ahid%3A518369605%3Az%3A0%3Ai%3A20220103043429%3Aet%3A1641184469%3Ac%3A1%3Arn%3A452755278%3Arqn%3A1%3Au%3A1641184469214268818%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1641184468580%3Ads%3A50%2C38%2C61%2C1%2C0%2C0%2C%2C380%2C%2C%2C%2C%2C%3Adsn%3A50%2C38%2C61%2C1%2C0%2C0%2C%2C381%2C%2C%2C%2C%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1641184469%3At%3A%D0%98%D0%A1%D0%A2%D0%9E%D0%A0%D0%98%D0%AF%20%D0%94%D0%A0%D0%95%D0%92%D0%9D%D0%95%D0%93%D0%9E%20%D0%A0%D0%98%D0%9C%D0%90&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: ancientrome.ru
URL: http://ancientrome.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

0d94ba0f408f83eeb9e0ad6cdf10a05446c311d9816f4acf5aa27638635ead82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 04:34:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 03-Jan-2022 04:34:29 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://ancientrome.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Mon, 03-Jan-2022 04:34:29 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jan 2022 04:34:29 GMT
last-modified: Mon, 03-Jan-2022 04:34:29 GMT
location: /watch/12699646/1?wmode=7&page-url=http%3A%2F%2Fancientrome.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A273%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A891546325266%3Ahid%3A518369605%3Az%3A0%3Ai%3A20220103043429%3Aet%3A1641184469%3Ac%3A1%3Arn%3A452755278%3Arqn%3A1%3Au%3A1641184469214268818%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1641184468580%3Ads%3A50%2C38%2C61%2C1%2C0%2C0%2C%2C380%2C%2C%2C%2C%2C%3Adsn%3A50%2C38%2C61%2C1%2C0%2C0%2C%2C381%2C%2C%2C%2C%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1641184469%3At%3A%D0%98%D0%A1%D0%A2%D0%9E%D0%A0%D0%98%D0%AF%20%D0%94%D0%A0%D0%95%D0%92%D0%9D%D0%95%D0%93%D0%9E%20%D0%A0%D0%98%D0%9C%D0%90&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://ancientrome.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 03-Jan-2022 04:34:29 GMT

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 134 KB
50 KB 84ms
48ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/ff97a008b4153450/cse_element__ru.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a5c8d565ff2094a383ec715b87bc2a787d1913906358159751b7f232c9238c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "14482206957989104827"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Accept-Ranges: bytes
Expires: Mon, 03 Jan 2022 04:34:29 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 39ms
38ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/ff97a008b4153450/default+ru.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/ff97a008b4153450/default+ru.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 05:46:24 GMT
x-content-type-options: nosniff
age: 427685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 29 Dec 2022 05:46:24 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/ru/ 1 KB
1 KB 39ms
38ms Image
image/png 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/ru/branding.png

Requested by

Host: ancientrome.ru
URL: http://ancientrome.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 06:32:10 GMT
x-content-type-options: nosniff
age: 252139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1377
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 31 Dec 2022 06:32:10 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
83 B 115ms
38ms Image
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Requested by: Host: ancientrome.ru
URL: http://ancientrome.ru/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Content-Length: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
647 B 130ms
44ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ancientrome.ru&callback=_gfp_s_&client=ca-pub-6823977357041013

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6823977357041013&plah=ancientrome.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b4cb88493b23ebf66e76778662772feb89b18b43a86f273e1f236226a1db0dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 135ms
47ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ancientrome.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Jan 2022 04:34:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 135ms
47ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ancientrome.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Jan 2022 04:34:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5904 23 KB
10 KB 461ms
414ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6823977357041013&output=html&h=600&slotname=9748514512&adk=2282830014&adf=2209427468&pi=t.ma~as.9748514512&w=300&lmt=1641184469&psa=0&format=300x600&url=http%3A%2F%2Fancientrome.ru%2F&flash=0&wgl=1&dt=1641184469111&bpp=1&bdt=379&idt=233&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=6616527211461&frm=20&pv=2&ga_vid=1383487822.1641184469&ga_sid=1641184469&ga_hid=2031283866&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31062930&oid=2&pvsid=553686927995087&pem=317&tmod=263&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&xpc=oQyjBhCEz1&p=http%3A//ancientrome.ru&dtd=249

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3cdb06c133499ddedd1539771333e3c66302fe1d73453a1c8d41132dc1555e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 03 Jan 2022 04:34:29 GMT
server: cafe
content-length: 10056
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 03 Jan 2022 04:34:29 GMT
cache-control: private

GET
H2 200 frame.js Show response
s3.advarkads.com/modules/match/ Frame DD20 22 KB
7 KB 12ms
12ms Script
application/javascript 2606:4700:10::6816:457
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.js
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FD57CD26156058C0402402B0B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:457 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03333e8487b65839387c9cdecc9a112b7e41570d728a2ab48c7ed89aab72145f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FD57CD26156058C0402402B0B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 07:30:44 GMT
server: cloudflare
age: 59
etag: "0aa781bcf0d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
cf-ray: 6c7983d598e2698b-FRA
content-length: 7430

GET
H/1.1 200
OK match
api.advarkads.com/api/statistic/ Frame DD20 43 B
389 B 159ms
61ms Image
image/gif 23.111.109.220
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007FD57CD26156058C0402402B0B
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FD57CD26156058C0402402B0B
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.109.220 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.18.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3.advarkads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jan 2022 03:35:24 GMT
Server: nginx/1.18.0
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: -1

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame 044B 15 KB
15 KB 105ms
105ms Script
application/javascript 185.15.175.130
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=296620334759513
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.130 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6b2385df25640156748d25320c7f27e980535d744f14d2eaa596ca2ef8660a67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Last-Modified: Tue, 16 Nov 2021 09:48:09 GMT
Server: nginx
ETag: "61937e59-3cda"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15578

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 044B
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=77254935676084.97699253157403&a=77&e=0100007FD57CD26156058C0402402B0B&pref=http%3A%2F%2Fancientrome.ru%2F&c=ss:77.up:0100007FD57CD26156058C0402402B0B.sync:...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=77254935676084.97699253157403&a=77&e=0100007FD57CD26156058C0402402B0B&pref=http%3A%2F%2Fancientrome.ru%2F&c=ss:77.up:0100007FD57CD...

49 B
602 B

54ms
54ms

Image
image/gif

185.15.175.147
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=77254935676084.97699253157403&a=77&e=0100007FD57CD26156058C0402402B0B&pref=http%3A%2F%2Fancientrome.ru%2F&c=ss:77.up:0100007FD57CD26156058C0402402B0B.sync:up.xdua:duMVPBn2pNaqubu4E75E6gaE.xps:xps1Qyj4C0DR7iGgQKDxCN7Sp.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 3
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=77254935676084.97699253157403&a=77&e=0100007FD57CD26156058C0402402B0B&pref=http%3A%2F%2Fancientrome.ru%2F&c=ss:77.up:0100007FD57CD26156058C0402402B0B.sync:up.xdua:duMVPBn2pNaqubu4E75E6gaE.xps:xps1Qyj4C0DR7iGgQKDxCN7Sp.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 044B
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=77254935676084.606431592927958&a=77&e=0100007FD57CD26156058C0402402B0B&pref=http%3A%2F%2Fancientrome.ru%2F&c=ss:77.up:0100007FD57CD26156058C0402402B0B.sync...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=77254935676084.606431592927958&a=77&e=0100007FD57CD26156058C0402402B0B&pref=http%3A%2F%2Fancientrome.ru%2F&c=ss:77.up:0100007FD57C...

49 B
602 B

61ms
61ms

Image
image/gif

185.15.175.147
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=77254935676084.606431592927958&a=77&e=0100007FD57CD26156058C0402402B0B&pref=http%3A%2F%2Fancientrome.ru%2F&c=ss:77.up:0100007FD57CD26156058C0402402B0B.sync:up.xdua:duMVPBn2pNaqubu4E75E6gaE.xps:xps1Qyj4C0DR7iGgQKDxCN7Sp.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 2
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=77254935676084.606431592927958&a=77&e=0100007FD57CD26156058C0402402B0B&pref=http%3A%2F%2Fancientrome.ru%2F&c=ss:77.up:0100007FD57CD26156058C0402402B0B.sync:up.xdua:duMVPBn2pNaqubu4E75E6gaE.xps:xps1Qyj4C0DR7iGgQKDxCN7Sp.dn:acint__net.adcm:hit.tg:adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 5904 3 KB
2 KB 43ms
13ms Script
application/x-javascript 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTmpJMFpXSmpZV1F0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NDQ4MDgyNTQ4NDkyNDEwNjgvOTY5MDAzMi85OTU1OTkzLzQvZUh5N1FKZS1jbmZhdTBtVVNsSUZpNVJ6ekhidm85dlRJalZ4bnJLWWJrTS8xLzQvMC8wLzE3MzQ5NDUvMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzg1NDQ4MDgyNTQ4NDkyNDEwNjgvenJoLzAvNjgzNy8yMy85OTkvMjU4LzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MTE4NDQ2OS8xNjQxMTk3MDY5LzQvcHViLTY4MjM5NzczNTcwNDEwMTMv/eAV-wPSW6pR8DZKhssey8BaO_q4&nodeid=234&group=zrh&auctionid=8544808254849241068&shardkey=8544808254849241068&sid=9955993&cid=9690032&bp=a_cjafhc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.133&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVoAz1XzSYbafGpHQgQf-xIOoAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTY4MjM5NzczNTcwNDEwMTPIAQmoAwGqBMIBT9CZs2jrZ7PNQhT6VAMC_7JmCv5W6sQZFaoOTaFWvRdcT6Uy1rr3-dDxHP0F1EPdh7-ORHmGKKzZ79yFWI1rsXF1-StWyG5jXQ48kQCEjgeJL_XWYf1tjKGrgPPiD7uJyfO0IGOYizmwCtfPZEe_UYuAI0og4iZbBYWY9y9zE6SUR0rCveN9JI0WaiBrnhVGr54nPGwgX95fdPwIKPwFEuf0soPLWoB9G9PDO-K4TYgRCnlL-YCkM67wmgga315H-4mABvX8rYT-u5mIhQGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Zo2_cgibCwyvoRlxWtUyzp6sMmA%26client%3Dca-pub-6823977357041013%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6823977357041013&output=html&h=600&slotname=9748514512&adk=2282830014&adf=2209427468&pi=t.ma~as.9748514512&w=300&lmt=1641184469&psa=0&format=300x600&url=http%3A%2F%2Fancientrome.ru%2F&flash=0&wgl=1&dt=1641184469111&bpp=1&bdt=379&idt=233&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=6616527211461&frm=20&pv=2&ga_vid=1383487822.1641184469&ga_sid=1641184469&ga_hid=2031283866&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31062930&oid=2&pvsid=553686927995087&pem=317&tmod=263&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&xpc=oQyjBhCEz1&p=http%3A//ancientrome.ru&dtd=249
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.210.4 /
Resource Hash: aa5031349112d5455a60414bef773ca3bc2e895f23290106c8443e9323a3f8ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1641184469
Last-Modified: Mon, 03 Jan 2022 04:34:29 GMT
Server: MMBD/3.210.4
x-mm-latency: 1 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x22, zrh-bidder-x31
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Mon, 03 Jan 2022 04:34:28 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 5904 2 KB
1 KB 139ms
42ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6823977357041013&output=html&h=600&slotname=9748514512&adk=2282830014&adf=2209427468&pi=t.ma~as.9748514512&w=300&lmt=1641184469&psa=0&format=300x600&url=http%3A%2F%2Fancientrome.ru%2F&flash=0&wgl=1&dt=1641184469111&bpp=1&bdt=379&idt=233&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=6616527211461&frm=20&pv=2&ga_vid=1383487822.1641184469&ga_sid=1641184469&ga_hid=2031283866&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31062930&oid=2&pvsid=553686927995087&pem=317&tmod=263&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&xpc=oQyjBhCEz1&p=http%3A//ancientrome.ru&dtd=249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jan 2022 04:29:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5904 119 KB
37 KB 168ms
58ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 03 Jan 2022 04:34:29 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 5904 15 KB
7 KB 136ms
38ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jan 2022 04:25:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5904 0
0 94ms
93ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrudW1XzSYbafGpHQgQf-xIOoAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTY4MjM5NzczNTcwNDEwMTPIAQmoAwGqBL8BT9CZs2jrZ7PNQhT6VAMC_7JmCv5W6sQZFaoOTaFWvRdcT6Uy1rr3-dDxHP0F1EPdh7-ORHmGKKzZ79yFWI1rsXF1-StWyG5jXQ48kQCEjgeJL_XWYf1tjKGrgPPiD7uJyfO0IGOYizmwCtfPZEe_UYuAI0og4iZbBYWY9y9zE6SUR0rCveN9JI0WaiBrnhVGr54nPGwgX95fNv4pulC5tuB5FstggsDS687XMV6yY5Dwt7kLVnoFLYLoNJGm2NOABvX8rYT-u5mIhQGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02ODIzOTc3MzU3MDQxMDEzGAA&sigh=REOoHZKZFAY&uach_m=[UACH]&cid=CAQSGwCNIrLMVMW-L1Dpxav0T1Mj-n3aC6oyU4AMaBgB&tpd=AGWhJmtYI9JKY_dOir27DO3uQLSeKB1dumO63AN9rTR5VToLKpf679TDiJQvq5gnLx9aeHm6xc4C-49Yucb2ivwoyvrhKypnO2UY4mnJko6X2ocvzV-MEb0cleTVxtevbhKqwktz83koO0IpD5yJ1kIvFAlzB2gxDY53d_SXJdVt_CsJMAPl45y-IjQEcUnh8qaKN8ThD3HS-B-36p6ehYDPBnvyGZ8Fh-k7TYkapIe1BsWR6LBUvFLWcXTlndOh3mD1akYzUxgY8a18qmlHb17ZEZh6I74J9RBOb8_VRxq0sVoqiV_C2-EaMHnXXKcf4Hy4tjRNmhoAv5FAsB4bO9NNbVFWrEPN9apKxZzdRabM10W8ejm-_L-8Hf53MlWGRF6GMaLOQ6B3C3eZf03izOhW9uVjvle65awMGYZOTyRemoxHidG8hKBWPvwyx8xBHq2yRRtJGJr-hAGAiAKJ0YObhJnNn1oxnTxAU9EqX0ayJA1_-6dqROaTXxEJZ59mEZmuBghEonbbO7oUAkgEOy_Q3h5hTQKRVIPYjFhkHP5vS1KD9EtgYExsc9v24WCEHfU7zW1cvAnzDeBGl_aohGBbGeC79c4uwl8HgREQZV4C3aXejh_0CUGr8QgVb9oJnG6U94pT5fPGhKydZmeuZE1os9CdTLk8v2a82FvXZXuxSV2MCd76QClsbD47_khQD853bYJCmpLkRa3Ow0wYRiOk-f4yInvwwp5b5q2D8DXvfZ8ktW5TI_hd0PVghrJvBL9plm_Slkpyc0X7lefGWKVy1-ptd2Tp2XzBSRW1guXkX2b1XZ6rRA04gFFftzLWk4eXrwm4vyfFIQH7nwjv9ea4MP2p5mXu4xiU4ELO5GBFeiPjYpAA6BbFHvaT0HjYj5cSNmuEgav9OiJA1HrzyNXnayYRut9QaaGhA2ZiUiuLtaL32V0zkcLdl4NHifJ5pWuzqvTV4JK7QGscgPiHnfXdzkiQH2LLHLTOB-THe9uZykccGgB285KNLMAf0Izwrhuy97ph6k18uVRfBdQMS4dQ0fCvLcJYu4NmR0qR0qUzo4kU6sJiXruG8ii8jMgadRNH08hQhVhC

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6823977357041013&output=html&h=600&slotname=9748514512&adk=2282830014&adf=2209427468&pi=t.ma~as.9748514512&w=300&lmt=1641184469&psa=0&format=300x600&url=http%3A%2F%2Fancientrome.ru%2F&flash=0&wgl=1&dt=1641184469111&bpp=1&bdt=379&idt=233&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=6616527211461&frm=20&pv=2&ga_vid=1383487822.1641184469&ga_sid=1641184469&ga_hid=2031283866&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31062930&oid=2&pvsid=553686927995087&pem=317&tmod=263&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&xpc=oQyjBhCEz1&p=http%3A//ancientrome.ru&dtd=249
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 03 Jan 2022 04:34:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK qdxf4l9d1c32 Show response
hal9000.redintelligence.net/zone/ Frame 5904 10 KB
3 KB 49ms
17ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/qdxf4l9d1c32?subid=&gdpr=1&gdpr_consent=li&rnd=8544808254849241068&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8544808254849241068%26mt_id%3D9690032%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D941461d2-7cd5-4b01-b53e-cc8d3eb41bd3%26mt_cid%3D941461d2-7cd5-4b01-b53e-cc8d3eb41bd3%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCVoAz1XzSYbafGpHQgQf-xIOoAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTY4MjM5NzczNTcwNDEwMTPIAQmoAwGqBMIBT9CZs2jrZ7PNQhT6VAMC_7JmCv5W6sQZFaoOTaFWvRdcT6Uy1rr3-dDxHP0F1EPdh7-ORHmGKKzZ79yFWI1rsXF1-StWyG5jXQ48kQCEjgeJL_XWYf1tjKGrgPPiD7uJyfO0IGOYizmwCtfPZEe_UYuAI0og4iZbBYWY9y9zE6SUR0rCveN9JI0WaiBrnhVGr54nPGwgX95fdPwIKPwFEuf0soPLWoB9G9PDO-K4TYgRCnlL-YCkM67wmgga315H-4mABvX8rYT-u5mIhQGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0Zo2_cgibCwyvoRlxWtUyzp6sMmA%2526client%253Dca-pub-6823977357041013%2526adurl%253D%26redirect%3D
Requested by: Host: ancientrome.ru
URL: http://ancientrome.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: cc6c13b0979c38ed7c9c52ba7885cf09f58222a017c4536ee3ddfc5bcac520aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3272
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 5904 49 B
329 B 35ms
13ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=8544808254849241068&node_id=234&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTmpJMFpXSmpZV1F0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NDQ4MDgyNTQ4NDkyNDEwNjgvOTY5MDAzMi85OTU1OTkzLzQvZUh5N1FKZS1jbmZhdTBtVVNsSUZpNVJ6ekhidm85dlRJalZ4bnJLWWJrTS8xLzQvMC8wLzE3MzQ5NDUvMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzg1NDQ4MDgyNTQ4NDkyNDEwNjgvenJoLzAvNjgzNy8yMy85OTkvMjU4LzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MTE4NDQ2OS8xNjQxMTk3MDY5LzQvcHViLTY4MjM5NzczNTcwNDEwMTMv/eAV-wPSW6pR8DZKhssey8BaO_q4&nodeid=234&group=zrh&auctionid=8544808254849241068&shardkey=8544808254849241068&sid=9955993&cid=9690032&bp=a_cjafhc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.133&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVoAz1XzSYbafGpHQgQf-xIOoAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTY4MjM5NzczNTcwNDEwMTPIAQmoAwGqBMIBT9CZs2jrZ7PNQhT6VAMC_7JmCv5W6sQZFaoOTaFWvRdcT6Uy1rr3-dDxHP0F1EPdh7-ORHmGKKzZ79yFWI1rsXF1-StWyG5jXQ48kQCEjgeJL_XWYf1tjKGrgPPiD7uJyfO0IGOYizmwCtfPZEe_UYuAI0og4iZbBYWY9y9zE6SUR0rCveN9JI0WaiBrnhVGr54nPGwgX95fdPwIKPwFEuf0soPLWoB9G9PDO-K4TYgRCnlL-YCkM67wmgga315H-4mABvX8rYT-u5mIhQGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Zo2_cgibCwyvoRlxWtUyzp6sMmA%26client%3Dca-pub-6823977357041013%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.210.4 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Server: MMBD/3.210.4
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x83, zrh-bidder-x31
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 03 Jan 2022 04:34:28 GMT

GET
H/1.1 200
OK analytics.js Show response
s.update.mediamathtag.com/2/619621/ Frame 5904 7 KB
3 KB 164ms
33ms Script
text/javascript 52.212.227.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=http%3A//ancientrome.ru&ui=624ebcad-0000-0000-0000-000000000000&ap=&ti=8544808254849241068&pv=1efb6099-9b13-4528-a1d8-2bbd214d5662&pp=pub-6823977357041013&sr=4&de=43003&si=670553357&dm=300x600&ac=1040879&cr=9690032&ai=215543&c1=9955993&r1=2a03:1b20:6::&r2=&r3=

Requested by

Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTmpJMFpXSmpZV1F0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NDQ4MDgyNTQ4NDkyNDEwNjgvOTY5MDAzMi85OTU1OTkzLzQvZUh5N1FKZS1jbmZhdTBtVVNsSUZpNVJ6ekhidm85dlRJalZ4bnJLWWJrTS8xLzQvMC8wLzE3MzQ5NDUvMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzg1NDQ4MDgyNTQ4NDkyNDEwNjgvenJoLzAvNjgzNy8yMy85OTkvMjU4LzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MTE4NDQ2OS8xNjQxMTk3MDY5LzQvcHViLTY4MjM5NzczNTcwNDEwMTMv/eAV-wPSW6pR8DZKhssey8BaO_q4&nodeid=234&group=zrh&auctionid=8544808254849241068&shardkey=8544808254849241068&sid=9955993&cid=9690032&bp=a_cjafhc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.133&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVoAz1XzSYbafGpHQgQf-xIOoAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTY4MjM5NzczNTcwNDEwMTPIAQmoAwGqBMIBT9CZs2jrZ7PNQhT6VAMC_7JmCv5W6sQZFaoOTaFWvRdcT6Uy1rr3-dDxHP0F1EPdh7-ORHmGKKzZ79yFWI1rsXF1-StWyG5jXQ48kQCEjgeJL_XWYf1tjKGrgPPiD7uJyfO0IGOYizmwCtfPZEe_UYuAI0og4iZbBYWY9y9zE6SUR0rCveN9JI0WaiBrnhVGr54nPGwgX95fdPwIKPwFEuf0soPLWoB9G9PDO-K4TYgRCnlL-YCkM67wmgga315H-4mABvX8rYT-u5mIhQGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Zo2_cgibCwyvoRlxWtUyzp6sMmA%26client%3Dca-pub-6823977357041013%26adurl%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.212.227.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-227-251.eu-west-1.compute.amazonaws.com

Software

Resource Hash

34297bbdee19997fa6a9b243bba8d2e0508285147644bee9100aa2dd42dff4ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jan 2022 04:34:29 GMT
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 2965
Expires: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 5904 43 B
405 B 47ms
32ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=8544808254849241068&v3=1040879&v4=9955993&v5=9690032&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTmpJMFpXSmpZV1F0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NDQ4MDgyNTQ4NDkyNDEwNjgvOTY5MDAzMi85OTU1OTkzLzQvZUh5N1FKZS1jbmZhdTBtVVNsSUZpNVJ6ekhidm85dlRJalZ4bnJLWWJrTS8xLzQvMC8wLzE3MzQ5NDUvMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzg1NDQ4MDgyNTQ4NDkyNDEwNjgvenJoLzAvNjgzNy8yMy85OTkvMjU4LzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MTE4NDQ2OS8xNjQxMTk3MDY5LzQvcHViLTY4MjM5NzczNTcwNDEwMTMv/eAV-wPSW6pR8DZKhssey8BaO_q4&nodeid=234&group=zrh&auctionid=8544808254849241068&shardkey=8544808254849241068&sid=9955993&cid=9690032&bp=a_cjafhc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.133&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVoAz1XzSYbafGpHQgQf-xIOoAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTY4MjM5NzczNTcwNDEwMTPIAQmoAwGqBMIBT9CZs2jrZ7PNQhT6VAMC_7JmCv5W6sQZFaoOTaFWvRdcT6Uy1rr3-dDxHP0F1EPdh7-ORHmGKKzZ79yFWI1rsXF1-StWyG5jXQ48kQCEjgeJL_XWYf1tjKGrgPPiD7uJyfO0IGOYizmwCtfPZEe_UYuAI0og4iZbBYWY9y9zE6SUR0rCveN9JI0WaiBrnhVGr54nPGwgX95fdPwIKPwFEuf0soPLWoB9G9PDO-K4TYgRCnlL-YCkM67wmgga315H-4mABvX8rYT-u5mIhQGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Zo2_cgibCwyvoRlxWtUyzp6sMmA%26client%3Dca-pub-6823977357041013%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master cdg-pixel-x15 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Server: MT3 4133 baa842e master cdg-pixel-x15 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 03 Jan 2022 04:34:28 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 5904 49 B
329 B 46ms
23ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=8544808254849241068&st=9955993&time=1641184469&nodeid=234
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTmpJMFpXSmpZV1F0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1NDQ4MDgyNTQ4NDkyNDEwNjgvOTY5MDAzMi85OTU1OTkzLzQvZUh5N1FKZS1jbmZhdTBtVVNsSUZpNVJ6ekhidm85dlRJalZ4bnJLWWJrTS8xLzQvMC8wLzE3MzQ5NDUvMC8yMTU1NDMvMTA0MDg3OS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzg1NDQ4MDgyNTQ4NDkyNDEwNjgvenJoLzAvNjgzNy8yMy85OTkvMjU4LzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MTE4NDQ2OS8xNjQxMTk3MDY5LzQvcHViLTY4MjM5NzczNTcwNDEwMTMv/eAV-wPSW6pR8DZKhssey8BaO_q4&nodeid=234&group=zrh&auctionid=8544808254849241068&shardkey=8544808254849241068&sid=9955993&cid=9690032&bp=a_cjafhc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.133&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVoAz1XzSYbafGpHQgQf-xIOoAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTY4MjM5NzczNTcwNDEwMTPIAQmoAwGqBMIBT9CZs2jrZ7PNQhT6VAMC_7JmCv5W6sQZFaoOTaFWvRdcT6Uy1rr3-dDxHP0F1EPdh7-ORHmGKKzZ79yFWI1rsXF1-StWyG5jXQ48kQCEjgeJL_XWYf1tjKGrgPPiD7uJyfO0IGOYizmwCtfPZEe_UYuAI0og4iZbBYWY9y9zE6SUR0rCveN9JI0WaiBrnhVGr54nPGwgX95fdPwIKPwFEuf0soPLWoB9G9PDO-K4TYgRCnlL-YCkM67wmgga315H-4mABvX8rYT-u5mIhQGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Zo2_cgibCwyvoRlxWtUyzp6sMmA%26client%3Dca-pub-6823977357041013%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.210.4 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Server: MMBD/3.210.4
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x72, zrh-bidder-x31
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 03 Jan 2022 04:34:28 GMT

GET
H/1.1 200
OK request.php Show response
hal900015.redintelligence.net/ Frame 5904 613 B
772 B 87ms
51ms Script
application/x-javascript 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/request.php?zone=qdxf4l9d1c32&nw=20&renderingType=javascript&namespace=c3fd7409a3&subid=&uid=66c293f00ab2be08&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8544808254849241068%26mt_id%3D9690032%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D941461d2-7cd5-4b01-b53e-cc8d3eb41bd3%26mt_cid%3D941461d2-7cd5-4b01-b53e-cc8d3eb41bd3%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCVoAz1XzSYbafGpHQgQf-xIOoAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTY4MjM5NzczNTcwNDEwMTPIAQmoAwGqBMIBT9CZs2jrZ7PNQhT6VAMC_7JmCv5W6sQZFaoOTaFWvRdcT6Uy1rr3-dDxHP0F1EPdh7-ORHmGKKzZ79yFWI1rsXF1-StWyG5jXQ48kQCEjgeJL_XWYf1tjKGrgPPiD7uJyfO0IGOYizmwCtfPZEe_UYuAI0og4iZbBYWY9y9zE6SUR0rCveN9JI0WaiBrnhVGr54nPGwgX95fdPwIKPwFEuf0soPLWoB9G9PDO-K4TYgRCnlL-YCkM67wmgga315H-4mABvX8rYT-u5mIhQGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0Zo2_cgibCwyvoRlxWtUyzp6sMmA%2526client%253Dca-pub-6823977357041013%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6823977357041013%26output%3Dhtml%26h%3D600%26slotname%3D9748514512%26adk%3D2282830014%26adf%3D2209427468%26pi%3Dt.ma~as.9748514512%26w%3D300%26lmt%3D1641184469%26psa%3D0%26format%3D300x600%26url%3Dhttp%253A%252F%252Fancientrome.ru%252F%26flash%3D0%26wgl%3D1%26dt%3D1641184469111%26bpp%3D1%26bdt%3D379%26idt%3D233%26shv%3Dr20211207%26mjsv%3Dm202112060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D6616527211461%26frm%3D20%26pv%3D2%26ga_vid%3D1383487822.1641184469%26ga_sid%3D1641184469%26ga_hid%3D2031283866%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26adx%3D-12245933%26ady%3D-12245933%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44750773%252C31063825%252C31062930%26oid%3D2%26pvsid%3D553686927995087%26pem%3D317%26tmod%3D263%26eae%3D0%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Do%257Co%257CenEr%257C%26abl%3DNS%26pfx%3D0%26fu%3D32768%26bc%3D23%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3DoQyjBhCEz1%26p%3Dhttp%253A%2F%2Fancientrome.ru%26dtd%3D249&ancestorOrigins=null&random=3572398238961&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/qdxf4l9d1c32?subid=&gdpr=1&gdpr_consent=li&rnd=8544808254849241068&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8544808254849241068%26mt_id%3D9690032%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D941461d2-7cd5-4b01-b53e-cc8d3eb41bd3%26mt_cid%3D941461d2-7cd5-4b01-b53e-cc8d3eb41bd3%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCVoAz1XzSYbafGpHQgQf-xIOoAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTY4MjM5NzczNTcwNDEwMTPIAQmoAwGqBMIBT9CZs2jrZ7PNQhT6VAMC_7JmCv5W6sQZFaoOTaFWvRdcT6Uy1rr3-dDxHP0F1EPdh7-ORHmGKKzZ79yFWI1rsXF1-StWyG5jXQ48kQCEjgeJL_XWYf1tjKGrgPPiD7uJyfO0IGOYizmwCtfPZEe_UYuAI0og4iZbBYWY9y9zE6SUR0rCveN9JI0WaiBrnhVGr54nPGwgX95fdPwIKPwFEuf0soPLWoB9G9PDO-K4TYgRCnlL-YCkM67wmgga315H-4mABvX8rYT-u5mIhQGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0Zo2_cgibCwyvoRlxWtUyzp6sMmA%2526client%253Dca-pub-6823977357041013%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 64a95703173422fa562bbb77f9e3cc619d6fff2032f86a77a7c92c9a42380e7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jan 2022 04:34:29 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 97730800038705903891616011828015
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 329
Expires: Mon, 03 Jan 2022 04:34:29 +0100

GET
H/1.1 200
OK request_content.php Show response
hal900015.redintelligence.net/ Frame 9B00 4 KB
2 KB 33ms
11ms Document
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/request_content.php?s=97730800038705903891616011828015&a=e9e8a754
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=qdxf4l9d1c32&nw=20&renderingType=javascript&namespace=c3fd7409a3&subid=&uid=66c293f00ab2be08&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8544808254849241068%26mt_id%3D9690032%26mt_adid%3D215543%26mt_sid%3D9955993%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D941461d2-7cd5-4b01-b53e-cc8d3eb41bd3%26mt_cid%3D941461d2-7cd5-4b01-b53e-cc8d3eb41bd3%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCVoAz1XzSYbafGpHQgQf-xIOoAs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTY4MjM5NzczNTcwNDEwMTPIAQmoAwGqBMIBT9CZs2jrZ7PNQhT6VAMC_7JmCv5W6sQZFaoOTaFWvRdcT6Uy1rr3-dDxHP0F1EPdh7-ORHmGKKzZ79yFWI1rsXF1-StWyG5jXQ48kQCEjgeJL_XWYf1tjKGrgPPiD7uJyfO0IGOYizmwCtfPZEe_UYuAI0og4iZbBYWY9y9zE6SUR0rCveN9JI0WaiBrnhVGr54nPGwgX95fdPwIKPwFEuf0soPLWoB9G9PDO-K4TYgRCnlL-YCkM67wmgga315H-4mABvX8rYT-u5mIhQGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0Zo2_cgibCwyvoRlxWtUyzp6sMmA%2526client%253Dca-pub-6823977357041013%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6823977357041013%26output%3Dhtml%26h%3D600%26slotname%3D9748514512%26adk%3D2282830014%26adf%3D2209427468%26pi%3Dt.ma~as.9748514512%26w%3D300%26lmt%3D1641184469%26psa%3D0%26format%3D300x600%26url%3Dhttp%253A%252F%252Fancientrome.ru%252F%26flash%3D0%26wgl%3D1%26dt%3D1641184469111%26bpp%3D1%26bdt%3D379%26idt%3D233%26shv%3Dr20211207%26mjsv%3Dm202112060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D6616527211461%26frm%3D20%26pv%3D2%26ga_vid%3D1383487822.1641184469%26ga_sid%3D1641184469%26ga_hid%3D2031283866%26ga_fc%3D0%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26adx%3D-12245933%26ady%3D-12245933%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44750773%252C31063825%252C31062930%26oid%3D2%26pvsid%3D553686927995087%26pem%3D317%26tmod%3D263%26eae%3D0%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Do%257Co%257CenEr%257C%26abl%3DNS%26pfx%3D0%26fu%3D32768%26bc%3D23%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3DoQyjBhCEz1%26p%3Dhttp%253A%2F%2Fancientrome.ru%26dtd%3D249&ancestorOrigins=null&random=3572398238961&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 5a73a701a2bb5c002032dd1a8fcb9d073977cc4486d1e4a72f4174bb3a67ba3d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Mon, 03 Jan 2022 04:34:30 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 03 Jan 2022 04:34:30 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1433
Connection: close
Content-Type: text/html; charset=utf-8

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.43.1/619621/AQALl5oHEA0vLp-P/ Frame 5904 0
145 B 107ms
26ms XHR
text/plain 52.212.227.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.43.1/619621/AQALl5oHEA0vLp-P/postback?oz_pl=1&ti=8544808254849241068&ai=215543&c1=9955993&r3=&dt=6196211556140246740000&di=http%3A%2F%2Fancientrome.ru&ap=&sr=4&cr=9690032&r1=2a03%3A1b20%3A6%3A%3A&pd=avt&ui=624ebcad-0000-0000-0000-000000000000&de=43003&dm=300x600&ci=619621&pv=1efb6099-9b13-4528-a1d8-2bbd214d5662&pp=pub-6823977357041013&si=670553357&ac=1040879&r2=&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=http%3A//ancientrome.ru&ui=624ebcad-0000-0000-0000-000000000000&ap=&ti=8544808254849241068&pv=1efb6099-9b13-4528-a1d8-2bbd214d5662&pp=pub-6823977357041013&sr=4&de=43003&si=670553357&dm=300x600&ac=1040879&cr=9690032&ai=215543&c1=9955993&r1=2a03:1b20:6::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.227.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-227-251.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Jan 2022 04:34:29 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.mediamathtag.com/2/2.43.1/ Frame 5904 154 KB
48 KB 39ms
39ms Script
text/javascript 52.212.227.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/2.43.1/main.js

Requested by

Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=http%3A//ancientrome.ru&ui=624ebcad-0000-0000-0000-000000000000&ap=&ti=8544808254849241068&pv=1efb6099-9b13-4528-a1d8-2bbd214d5662&pp=pub-6823977357041013&sr=4&de=43003&si=670553357&dm=300x600&ac=1040879&cr=9690032&ai=215543&c1=9955993&r1=2a03:1b20:6::&r2=&r3=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.212.227.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-227-251.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bfa12779f481d024004ac40f96aa837e671f2b6362ca6b3b84f6edf061825e98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:29 GMT
Content-Encoding: br
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 48454
Expires: Thu, 11 Sep 2053 05:14:41 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 9B00 766 B
874 B 68ms
18ms Script
text/javascript 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=51990298;gdpr=1;gdpr_consent=li;click=https%3A%2F%2Fhal900015.redintelligence.net%2Fc%2Fphqzhpupmark34e%3Ftprde%3D

Requested by

Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=97730800038705903891616011828015&a=e9e8a754

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

32b955dda2a2bfa602c94edbe785be97323df1ef4c3a06cdab5b2f855bb1f0a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 04:34:30 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 559
expires: -1

GET
H/1.1 200
OK viewability Show response
hal900015.redintelligence.net/ Frame 9B00 0
150 B 33ms
12ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/viewability?s=97730800038705903891616011828015&a=efb4e1c8&vb=m
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=97730800038705903891616011828015&a=e9e8a754
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/request_content.php?s=97730800038705903891616011828015&a=e9e8a754
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 04:34:30 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.43.1/619621/AQALl5oHEA0vLp-P/ Frame 5904 0
145 B 27ms
26ms XHR
text/plain 52.212.227.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.43.1/619621/AQALl5oHEA0vLp-P/postback?oz_pl=1&ti=8544808254849241068&ai=215543&c1=9955993&r3=&dt=6196211556140246740000&di=http%3A%2F%2Fancientrome.ru&ap=&sr=4&cr=9690032&r1=2a03%3A1b20%3A6%3A%3A&pd=avt&ui=624ebcad-0000-0000-0000-000000000000&de=43003&dm=300x600&ci=619621&pv=1efb6099-9b13-4528-a1d8-2bbd214d5662&pp=pub-6823977357041013&si=670553357&ac=1040879&r2=&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=http%3A//ancientrome.ru&ui=624ebcad-0000-0000-0000-000000000000&ap=&ti=8544808254849241068&pv=1efb6099-9b13-4528-a1d8-2bbd214d5662&pp=pub-6823977357041013&sr=4&de=43003&si=670553357&dm=300x600&ac=1040879&cr=9690032&ai=215543&c1=9955993&r1=2a03:1b20:6::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.227.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-227-251.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Jan 2022 04:34:29 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 9B00 33 KB
16 KB 80ms
19ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=51990298;gdpr=1;gdpr_consent=li;click=https%3A%2F%2Fhal900015.redintelligence.net%2Fc%2Fphqzhpupmark34e%3Ftprde%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:30 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 04 Jan 2022 07:25:45 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.43.1/619621/AQALl5oHEA0vLp-P/ Frame 5904 0
145 B 43ms
26ms XHR
text/plain 52.212.227.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.43.1/619621/AQALl5oHEA0vLp-P/postback?ti=8544808254849241068&ai=215543&c1=9955993&r3=&dt=6196211556140246740000&di=http%3A%2F%2Fancientrome.ru&ap=&sr=4&cr=9690032&r1=2a03%3A1b20%3A6%3A%3A&pd=avt&ui=624ebcad-0000-0000-0000-000000000000&de=43003&dm=300x600&ci=619621&pv=1efb6099-9b13-4528-a1d8-2bbd214d5662&pp=pub-6823977357041013&si=670553357&ac=1040879&r2=&sid=AQALl5oHEA0vLp-P&oz_sc=73511ed6d43c861fc8135e12&oz_df=1641184470195&oz_l=987&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.43.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.227.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-227-251.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Jan 2022 04:34:29 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK 28d5ffbc-73db-47b9-8f43-85273a120044
https://googleads.g.doubleclick.net/ Frame 1038 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/28d5ffbc-73db-47b9-8f43-85273a120044
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6823977357041013&output=html&h=600&slotname=9748514512&adk=2282830014&adf=2209427468&pi=t.ma~as.9748514512&w=300&lmt=1641184469&psa=0&format=300x600&url=http%3A%2F%2Fancientrome.ru%2F&flash=0&wgl=1&dt=1641184469111&bpp=1&bdt=379&idt=233&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=6616527211461&frm=20&pv=2&ga_vid=1383487822.1641184469&ga_sid=1641184469&ga_hid=2031283866&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31062930&oid=2&pvsid=553686927995087&pem=317&tmod=263&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CenEr%7C&abl=NS&pfx=0&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&xpc=oQyjBhCEz1&p=http%3A//ancientrome.ru&dtd=249
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 9B00 3 KB
2 KB 19ms
18ms Script
text/javascript 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=51990298;gdpr=1;gdpr_consent=li;click=https%3A%2F%2Fhal900015.redintelligence.net%2Fc%2Fphqzhpupmark34e%3Ftprde%3D;js=1;adfxid=1x;4135;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=http%3A%2F%2Fancientrome.ru

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

47c65b292454c37d7a9811ff93023bac3ab86b1630ae7d8522849df61b8c1d20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 04:34:30 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1813
expires: -1

GET
H2 200 /
track.adform.net/jsmetrics/ Frame 9B00 43 B
208 B 17ms
17ms Image
image/gif 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/jsmetrics/?adfserve=22&asset=87&sid=276&rid=10528&cid=33528

Requested by

Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=97730800038705903891616011828015&a=e9e8a754

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:30 GMT
last-modified: Thu, 29 Nov 2018 08:06:42 GMT
server: nginx
etag: "5bff9e12-2b"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
DATA 200
OK truncated
/ Frame 9B00 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 95ms
51ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f059e184ceebb1d6ec8cc17f9c088baeb11d644cc6b2f66515921ba692216ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Jan 2022 04:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8476
x-xss-protection: 0

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.43.1/619621/AQALl5oHEA0vLp-P/ Frame 5904 0
145 B 27ms
27ms XHR
text/plain 52.212.227.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.43.1/619621/AQALl5oHEA0vLp-P/postback?ti=8544808254849241068&ai=215543&c1=9955993&r3=&dt=6196211556140246740000&di=http%3A%2F%2Fancientrome.ru&ap=&sr=4&cr=9690032&r1=2a03%3A1b20%3A6%3A%3A&pd=avt&ui=624ebcad-0000-0000-0000-000000000000&de=43003&dm=300x600&ci=619621&pv=1efb6099-9b13-4528-a1d8-2bbd214d5662&pp=pub-6823977357041013&si=670553357&ac=1040879&r2=&sid=AQALl5oHEA0vLp-P&oz_sc=73511ed6d43c861fc8135e12&oz_df=1641184470350&oz_l=6092&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.43.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.227.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-227-251.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Jan 2022 04:34:29 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 9B00 90 KB
39 KB 31ms
30ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 81ec37f2f154f27cfde29aa4ea92e319fde0efec6444e6d053b76eb12828afc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:30 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 14:23:05 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 04 Jan 2022 07:26:08 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 9B00 35 B
478 B 18ms
18ms Ping
image/gif 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=51990298&csi=vB0B49M4RTNBoh2Uc_G20tg2wm148Z0qi7Adx6ZWHcnZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900015.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 04:34:30 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal900015.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 100ms
50ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Mon, 03 Jan 2022 04:34:30 GMT

GET
H2 200 10664241.js Show response
s1.adform.net/Banners/Elements/Files/160090/10664241/ Frame 37B0 3 KB
1 KB 19ms
19ms Script
application/x-javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664241/10664241.js?ADFassetID=10664241&bv=258

Requested by

Host: ancientrome.ru
URL: http://ancientrome.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a690f1fcff52754b56aa6d27b066ee2111de2e9f3d19a4770cc56bb3d28ba7ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:30 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 08:35:06 GMT
server: nginx
etag: W/"61b705ba-c8a"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
DATA 200
OK truncated Show response
/ Frame 9B70 28 B
28 B Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1623f1d081160d976dd6588373dd6e73e24af9a6ff056a653ebd0fba2f355bcd

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: text/html;charset=utf-8

GET
H2 200 screen.css
s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/ Frame 37B0 1 KB
884 B 19ms
19ms Stylesheet
text/css 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/screen.css

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5b28389dc03cfd208c66dc5653f034f3d040a72efd37f8d7acb31529e1600ed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:30 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 08:35:06 GMT
server: nginx
etag: W/"61b705ba-567"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 37B0 30 KB
13 KB 21ms
21ms Script
application/x-javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:30 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:29 GMT
server: nginx
etag: W/"609e6e91-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 introfill.png
s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/ Frame 37B0 117 B
413 B 22ms
21ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/introfill.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9e9b34f0817548b428e128d5a7551fbc499d01fee0a12d016c323f65b9d4e2fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:30 GMT
last-modified: Mon, 13 Dec 2021 08:35:06 GMT
server: nginx
etag: "61b705ba-75"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 117

GET
H2 200 stoerer.png
s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/ Frame 37B0 18 KB
18 KB 24ms
24ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/stoerer.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

bcd7bf5152e0605db166504df8069ea83e582abc6d52c6c12049d6523845ca2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:30 GMT
last-modified: Mon, 13 Dec 2021 08:35:06 GMT
server: nginx
etag: "61b705ba-4683"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 18051

GET
H2 200 text1.png
s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/ Frame 37B0 10 KB
10 KB 26ms
25ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/text1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e0713699aca94b9d5819e24ac2af25ceaf5f9dc9e3668fdbcdf70afad69b2fa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:30 GMT
last-modified: Mon, 13 Dec 2021 08:35:06 GMT
server: nginx
etag: "61b705ba-2717"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 10007

GET
H2 200 banderole.png
s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/ Frame 37B0 17 KB
17 KB 29ms
28ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/banderole.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a94da9e7347675cfb4bf03d63b6a9afdf57ec0d8563e27dc156a8235d416b007

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:30 GMT
last-modified: Mon, 13 Dec 2021 08:35:06 GMT
server: nginx
etag: "61b705ba-4212"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 16914

GET
H2 200 disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/ Frame 37B0 4 KB
4 KB 29ms
28ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/disclaimer.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

83fad3d0eacad374c4cedc1a20c658d158cb8361a999d6ff07cc9737ce48d94c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:30 GMT
last-modified: Mon, 13 Dec 2021 08:35:06 GMT
server: nginx
etag: "61b705ba-1034"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 4148

GET
H2 200 date.png
s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/ Frame 37B0 3 KB
3 KB 30ms
28ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/date.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6ce820dfefa309b42b44828b75b5c02209f77b6954502f7c768c716eb188b33e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:30 GMT
last-modified: Mon, 13 Dec 2021 08:35:06 GMT
server: nginx
etag: "61b705ba-c56"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 3158

GET
H2 200 cta.png
s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/ Frame 37B0 3 KB
3 KB 37ms
36ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/cta.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8b529950cd70b53d3195c64edd6c5f0f0d57eed73b9bf1ba3500385ef0199ff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:30 GMT
last-modified: Mon, 13 Dec 2021 08:35:06 GMT
server: nginx
etag: "61b705ba-a7b"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2683

GET
H2 200 logostart.png
s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/ Frame 37B0 8 KB
8 KB 37ms
36ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/logostart.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

408f64262d1deb852fea837ac48ef40b1ca92c52f66f741025ad4189bdfc5713

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:30 GMT
last-modified: Mon, 13 Dec 2021 08:35:06 GMT
server: nginx
etag: "61b705ba-1eee"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 7918

GET
H2 200 logo.png
s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/ Frame 37B0 5 KB
6 KB 38ms
37ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/logo.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5ff4e4c8817ae7479cea3cad94dd7afcaa1538403231910b8a58177b0aaa7290

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:30 GMT
last-modified: Mon, 13 Dec 2021 08:35:06 GMT
server: nginx
etag: "61b705ba-1505"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 5381

GET
H2 200 model.jpg
s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/ Frame 37B0 49 KB
49 KB 41ms
40ms Image
image/jpeg 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/model.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0ed44b4d8ee64ffe3e8c854d698d9d4863dafa2f74f17bc23be35c25976995f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:30 GMT
last-modified: Mon, 13 Dec 2021 08:35:06 GMT
server: nginx
etag: "61b705ba-c372"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 50034

GET
H2 200 background.jpg
s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/ Frame 37B0 20 KB
21 KB 50ms
49ms Image
image/jpeg 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/background.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e9882d514bffbd838e05301b208c13fbfdc9d6c39648b41a5a7320b134bf7448

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:30 GMT
last-modified: Mon, 13 Dec 2021 08:35:06 GMT
server: nginx
etag: "61b705ba-51e0"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 20960

GET
H2 200 CSSPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame 37B0 38 KB
14 KB 32ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3575048
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13669
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-9833"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8cVOjxoMqbmbXOh0gSfsbd2IGsjtoFqWy32yppiYz0vfLMExWpNuJdkaMYdf6isWj5XhyCliF7y7Ct%2FuEbchWp71Z7lWSox0E0nTCoSgwIp8ZtALtqNCB4xVdzhVPQgg%2FdFZVJBTpLQQRIMZH28u7hF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c7983dca93205bb-FRA
expires: Sat, 24 Dec 2022 04:34:30 GMT

GET
H2 200 EasePack.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame 37B0 5 KB
2 KB 33ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1135232
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1730
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-146f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwTfAL0U8Q1TR%2Bm7NkIOs0TOCCXeW%2BldoVlirNhmTzO6wcPyI0V4XC5F%2FfF5Dhlb8csrKXKRlBbH6p%2FkigqKVURSiM%2FfskiS1GiC2JmR0kJJX7YOOJcTCoepwm704SyGITcpWz0LN8CRZ5djYBUpj6Im"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c7983dca93305bb-FRA
expires: Sat, 24 Dec 2022 04:34:30 GMT

GET
H2 200 TweenLite.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame 37B0 26 KB
9 KB 33ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4780855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8578
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-697f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JlHfSycDP9m5YM0JfxxNH5nO7EFbmsr%2BTjPHyDedAFZhlwWesbe7BIyidVRsnZulo8YcUDg%2BUyYqfsCbB2BMvZcP8GEtFD16gsWjnOIe%2B%2BXYMnhoQG2Mj0XkFYNu6haxZEcB6lRFOidst9AZ3h6kel31"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c7983dca93405bb-FRA
expires: Sat, 24 Dec 2022 04:34:30 GMT

GET
H2 200 script.js Show response
s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/ Frame 37B0 7 KB
1 KB 50ms
50ms Script
application/x-javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/160090/10664241/bvpath_258/script.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.212/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ea8f10600b8364f8d73d995971cac083e3470cdbf3828cdb0da4ccf3e8035b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:30 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 08:35:06 GMT
server: nginx
etag: W/"61b705ba-1c12"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.43.1/619621/AQALl5oHEA0vLp-P/ Frame 5904 0
145 B 27ms
27ms XHR
text/plain 52.212.227.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.43.1/619621/AQALl5oHEA0vLp-P/postback?ti=8544808254849241068&ai=215543&c1=9955993&r3=&dt=6196211556140246740000&di=http%3A%2F%2Fancientrome.ru&ap=&sr=4&cr=9690032&r1=2a03%3A1b20%3A6%3A%3A&pd=avt&ui=624ebcad-0000-0000-0000-000000000000&de=43003&dm=300x600&ci=619621&pv=1efb6099-9b13-4528-a1d8-2bbd214d5662&pp=pub-6823977357041013&si=670553357&ac=1040879&r2=&sid=AQALl5oHEA0vLp-P&oz_sc=73511ed6d43c861fc8135e12&oz_df=1641184470543&oz_l=5823&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.43.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.227.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-227-251.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Jan 2022 04:34:29 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F291 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Mon, 03 Jan 2022 03:44:15 GMT
expires: Tue, 03 Jan 2023 03:44:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3F42 783 B
534 B 48ms
48ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ae8968bec2e590ea3a8423bde4ccd55ee2656f627d34cd316770c6a02c2f1a24

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Mqpwyy3Fa4XLBInGlLvtTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 03 Jan 2022 04:34:30 GMT
date: Mon, 03 Jan 2022 04:34:30 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Mqpwyy3Fa4XLBInGlLvtTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js Show response
pagead2.googlesyndication.com/bg/ Frame F291 35 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 01 Jan 2022 12:48:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13555
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Jan 2023 12:48:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3F42 0
0 62ms
61ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=553686927995087&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.43.1/619621/AQALl5oHEA0vLp-P/ Frame 5904 0
145 B 27ms
26ms XHR
text/plain 52.212.227.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.43.1/619621/AQALl5oHEA0vLp-P/postback?ti=8544808254849241068&ai=215543&c1=9955993&r3=&dt=6196211556140246740000&di=http%3A%2F%2Fancientrome.ru&ap=&sr=4&cr=9690032&r1=2a03%3A1b20%3A6%3A%3A&pd=avt&ui=624ebcad-0000-0000-0000-000000000000&de=43003&dm=300x600&ci=619621&pv=1efb6099-9b13-4528-a1d8-2bbd214d5662&pp=pub-6823977357041013&si=670553357&ac=1040879&r2=&sid=AQALl5oHEA0vLp-P&oz_sc=73511ed6d43c861fc8135e12&oz_df=1641184470715&oz_l=361&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.43.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.227.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-227-251.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Jan 2022 04:34:29 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=553686927995087&bg=!mZqlmt7NAAZKWFskSlg7ACkAdvg8WhHUGcuM2wmBFMSTWSHNv88AmymTtf4Hm2LqrQzTFjQywMktrQIAAABEUgAAAAhoAQeZAqppS7xbcuvqZqQ1ACt2-KfRhJ0nOVeg8-ZP4VEPOLpuADxALLZx0SdCvn7zovojEBNUD3yQrDtm_3zrGNrPD3ubIRfhuIvxS7SLGHUKSl04XNajCqhXyF5Ze7Kw1ZynxOjKuSylsqOfAzJk2uKCJz-TgtjPmbuaDfsTyEroOi0Vz5AIvvcl49sk1xPGo99VogE92aU_QxGT_guPuB7QBXRGNKlj8xJ5FQyGFUsrWyyNAKqSON8k4xxHYRtdJjrIzHjiTKi0BBl5Af7yxujNRvPrwuA6a5axg921cUAVyxAuUE74WhqXWz18mPMScuonmuqKryWLWyME8HfU1zEwPUDh78mmMNwO1Y6ueR3GFlolULrwzWQQRYzuxQIp8-bOD-opYQ4Qe-NdkYMK-79F9sgRACuYddw1Jlgq_r0jaXag3jjhZ2kbHUnw_hY6d23C6qDsLhqC6oNCzdPobl72pcKICtfeMgY8lec1MuYGuXNleUfoMaxldDxR2H3cz7pVg9f1CrctKtiCr6WBGSGCAGnLmUP9m3K2Di5mMS74W2O1M_Jfm4kFAO96BktlCndJyyCL0KV7435-3ipkPDhnCWH7tejHD39MtLBmPbGU6yun4tyG7Cedj2q-ZLexjqMUKuIqAQmMosIEHkFEGPAQzVQ5vUErV9W7vjZNXxzk4CD7Pkpi_ljm6LSG_epc4NzCOGng3Sm6cqmcL4O534fcFPMPvXc9ubY7Is3SBNhbsXumPdQkQ1HbN3TZpdGfFqiPSmCdeAf34AVQeav3p8lH49N5P6dZaDHSdzsvjmhTQypDxPn8M0M0P2QbRsf7QH8o1QQtGFp57goufJPtnCHRy7OrKVh_BazF9xHo7cGOY2pM2kSjRQNFclv54ZwbGnNufEDywfSdWXezU4bd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 04:34:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK c2dada59-3aaf-47e1-bcb3-8de5977594f6
https://googleads.g.doubleclick.net/ Frame 5904 773 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/c2dada59-3aaf-47e1-bcb3-8de5977594f6
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5aaeab37a6a8698e66682cf5576863ba82b78e6bdf486dd90ba40ed00358856

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 773

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.43.1/619621/AQALl5oHEA0vLp-P/ Frame 5904 0
145 B 27ms
26ms XHR
text/plain 52.212.227.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.43.1/619621/AQALl5oHEA0vLp-P/postback?ti=8544808254849241068&ai=215543&c1=9955993&r3=&dt=6196211556140246740000&di=http%3A%2F%2Fancientrome.ru&ap=&sr=4&cr=9690032&r1=2a03%3A1b20%3A6%3A%3A&pd=avt&ui=624ebcad-0000-0000-0000-000000000000&de=43003&dm=300x600&ci=619621&pv=1efb6099-9b13-4528-a1d8-2bbd214d5662&pp=pub-6823977357041013&si=670553357&ac=1040879&r2=&sid=AQALl5oHEA0vLp-P&oz_sc=73511ed6d43c861fc8135e12&oz_df=1641184470878&oz_l=2740&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.43.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.227.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-227-251.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Jan 2022 04:34:30 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.43.1/619621/AQALl5oHEA0vLp-P/ Frame 5904 0
145 B 27ms
26ms XHR
text/plain 52.212.227.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.43.1/619621/AQALl5oHEA0vLp-P/postback?ti=8544808254849241068&ai=215543&c1=9955993&r3=&dt=6196211556140246740000&di=http%3A%2F%2Fancientrome.ru&ap=&sr=4&cr=9690032&r1=2a03%3A1b20%3A6%3A%3A&pd=avt&ui=624ebcad-0000-0000-0000-000000000000&de=43003&dm=300x600&ci=619621&pv=1efb6099-9b13-4528-a1d8-2bbd214d5662&pp=pub-6823977357041013&si=670553357&ac=1040879&r2=&sid=AQALl5oHEA0vLp-P&oz_sc=73511ed6d43c861fc8135e12&oz_df=1641184471048&oz_l=2407&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.43.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.227.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-227-251.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Jan 2022 04:34:30 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.43.1/619621/AQALl5oHEA0vLp-P/ Frame 5904 0
145 B 27ms
27ms XHR
text/plain 52.212.227.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.43.1/619621/AQALl5oHEA0vLp-P/postback?ti=8544808254849241068&ai=215543&c1=9955993&r3=&dt=6196211556140246740000&di=http%3A%2F%2Fancientrome.ru&ap=&sr=4&cr=9690032&r1=2a03%3A1b20%3A6%3A%3A&pd=avt&ui=624ebcad-0000-0000-0000-000000000000&de=43003&dm=300x600&ci=619621&pv=1efb6099-9b13-4528-a1d8-2bbd214d5662&pp=pub-6823977357041013&si=670553357&ac=1040879&r2=&sid=AQALl5oHEA0vLp-P&oz_sc=73511ed6d43c861fc8135e12&oz_df=1641184471204&oz_l=776&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.43.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.227.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-227-251.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Jan 2022 04:34:30 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2

200

/
www.acint.net/ping/
Redirect Chain

http://www.acint.net/ping/?v=0.4.0&uid=3d1e0efb-d22c-441d-a538-f63dd54650b7&dp=10&tz=%2B00%3A00&nc=88932940&dT=2022-01-03T04%3A34%3A32.171
https://www.acint.net/ping/?v=0.4.0&uid=3d1e0efb-d22c-441d-a538-f63dd54650b7&dp=10&tz=%2B00%3A00&nc=88932940&dT=2022-01-03T04%3A34%3A32.171

43 B
224 B

11ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.4.0&uid=3d1e0efb-d22c-441d-a538-f63dd54650b7&dp=10&tz=%2B00%3A00&nc=88932940&dT=2022-01-03T04%3A34%3A32.171
Protocol: H2
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://ancientrome.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:34:32 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/ping/?v=0.4.0&uid=3d1e0efb-d22c-441d-a538-f63dd54650b7&dp=10&tz=%2B00%3A00&nc=88932940&dT=2022-01-03T04%3A34%3A32.171
Date: Mon, 03 Jan 2022 04:34:32 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

90 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ancientrome.ru/	1970-03-25 15:58:30	Name: ip Value: 185.213.155.176
.ancientrome.ru/	1970-01-20 08:38:40	Name: _ym_uid Value: 1641184469214268818
.ancientrome.ru/	1970-01-20 08:38:40	Name: _ym_d Value: 1641184469
.mc.yandex.com/	1970-01-19 23:53:05	Name: sync_cookie_csrf Value: 1278409673fake
ancientrome.ru/	1978-01-11 21:31:40	Name: fid Value: 7c72e38b-7062-4d7f-b221-c30695fbbe82
.ancientrome.ru/	1970-01-19 23:54:16	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-19 23:53:05	Name: sync_cookie_csrf Value: 750929546fake
.acint.net/	1970-01-19 23:53:05	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWHSfNUEjAVWCytAAgm9dHc76Bd97fHKzPhAtgMgiwWy
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp7v2 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp14v3 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp17 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp32 Value: 1641184469
.acint.net/	1970-01-19 23:54:30	Name: cSyncDp45v3 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp53 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp54v2 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp62 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp67v2 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp68 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp71 Value: 1641184469
.acint.net/	1970-01-20 00:13:14	Name: cSyncDp77 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp84 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp85 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp88 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp95v3 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp101 Value: 1641184469
.acint.net/	1970-01-20 00:13:14	Name: cSyncDp104v2 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp107 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp110 Value: 1641184469
.acint.net/	1970-01-20 00:13:14	Name: cSyncDp111v2 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp112v2 Value: 1641184469
.acint.net/	1970-01-20 00:14:40	Name: cSyncDp125v2 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp126 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp127 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp129 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp136 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp138 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp144 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp146 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp149 Value: 1641184469
.acint.net/	1970-01-20 00:36:16	Name: cSyncDp151 Value: 1641184469
.yandex.com/	1970-01-20 08:38:40	Name: yandexuid Value: 3597291251641184469
.yandex.com/	1970-01-20 08:38:40	Name: yuidss Value: 3597291251641184469
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1272235361641184469
.yandex.com/	1970-01-23 15:29:04	Name: i Value: 9id6tDGYSCiXqmuhyIOe9k8vsEZkvWcnhNpY7W/4VEpRfD4uLnHaTCD6ELgFVBQKeC/cJCeLjNbmXQMJyHas1JXQam4=
.yandex.com/	1970-01-20 08:38:40	Name: ymex Value: 1672720469.yrts.1641184469#1672720469.yrtsi.1641184469
.utraff.com/	1970-01-20 00:36:27	Name: preutid Value: 1
.ancientrome.ru/	1970-01-19 23:53:06	Name: _ym_visorc Value: w
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: fwAAAWHSfNWrwQAT3gWXAikiWMcl3NhktHVodxtu7v6wWDsE
.upravel.com/	1970-01-19 23:53:04	Name: session_tptc Value: 1641184469348
.upravel.com/	1970-01-23 15:29:04	Name: user_id Value: 111911c6-4073-4944-8552-6755732dd7f2
.adhigh.net/	1970-01-20 08:38:40	Name: gi_u Value: 7G2f2Y1dZQI.AikABlF-HjehcA
.mail.ru/	1970-01-20 08:40:06	Name: VID Value: 1vp7s80MefI700000Z16H4I7:::0-0-0-6ecd595:CAASEEqEvo8JNDXQnYL15lKsqVsaYA68iODDXpB5XKR0JLjpHBH2Y3qQBbyDk7IGkyKwJID4F6nZHT7ONdHVczButREoErsTfrSQjVYqC59JzwyrDgubGu8Xu-rnyXb9ss_KGb-S5t7cbDFBZMv2pYWFyOYOzA
.republer.com/	1970-01-20 08:38:40	Name: ruid Value: ffcbd9b8-ff00-4382-af28-7486520955c7
.adhigh.net/	1970-01-20 08:38:40	Name: sape_sync Value: j8l
.adriver.ru/	1970-01-20 17:24:16	Name: cid Value: APE6Ghgx2HBAoqG0MiTbGNg
.1dmp.io/	1970-01-20 08:38:40	Name: uid Value: 70a51a40-6c4e-11ec-ae6b-901b0ea4a41b
.ancientrome.ru/	1970-01-20 09:14:40	Name: __gads Value: ID=53f377b132210797-222b5ece14cd0020:T=1641184469:RT=1641184469:S=ALNI_MadF7UkGvN3Td9JpkLRFgBD8LoYLw
.doubleclick.net/	1970-01-20 09:14:40	Name: IDE Value: AHWqTUls0tGTLIhufjWM8Z1pTbf1aJphWzgi4081hD0-JfO7nyuIxEfm2atsBB0zdGg
.betweendigital.com/	1970-01-20 08:38:40	Name: dc Value: was1
.betweendigital.com/	1970-01-20 08:38:40	Name: ss Value: 1
.adsniper.ru/	1970-01-27 07:05:04	Name: uuid3 Value: IiQ3MGIwNDgzNC02YzRlLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.advarkads.com/	1970-01-20 17:24:16	Name: u Value: EAK8RNxpx0OPURWxNYqoeA
.bumlam.com/	1970-01-27 07:05:04	Name: suuid3 Value: IiQ3MGIwNDgzNC02YzRlLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.relap.io/	1970-01-23 15:29:04	Name: unique Value: ScTdcAU9
.relap.io/	1970-01-23 15:29:04	Name: fsts Value: 1641184469
.relap.io/	1970-01-23 15:29:04	Name: lsts Value: 1641184469
.relap.io/	1969-12-31 23:59:59	Name: suid Value: 46e0f1e0427d7b0f98f3db2cc9ede113fbf4c5ac--b64ba06a7c4f6ddc2d5d12ed43a1df0a4e6f2bf419379c346583bf619dbe9ccc
.relap.io/	1970-01-19 23:54:30	Name: hllc Value: 1
.relap.io/	1970-01-20 08:38:40	Name: rlpsprcs Value: eyJ1aWQiOiIwMTAwMDA3RkQ1N0NEMjYxNTYwNThDMDQwMjQwMkIwQiIsInRzIjoxNjQxMTg0NDY5fQ--ca57070f58ac4f9d14b49fb939febcdf7cde3a3f0b947c500bc20bb29e9189cc
.uuidksinc.net/	1970-01-20 08:38:40	Name: jcsuuid Value: Zm8Y2JPvhNhAf6ivYOg9
.betweendigital.com/	1970-01-20 08:38:40	Name: tuuid Value: 76d2253f-b650-5303-bc67-5ec4ddb52211
.betweendigital.com/	1970-01-20 08:38:40	Name: ut Value: YdJ81QAJpMAYrBv3N0PrZDfn0zZVHd9DJmBSyQ==
.rktch.com/	1970-01-20 00:36:16	Name: b_uid Value: a07b9af05f7a52a05730b630102440f10e80
.mts.ru/	1970-01-20 08:25:42	Name: dspid Value: 58c11045-24a6-4a62-b51c-76b99278e510
.rutarget.ru/	1970-01-20 04:12:16	Name: userId Value: YBu6R5F8kfRs
ssp.bidvol.com/	1970-02-13 20:24:28	Name: bvuid Value: za3v44xm2p
.weborama.fr/	1970-01-20 09:24:45	Name: AFFICHE_W Value: spywKYvGtCey66
.ops.beeline.ru/	1970-01-20 08:25:42	Name: BeeAID Value: 07f652ed-9cbb-4e85-b5f8-25a579c92642
.yandex.ru/	1970-01-23 15:29:04	Name: yuidss Value: 853234331641184469
.yandex.ru/	1970-01-23 15:29:04	Name: yandexuid Value: 853234331641184469
.aidata.io/	1970-01-20 17:24:16	Name: __upin Value: 2SuMky5N29MDH4u1LxHWKg
.aidata.io/	1970-01-20 17:24:16	Name: __upints Value: 1641184469
.doubleclick.net/	1970-01-19 23:53:05	Name: test_cookie Value: CheckForPermission
x01.aidata.io/	1970-01-19 23:57:23	Name: mts Value: 1
.gnezdo.ru/	1970-01-25 20:05:16	Name: uid Value: XV9maWHSfNWhliPcngNEAg==
.mathtag.com/	1970-01-20 08:38:40	Name: uuid Value: 941461d2-7cd5-4b01-b53e-cc8d3eb41bd3
.mts.ru/	1970-01-23 14:17:04	Name: mts_id Value: b4a6ff16-62db-4acd-bffc-6c31612e82b5
.mts.ru/	1970-01-23 14:17:04	Name: mts_id_last_sync Value: 1641184469
.dmg.digitaltarget.ru/	1970-01-21 01:48:16	Name: viuserid Value: zqSZOkhYr0g55aB7ewZN

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://ancientrome.ru/(Line 665) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://an.yandex.ru/system/context.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://ancientrome.ru/(Line 665) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://an.yandex.ru/system/context.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9506.ZdLwxbWJCW7XoCWsIejvGBxnTuMfNmvkietlOhReaXbop7c5_Efp1E9lMXOBtKgcW87uhrUTOOBMeXfPnaiVWg%2C%2C.3o9REQwZZUoUIMX2nWhQA3fkfCI%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://an.yandex.ru/setud/mts_banner/WMEQRSSmSmK1HHa5knjlEA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3D2SuMky5N29MDH4u1LxHWKg&sign=2434464838 Message: Failed to load resource: the server responded with a status of 404 ()
worker	error	URL: blob:https://googleads.g.doubleclick.net/28d5ffbc-73db-47b9-8f43-85273a120044 Message: Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/28d5ffbc-73db-47b9-8f43-85273a120044' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://googleads.g.doubleclick.net/28d5ffbc-73db-47b9-8f43-85273a120044 Message: Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/28d5ffbc-73db-47b9-8f43-85273a120044' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007fd57cd26156058c0402402b0b-sp.ops.beeline.ru
111911c6-4073-4944-8552-6755732dd7f2.sync.upravel.com
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.adlook.me
ads.betweendigital.com
adservice.google.com
adservice.google.de
an.yandex.ru
ancientrome.ru
api.advarkads.com
cdnjs.cloudflare.com
clients1.google.com
cm.g.doubleclick.net
code.jquery.com
cse.google.com
dm-eu.hybrid.ai
dmg.digitaltarget.ru
exchange.buzzoola.com
fcgi4.gnezdo.ru
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900015.redintelligence.net
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
px.adhigh.net
redirect.frontend.weborama.fr
relap.io
s.update.mediamathtag.com
s.uuidksinc.net
s1.adform.net
s3.advarkads.com
sape-sync.rutarget.ru
site.yandex.net
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bestssp.com
ssp.bidvol.com
stat.adlabs.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync.upravel.com
sync3.adsniper.ru
tag.digitaltarget.ru
tags.mathtag.com
tech.rtb.mts.ru
tpc.googlesyndication.com
track.adform.net
ut.rktch.com
www.acint.net
www.google.com
www.googletagservices.com
x01.aidata.io
yastatic.net
109.248.237.36
116.202.236.228
116.202.82.143
138.201.135.164
142.250.184.226
148.251.236.118
148.251.78.49
185.147.80.35
185.15.175.130
185.15.175.147
185.29.132.246
193.232.150.45
194.190.117.93
195.201.243.71
195.209.108.51
2.18.233.201
2001:4de0:ac18::1:a:1b
213.170.65.253
213.87.44.187
216.58.212.130
217.65.2.150
217.66.147.163
23.111.109.220
2606:4700:10::6816:457
2606:4700:20::681a:4db
2606:4700::6810:125e
2a00:1148:db00::17
2a00:1450:4001:803::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:82a::2002
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
31.172.81.159
31.172.81.160
31.220.27.134
35.190.16.14
37.157.2.239
37.157.6.235
37.18.103.16
37.9.245.57
46.4.114.109
5.200.44.34
52.212.227.251
65.108.1.47
80.64.106.148
81.222.128.214
88.99.213.228
89.108.120.76
89.108.97.2
93.95.102.105
94.130.102.164
94.130.13.220
95.163.37.253
95.211.66.35
96.46.186.57
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
03333e8487b65839387c9cdecc9a112b7e41570d728a2ab48c7ed89aab72145f
0a5c8d565ff2094a383ec715b87bc2a787d1913906358159751b7f232c9238c4
0d94ba0f408f83eeb9e0ad6cdf10a05446c311d9816f4acf5aa27638635ead82
0ed44b4d8ee64ffe3e8c854d698d9d4863dafa2f74f17bc23be35c25976995f5
106ccb7fc4f13ebede7aad729095182dadd2fc305750d01c99dfbefc426be17d
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
13478bdce3b05abe223de8fe7aeab8fa7e1c0599adde7b20944739374757ecfb
1623f1d081160d976dd6588373dd6e73e24af9a6ff056a653ebd0fba2f355bcd
1970fec97e8655839cb89c913427124f7c85a08a6280ea26028fd560da252963
1ab4cfef93a4e37bd115bd517767f9c066efa58fe67a50952ad8596a8930dd3f
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1f059e184ceebb1d6ec8cc17f9c088baeb11d644cc6b2f66515921ba692216ab
21e2a89aa806062dc702710197d808cad0376f4b13a9d7650b32907d0adc9527
24a8d0334c4e95b7516a53cd7c2ae6b5dd4bcfaa706729f4ea7ce0d75a89c093
2883eb90e67c7c0a2ff6037de2138b7cba7038bf6f85d01cd2504a71e934792c
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
30d2143e5e0ad4af94bf25a55ea17ac1451f5f8b91ff96dc4a32b4791aaeeab8
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
32b955dda2a2bfa602c94edbe785be97323df1ef4c3a06cdab5b2f855bb1f0a9
34297bbdee19997fa6a9b243bba8d2e0508285147644bee9100aa2dd42dff4ac
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
372dffde99de75a38cffd9e91b3a243fcc2ee27a830ab88828977f3cc445c02e
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
3d71f2e5df370d16157c84edc2261201ea80f022a4506f7f736b0286e6e154c7
408f64262d1deb852fea837ac48ef40b1ca92c52f66f741025ad4189bdfc5713
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
47c65b292454c37d7a9811ff93023bac3ab86b1630ae7d8522849df61b8c1d20
49c6ca26c2e3b18d1ef9f08f6f5eb5d3b26ebf13fd246e717072b9075df6fd2f
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d0bf7d5ca422489033413e60ec49257e7365bba8ff49f0b284aedc5e057dbd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56be483d7176b82d080965721955e9247c6d17ce81d772b02393ae2867afc3a9
56d647ad05efa43da978dfe0f5f90bbc990992d21dceb92b682eafa24d962732
5a73a701a2bb5c002032dd1a8fcb9d073977cc4486d1e4a72f4174bb3a67ba3d
5b28389dc03cfd208c66dc5653f034f3d040a72efd37f8d7acb31529e1600ed9
5ff4e4c8817ae7479cea3cad94dd7afcaa1538403231910b8a58177b0aaa7290
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64a95703173422fa562bbb77f9e3cc619d6fff2032f86a77a7c92c9a42380e7b
6b2385df25640156748d25320c7f27e980535d744f14d2eaa596ca2ef8660a67
6ce820dfefa309b42b44828b75b5c02209f77b6954502f7c768c716eb188b33e
70a0083e92cf715231f7734f0ecf0365c77ec3fdfe97921d75b39afd09871711
725a7d8d1f0b5a207399291b63d6f6082ffe2206edf784db1101e8d3c3e60308
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
81ec37f2f154f27cfde29aa4ea92e319fde0efec6444e6d053b76eb12828afc7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
83fad3d0eacad374c4cedc1a20c658d158cb8361a999d6ff07cc9737ce48d94c
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8b529950cd70b53d3195c64edd6c5f0f0d57eed73b9bf1ba3500385ef0199ff0
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f
9e9b34f0817548b428e128d5a7551fbc499d01fee0a12d016c323f65b9d4e2fd
a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a690f1fcff52754b56aa6d27b066ee2111de2e9f3d19a4770cc56bb3d28ba7ba
a94da9e7347675cfb4bf03d63b6a9afdf57ec0d8563e27dc156a8235d416b007
aa5031349112d5455a60414bef773ca3bc2e895f23290106c8443e9323a3f8ba
ac7a0dc25d42c08d084f913c18056485eb69816c85cddef6495218cd362b1289
ae8968bec2e590ea3a8423bde4ccd55ee2656f627d34cd316770c6a02c2f1a24
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4cb88493b23ebf66e76778662772feb89b18b43a86f273e1f236226a1db0dca
bbbb2e618b91c4b652c76496811c6cf13128e8dd7507d90443853496430fdc5d
bcd7bf5152e0605db166504df8069ea83e582abc6d52c6c12049d6523845ca2f
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bfa12779f481d024004ac40f96aa837e671f2b6362ca6b3b84f6edf061825e98
c1fb50d33478f4e3111fd3e0cbf9049286a2c3f33467eecf2d236b29b6b79771
c644366f2968bf9c12b25aaf2604eb05fd76446c95c3ed6229edf1e19d38137d
cb680dda19a174fc226c8d0df81c04ed7496e9ad226df863f98b6d87b7a9392e
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
cc6c13b0979c38ed7c9c52ba7885cf09f58222a017c4536ee3ddfc5bcac520aa
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf064b2379e5628636e24f5a913249e7177fef995d750900c290206fa2c2a9cc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d524a5362d8ff7b99e09e50ddb42ab81018f788d24a1fc226177f4b09ff3257c
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
df52175a82afa071b5a1fceb149bb96581def8c516708c611f269fb0d4e05fa0
e0713699aca94b9d5819e24ac2af25ceaf5f9dc9e3668fdbcdf70afad69b2fa5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5aaeab37a6a8698e66682cf5576863ba82b78e6bdf486dd90ba40ed00358856
e9882d514bffbd838e05301b208c13fbfdc9d6c39648b41a5a7320b134bf7448
ea3f3506fd8c2077599873ebde7b425c91fff1e1fc2e23328faa550588804092
ea8f10600b8364f8d73d995971cac083e3470cdbf3828cdb0da4ccf3e8035b58
ed36aad4621b3cd4e89eadb45021cedfd2e5dcaf31a04732fe13e5e1d2d33cbc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3cdb06c133499ddedd1539771333e3c66302fe1d73453a1c8d41132dc1555e0
fd55422ffde72e3fea5a615a48dc75bb77bdea7f1b24227e0d3af38d3b4cdd62
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

ancientrome.ru Open in urlscan Pro 213.170.65.253 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

140 Requests

64 %HTTPS

24 %IPv6

49 Domains

64 Subdomains

42 IPs

8 Countries

1578 kBTransfer

3827 kBSize

90 Cookies

2 Outgoing links

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ancientrome.ru Open in urlscan Pro
213.170.65.253 Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

64 %
HTTPS

24 %
IPv6

49
Domains

64
Subdomains

42
IPs

8
Countries

1578 kB
Transfer

3827 kB
Size

90
Cookies

140 HTTP transactions
2 data transactions