flines.ru Open in urlscan Pro
46.254.17.231 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://flines.ru/
Submission: On August 08 via manual (August 8th 2023, 8:21:41 am UTC) from ES — Scanned from ES

Summary HTTP 136 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 40 IPs in 7 countries across 54 domains to perform 136 HTTP transactions. The main IP is 46.254.17.231, located in Moscow, Russian Federation and belongs to EUROBYTE Eurobyte LLC, RU. The main domain is flines.ru.

This is the only time flines.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	46.254.17.231 46.254.17.231	210079 (EUROBYTE ...) (EUROBYTE Eurobyte LLC)
7	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:20:... 2606:4700:20::681a:3c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	95.216.240.254 95.216.240.254	24940 (HETZNER-AS) (HETZNER-AS)
3 4	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
3 24	193.3.184.135 193.3.184.135	50214 (QWARTA) (QWARTA)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
3 11	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2 3	148.251.159.22 148.251.159.22	24940 (HETZNER-AS) (HETZNER-AS)
1 1	159.69.59.100 159.69.59.100	24940 (HETZNER-AS) (HETZNER-AS)
2	138.201.65.68 138.201.65.68	24940 (HETZNER-AS) (HETZNER-AS)
2 2	51.250.21.242 51.250.21.242	200350 (YANDEXCLOUD) (YANDEXCLOUD)
2	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
5 5	142.132.138.213 142.132.138.213	24940 (HETZNER-AS) (HETZNER-AS)
3	2a11:27c0::93 2a11:27c0::93	210756 (EDGECENTE...) (EDGECENTERLLC)
1	95.216.224.48 95.216.224.48	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	136.243.149.224 136.243.149.224	24940 (HETZNER-AS) (HETZNER-AS)
1 1	193.3.184.219 193.3.184.219	50214 (QWARTA) (QWARTA)
2 2	194.190.76.38 194.190.76.38	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	195.209.108.56 195.209.108.56	52007 (ADRIVER-AS) (ADRIVER-AS)
2	81.222.128.214 81.222.128.214	20597 (ELTEL-AS) (ELTEL-AS)
1	2606:4700:303... 2606:4700:3035::ac43:832e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.230.131.21 37.230.131.21	200197 (HYBRID-PO...) (HYBRID-POLAND)
2	185.15.175.145 185.15.175.145	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2 2	148.251.236.118 148.251.236.118	24940 (HETZNER-AS) (HETZNER-AS)
1 1	94.228.127.171 94.228.127.171	9123 (TIMEWEB-AS) (TIMEWEB-AS)
1 1	185.147.80.35 185.147.80.35	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
2 2	212.76.129.182 212.76.129.182	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
1 1	46.243.172.93 46.243.172.93	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
2 2	96.46.183.20 96.46.183.20	7979 (SERVERS-COM) (SERVERS-COM)
1 2	5.200.43.243 5.200.43.243	48096 (ITGRAD) (ITGRAD)
8 8	217.66.147.35 217.66.147.35	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
3 3	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 1	188.72.109.103 188.72.109.103	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
2 2	159.69.142.212 159.69.142.212	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	65.109.65.188 65.109.65.188	24940 (HETZNER-AS) (HETZNER-AS)
1	217.65.2.150 217.65.2.150	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
3 4	89.108.120.68 89.108.120.68	197695 (AS-REG) (AS-REG)
1 2	188.42.105.236 188.42.105.236	7979 (SERVERS-COM) (SERVERS-COM)
2 3	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 3	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	188.120.241.43 188.120.241.43	29182 (RU-JSCIOT) (RU-JSCIOT)
1 3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
3 4	94.130.221.58 94.130.221.58	24940 (HETZNER-AS) (HETZNER-AS)
1 1	23.111.107.44 23.111.107.44	39134 (UNITEDNET) (UNITEDNET)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
3 3	167.235.117.41 167.235.117.41	24940 (HETZNER-AS) (HETZNER-AS)
5 6	185.15.175.174 185.15.175.174	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
3 3	83.222.117.2 83.222.117.2	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	193.106.93.124 193.106.93.124	48614 (ITSOFT-AS) (ITSOFT-AS)
3 3	217.199.220.44 217.199.220.44	61400 (NETRACK-AS) (NETRACK-AS)
1 1	45.9.24.193 45.9.24.193	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
2 2	185.40.31.214 185.40.31.214	61400 (NETRACK-AS) (NETRACK-AS)
1	91.192.150.52 91.192.150.52	42481 (BEGUN-AS) (BEGUN-AS)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2 2	89.108.119.28 89.108.119.28	197695 (AS-REG) (AS-REG)
1	212.76.131.50 212.76.131.50	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
1 1	195.209.108.50 195.209.108.50	52007 (ADRIVER-AS) (ADRIVER-AS)
1 1	195.209.108.49 195.209.108.49	52007 (ADRIVER-AS) (ADRIVER-AS)
2 2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
6	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
136	40

21 46.254.17.231 (Moscow, Russian Federation)

ASN210079 (EUROBYTE Eurobyte LLC, RU)
PTR: hosted-by.ihc.ru

flines.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:3c2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.telderi.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.216.240.254 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.254.240.216.95.clients.your-server.de

am15.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.212.202.52 (Russian Federation) 3 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 193.3.184.135 (Russian Federation) 3 redirects

ASN50214 (QWARTA, RU)
PTR: asrv319.qwarta.ru

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 148.251.159.22 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.22.159.251.148.clients.your-server.de

t02.rbnt.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rbnt.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.59.100 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.100.59.69.159.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.65.68 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.68.65.201.138.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.250.21.242 (Russian Federation) 2 redirects

ASN200350 (YANDEXCLOUD, RU)

x.instreamatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.132.138.213 (Falkenstein, Germany) 5 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.213.138.132.142.clients.your-server.de

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a11:27c0::93 (Russian Federation)

ASN210756 (EDGECENTERLLC, RU)

cdn.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.216.224.48 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.48.224.216.95.clients.your-server.de

b.am15.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.149.224 (Sindelfingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.149.243.136.clients.your-server.de

pixel.vihub.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.vihub.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.3.184.219 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.76.38 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp2.senders.matchtv.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.56 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ev.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.214 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad14.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:832e (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.230.131.21 (Amsterdam, Netherlands)

ASN200197 (HYBRID-POLAND, PL)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.145 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.236.118 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-4.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.228.127.171 (St Petersburg, Russian Federation) 1 redirects

ASN9123 (TIMEWEB-AS, RU)
PTR: da21112.timeweb.ru

s.ccsyncuuid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.147.80.35 (St Petersburg, Russian Federation) 1 redirects

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: ssp2.bestssp.com

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.76.129.182 (Russian Federation) 2 redirects

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

sync.adspend.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.243.172.93 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr17.segmento.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.46.183.20 (United States) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.200.43.243 (Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 217.66.147.35 (St Petersburg, Russian Federation) 8 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-35-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vma.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.87.44.187 (Russian Federation) 3 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.72.109.103 (Sucre, Bolivia, Plurinational State Of) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)

mts-dsp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.69.142.212 (Nuremberg, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.212.142.69.159.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.109.65.188 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.188.65.109.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 89.108.120.68 (Russian Federation) 3 redirects

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.105.236 (Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.158 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.159 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

pix.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.120.241.43 (Russian Federation) 1 redirects

ASN29182 (RU-JSCIOT, RU)
PTR: sync02.platforma.id

977ce116-35c4-11ee-b1da-002590c82437.n4.sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 94.130.221.58 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.58.221.130.94.clients.your-server.de

nr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.107.44 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

cs.agency2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.235.117.41 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.41.117.235.167.clients.your-server.de

sync.programmatica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.15.175.174 (Russian Federation) 5 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 83.222.117.2 (Russian Federation) 3 redirects

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

adx.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.106.93.124 (Russian Federation)

ASN48614 (ITSOFT-AS, RU)

prodmp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.199.220.44 (Russian Federation) 3 redirects

ASN61400 (NETRACK-AS, RU)
PTR: s4.kimberlite.io

kimberlite.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.9.24.193 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr06.segmento.ru

solta-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.40.31.214 (Tula, Russian Federation) 2 redirects

ASN61400 (NETRACK-AS, RU)

sync.dsp.solta.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.150.52 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: sync.rambler.ru

sync.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.28 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.76.131.50 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
PTR: vs25.videonow.ru

sync.videonow.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.209.108.50 (Russian Federation) 1 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.209.108.49 (Russian Federation) 1 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	acint.net 8 redirects www.acint.net — Cisco Umbrella Rank: 32054 acint.net — Cisco Umbrella Rank: 27217	34 KB
21	flines.ru flines.ru	87 KB
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	472 KB
11	mts.ru 11 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 40119 vma.mts.ru — Cisco Umbrella Rank: 42026 tech.rtb.mts.ru — Cisco Umbrella Rank: 46746	7 KB
11	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54	117 KB
8	digitaltarget.ru 5 redirects tag.digitaltarget.ru — Cisco Umbrella Rank: 144757 dmg.digitaltarget.ru — Cisco Umbrella Rank: 23315	23 KB
7	bumlam.com 5 redirects sync.bumlam.com — Cisco Umbrella Rank: 4316 pix.bumlam.com — Cisco Umbrella Rank: 100295 977ce116-35c4-11ee-b1da-002590c82437.n4.sync.bumlam.com	4 KB
7	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1192 www.googleadservices.com — Cisco Umbrella Rank: 166	602 B
7	am15.net am15.net — Cisco Umbrella Rank: 695409 b.am15.net	14 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	109 KB
6	aidata.io 5 redirects x01.aidata.io — Cisco Umbrella Rank: 15563	3 KB
6	adriver.ru 4 redirects ev.adriver.ru — Cisco Umbrella Rank: 39914 ssp.adriver.ru — Cisco Umbrella Rank: 29429 ad.adriver.ru — Cisco Umbrella Rank: 23577	3 KB
5	adlook.me 1 redirects cdn.adlook.me — Cisco Umbrella Rank: 110107 ads.adlook.me — Cisco Umbrella Rank: 31515	26 KB
4	bidderstack.com 3 redirects nr.bidderstack.com — Cisco Umbrella Rank: 42086	2 KB
4	vihub.ru pixel.vihub.ru — Cisco Umbrella Rank: 984646 dmp.vihub.ru — Cisco Umbrella Rank: 221488	11 KB
4	mail.ru ad.mail.ru — Cisco Umbrella Rank: 11423 top-fwz1.mail.ru — Cisco Umbrella Rank: 10874	3 KB
4	yadro.ru 3 redirects counter.yadro.ru — Cisco Umbrella Rank: 11699	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	169 KB
3	kimberlite.io 3 redirects kimberlite.io — Cisco Umbrella Rank: 36060	2 KB
3	com.ru 3 redirects adx.com.ru — Cisco Umbrella Rank: 40444	866 B
3	programmatica.com 3 redirects sync.programmatica.com — Cisco Umbrella Rank: 117073	761 B
3	yandex.ru 1 redirects an.yandex.ru — Cisco Umbrella Rank: 5381	840 B
3	rutarget.ru 3 redirects sape-sync.rutarget.ru — Cisco Umbrella Rank: 201413 mts-dsp-sync.rutarget.ru — Cisco Umbrella Rank: 80219 solta-sync.rutarget.ru — Cisco Umbrella Rank: 60124	1 KB
3	otm-r.com 1 redirects sync.dmp.otm-r.com — Cisco Umbrella Rank: 25900	353 B
3	rbnt.org 2 redirects t02.rbnt.org rbnt.org — Cisco Umbrella Rank: 526987	2 KB
2	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3	304 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	2 KB
2	solta.io 2 redirects sync.dsp.solta.io — Cisco Umbrella Rank: 55588	444 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 14404	718 B
2	gonet-ads.com 1 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 27563	557 B
2	buzzoola.com 2 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 22433	429 B
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1762	1 KB
2	adspend.space 2 redirects sync.adspend.space — Cisco Umbrella Rank: 53551	777 B
2	upravel.com 2 redirects sync.upravel.com — Cisco Umbrella Rank: 42104	1 KB
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 21188	827 B
2	instreamatic.com 2 redirects x.instreamatic.com — Cisco Umbrella Rank: 302324	597 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 55	17 KB
2	telderi.ru 1 redirects www.telderi.ru	751 B
1	videonow.ru sync.videonow.ru — Cisco Umbrella Rank: 188537	370 B
1	rambler.ru sync.rambler.ru — Cisco Umbrella Rank: 52013	172 B
1	prodmp.ru prodmp.ru — Cisco Umbrella Rank: 51887	229 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1695	160 B
1	agency2.ru 1 redirects cs.agency2.ru — Cisco Umbrella Rank: 135203	753 B
1	new-programmatic.com match.new-programmatic.com — Cisco Umbrella Rank: 42831	215 B
1	bidvol.com 1 redirects ssp.bidvol.com — Cisco Umbrella Rank: 37778	483 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 12134	208 B
1	bestssp.com 1 redirects ssp.bestssp.com — Cisco Umbrella Rank: 56706	169 B
1	ccsyncuuid.net 1 redirects s.ccsyncuuid.net — Cisco Umbrella Rank: 157846	197 B
1	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 9402	281 B
1	utraff.com a.utraff.com — Cisco Umbrella Rank: 48014	773 B
1	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 32003	633 B
0	1dmp.io Failed sync.1dmp.io Failed
0	ohmy.bid Failed match.ohmy.bid Failed
0	weborama.io Failed static.weborama.io Failed
136	54

	Domain	Requested by
24	www.acint.net	8 redirects flines.ru www.acint.net
21	flines.ru	flines.ru
13	tpc.googlesyndication.com	googleads.g.doubleclick.net
11	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
7	pagead2.googlesyndication.com	flines.ru pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
6	www.googleadservices.com	googleads.g.doubleclick.net flines.ru
6	dmg.digitaltarget.ru	5 redirects www.acint.net
6	x01.aidata.io	5 redirects www.acint.net
6	am15.net	flines.ru am15.net
5	vma.mts.ru	5 redirects
5	acint.net	www.acint.net
4	fonts.gstatic.com	fonts.googleapis.com
4	nr.bidderstack.com	3 redirects www.acint.net
4	counter.yadro.ru	3 redirects flines.ru
3	www.googletagservices.com	googleads.g.doubleclick.net
3	dmp.vihub.ru	pixel.vihub.ru am15.net
3	kimberlite.io	3 redirects
3	adx.com.ru	3 redirects
3	sync.programmatica.com	3 redirects
3	an.yandex.ru	1 redirects www.acint.net
3	pix.bumlam.com	2 redirects www.acint.net
3	sync.bumlam.com	2 redirects www.acint.net
3	tech.rtb.mts.ru	3 redirects
3	sm.rtb.mts.ru	3 redirects
3	cdn.adlook.me	am15.net cdn.adlook.me
3	sync.dmp.otm-r.com	1 redirects am15.net www.acint.net
2	top-fwz1.mail.ru	www.acint.net
2	www.google.com	2 redirects
2	ad.adriver.ru	2 redirects
2	www.gstatic.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	sync.dsp.solta.io	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	sync.gonet-ads.com	1 redirects www.acint.net
2	exchange.buzzoola.com	2 redirects
2	ads.adlook.me	1 redirects cdn.adlook.me
2	ads.betweendigital.com	2 redirects
2	sync.adspend.space	2 redirects
2	sync.upravel.com	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	ssp.adriver.ru	www.acint.net
2	ev.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	ad.mail.ru	am15.net www.acint.net
2	x.instreamatic.com	2 redirects
2	rbnt.org	1 redirects am15.net
2	www.google-analytics.com	flines.ru
2	www.telderi.ru	1 redirects flines.ru
1	sync.videonow.ru	am15.net
1	sync.rambler.ru	www.acint.net
1	solta-sync.rutarget.ru	1 redirects
1	prodmp.ru	www.acint.net
1	sync.adkernel.com	www.acint.net
1	cs.agency2.ru	1 redirects
1	977ce116-35c4-11ee-b1da-002590c82437.n4.sync.bumlam.com	1 redirects
1	match.new-programmatic.com	www.acint.net
1	ssp.bidvol.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	mts-dsp-sync.rutarget.ru	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	ssp.bestssp.com	1 redirects
1	s.ccsyncuuid.net	1 redirects
1	dm-eu.hybrid.ai	www.acint.net
1	a.utraff.com	www.acint.net
1	ssp-rtb.sape.ru	1 redirects
1	pixel.vihub.ru	am15.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	b.am15.net	am15.net
1	t02.rbnt.org	1 redirects
0	sync.1dmp.io Failed	am15.net
0	match.ohmy.bid Failed	www.acint.net
0	static.weborama.io Failed	am15.net
136	72

This site contains links to these domains. Also see Links.

Domain
www.telderi.ru
zoom.sale
curandero.ru
invisible-doors.ru
gksod.ru

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.acint.net R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.adlook.me AlphaSSL CA - SHA256 - G4	`2023-06-06` - `2024-07-07`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
utraff.com GTS CA 1P5	`2023-06-16` - `2023-09-14`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
*.digitaltarget.ru R3	`2023-06-15` - `2023-09-13`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G4	`2023-06-19` - `2024-07-20`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-03-07` - `2024-04-07`	a year	crt.sh
ad.ad-blast.ru R3	`2023-07-11` - `2023-10-09`	3 months	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
sync.rambler.ru R3	`2023-07-16` - `2023-10-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 15 frames:

Primary Page: http://flines.ru/
Frame ID: AB646185BB27E056284C550E5120EF00
Requests: 37 HTTP requests in this frame

Frame: http://am15.net/x/uid.php?rand=1838328910&uid=dAfK8Zw
Frame ID: 144A9EC1BBBF9FFC846A0F79943FA576
Requests: 1 HTTP requests in this frame

Frame: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbDyI_x293n&s=39052&t=bn&rand=955754893
Frame ID: 3B0580F0DBDD0FE04C4EFD43D0DB4923
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230803/r20190131/zrt_lookup.html
Frame ID: A224C1848B67A3915AA26DF3B4E393DE
Requests: 1 HTTP requests in this frame

Frame: http://am15.net/ssp/banner?upst=j9ouyBm.sBbDyI_x293n&bid=be3cc12b-905d-4f0a-8a1a-6cb8a17609d8
Frame ID: 0C7A4E202BCD5D9F8CD6A60C7D4A74C2
Requests: 5 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: 13F5A3BDC2FEAFF0A4DF2AB180E6A5A9
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1462358152931030&output=html&h=90&slotname=3958875260&adk=3102626627&adf=3135236955&pi=t.ma~as.3958875260&w=728&lmt=1691482893&url=http%3A%2F%2Fflines.ru%2F&wgl=1&dt=1691482894962&bpp=16&bdt=436&idt=532&shv=r20230803&mjsv=m202308020101&ptt=5&saldr=sa&abxe=1&correlator=5659033326546&frm=20&pv=2&ga_vid=1815878899.1691482895&ga_sid=1691482895&ga_hid=765523353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31076511%2C31076686%2C31076688&oid=2&pvsid=2172235896029367&tmod=183745331&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=gyWO2tnR8J&p=http%3A//flines.ru&dtd=546
Frame ID: D3EF2333EFF716152929AC661628CB96
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1462358152931030&output=html&h=600&slotname=8520186874&adk=1604639398&adf=3459201735&pi=t.ma~as.8520186874&w=160&lmt=1691482893&format=160x600&url=http%3A%2F%2Fflines.ru%2F&wgl=1&dt=1691482895146&bpp=2&bdt=620&idt=370&shv=r20230803&mjsv=m202308020101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3958875260&correlator=5659033326546&frm=20&pv=1&ga_vid=1815878899.1691482895&ga_sid=1691482895&ga_hid=765523353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1356&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31076511%2C31076686%2C31076688&oid=2&pvsid=2172235896029367&tmod=183745331&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=AUuITisSzs&p=http%3A//flines.ru&dtd=373
Frame ID: 0285B94B9D5EE15AA4114F2E17E090C8
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1462358152931030&output=html&h=200&slotname=4361553359&adk=883275230&adf=1422343706&pi=t.ma~as.4361553359&w=200&lmt=1691482893&format=200x200&url=http%3A%2F%2Fflines.ru%2F&wgl=1&dt=1691482895148&bpp=2&bdt=622&idt=373&shv=r20230803&mjsv=m202308020101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&prev_slotnames=3958875260&correlator=5659033326546&frm=20&pv=1&ga_vid=1815878899.1691482895&ga_sid=1691482895&ga_hid=765523353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=66&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31076511%2C31076686%2C31076688&oid=2&pvsid=2172235896029367&tmod=183745331&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=pVcMkWPVSk&p=http%3A//flines.ru&dtd=376
Frame ID: 7F49BAD01C1DC83D327A97D90A87CB9F
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2BAE45F670ADDF0CA15DCAFF5204F721
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DB300C8CB14308A0969421C709E3919E
Requests: 2 HTTP requests in this frame

Frame: https://cdn.adlook.me/u/cds.html
Frame ID: 01E1A65697F8D66AC702D8A0838D9725
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js
Frame ID: 899E18AC228F53F402B46500D6934264
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js
Frame ID: 41A4B8E652C65C746492426EE50AAE33
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js
Frame ID: CA423B8786096E3F40CA72D1AEFF203B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Линейки для форумов, линеечки на рабочий стол

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

<(?:link|style)[^>]+"/sites/(?:default|all)/(?:themes|modules)/
drupal\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Liveinternet (Analytics) Expand

Overall confidence: 100%
Detected patterns

<script[^<>]*>[^]{0,128}?src\s*=\s*['"]//counter\.yadro\.ru/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

136
Requests

42 %
HTTPS

22 %
IPv6

54
Domains

72
Subdomains

40
IPs

7
Countries

1084 kB
Transfer

2424 kB
Size

95
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.telderi.ru/ru/viewsite/755011/pid/b5af15

Search URL Search Domain Scan URL

URL: http://zoom.sale/
Title: отбеливание zoom 4

Search URL Search Domain Scan URL

URL: https://curandero.ru/
Title: рапэ

Search URL Search Domain Scan URL

URL: http://invisible-doors.ru/
Title: двери скрытого монтажа

Search URL Search Domain Scan URL

URL: https://gksod.ru/refinansirovanie-kredita-s-plohoy-kreditnoy-istoriey
Title: рефинансирование кредитов с плохой кредитной историей

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

http://www.telderi.ru/uploads/promote/33/33f41ae461f1ea2e92597f884fdb0ca3.png HTTP 301
https://www.telderi.ru/uploads/promote/33/33f41ae461f1ea2e92597f884fdb0ca3.png

Request Chain 19

http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//flines.ru/;0.999838293627433 HTTP 302
https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//flines.ru/;0.999838293627433 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//flines.ru/;0.999838293627433

Request Chain 31

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 33

http://t02.rbnt.org/rsc.php?mode=bu&pkey=4ac0e82e6c07f71ddb00a3d567c38488&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=39052 HTTP 301
https://rbnt.org/rsc.php?mode=bu&pkey=4ac0e82e6c07f71ddb00a3d567c38488&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=39052 HTTP 302
https://rbnt.org/rsc.php?mode=bu&pkey=4ac0e82e6c07f71ddb00a3d567c38488&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=39052&csc=1

Request Chain 34

http://sync.dmp.otm-r.com/match/aotm.js HTTP 301
https://sync.dmp.otm-r.com/match/aotm.js

Request Chain 35

http://x.instreamatic.com/v2/mark/787.gif HTTP 307
https://x.instreamatic.com/v2/mark/787.gif HTTP 302
https://ad.mail.ru/cm.gif?p=66&id=0d90baee0102150a

Request Chain 37

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1145967978&utmhn=flines.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9B%D0%B8%D0%BD%D0%B5%D0%B9%D0%BA%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D1%84%D0%BE%D1%80%D1%83%D0%BC%D0%BE%D0%B2%2C%20%D0%BB%D0%B8%D0%BD%D0%B5%D0%B5%D1%87%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B8%D0%B9%20%D1%81%D1%82%D0%BE%D0%BB&utmhid=765523353&utmr=-&utmp=%2F&utmht=1691482895290&utmac=UA-11493876-1&utmcc=__utma%3D162415467.1815878899.1691482895.1691482895.1691482895.1%3B%2B__utmz%3D162415467.1691482895.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1560230439&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1145967978&utmhn=flines.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9B%D0%B8%D0%BD%D0%B5%D0%B9%D0%BA%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D1%84%D0%BE%D1%80%D1%83%D0%BC%D0%BE%D0%B2%2C%20%D0%BB%D0%B8%D0%BD%D0%B5%D0%B5%D1%87%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B8%D0%B9%20%D1%81%D1%82%D0%BE%D0%BB&utmhid=765523353&utmr=-&utmp=%2F&utmht=1691482895290&utmac=UA-11493876-1&utmcc=__utma%3D162415467.1815878899.1691482895.1691482895.1691482895.1%3B%2B__utmz%3D162415467.1691482895.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1560230439&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 38

http://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10&tc=1

Request Chain 39

http://www.acint.net/oci.js?t=1691482895338 HTTP 302
https://www.acint.net/oci.js?t=1691482895338

Request Chain 40

http://www.acint.net/hit/?v=0.6.0&uid=175e8b84-cb7b-4eb7-bd41-f80870c26211&dp=10&tz=%2B00%3A00&nc=366398&u=http%3A%2F%2Fflines.ru%2F&r=&rs=1600x1200&t=%D0%9B%D0%B8%D0%BD%D0%B5%D0%B9%D0%BA%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D1%84%D0%BE%D1%80%D1%83%D0%BC%D0%BE%D0%B2%2C%20%D0%BB%D0%B8%D0%BD%D0%B5%D0%B5%D1%87%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B8%D0%B9%20%D1%81%D1%82%D0%BE%D0%BB&oE=1&oP=1&dT=2023-08-08T08%3A21%3A35.333&fu=1f4e0db9-5ed3-4849-b379-7e789c860501 HTTP 302
https://www.acint.net/hit/?v=0.6.0&uid=175e8b84-cb7b-4eb7-bd41-f80870c26211&dp=10&tz=%2B00%3A00&nc=366398&u=http%3A%2F%2Fflines.ru%2F&r=&rs=1600x1200&t=%D0%9B%D0%B8%D0%BD%D0%B5%D0%B9%D0%BA%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D1%84%D0%BE%D1%80%D1%83%D0%BC%D0%BE%D0%B2%2C%20%D0%BB%D0%B8%D0%BD%D0%B5%D0%B5%D1%87%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B8%D0%B9%20%D1%81%D1%82%D0%BE%D0%BB&oE=1&oP=1&dT=2023-08-08T08%3A21%3A35.333&fu=1f4e0db9-5ed3-4849-b379-7e789c860501

Request Chain 47

http://www.acint.net/oci/?v=0.6.0&uid=175e8b84-cb7b-4eb7-bd41-f80870c26211&dp=10&tz=%2B00%3A00&nc=822739&oid=e918f97047bc11db082c82b419bbe7ba HTTP 302
https://www.acint.net/oci/?v=0.6.0&uid=175e8b84-cb7b-4eb7-bd41-f80870c26211&dp=10&tz=%2B00%3A00&nc=822739&oid=e918f97047bc11db082c82b419bbe7ba

Request Chain 50

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=C7B803C10FFBD164B600069B02C4E88E

Request Chain 51

https://px.adhigh.net/p/cm/sape?u=1503420A0FFBD164211E941F0208C2A7 HTTP 302
https://px.adhigh.net/p/cm/sape?u=1503420A0FFBD164211E941F0208C2A7&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=LrOcGr0WDwm.AikABlGJ1Dy2Rg

Request Chain 52

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4510180606 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=ASekpCcqH69Vd92haq5ki6g&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1503420A0FFBD164211E941F0208C2A7

Request Chain 57

https://sync.upravel.com/sape/sync HTTP 302
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP 302
https://www.acint.net/match?dp=71&euid=41393fcc-04b4-4328-bb42-8c63dbb0336e

Request Chain 58

https://s.ccsyncuuid.net/match/5/?remote_uid=1503420A0FFBD164211E941F0208C2A7 HTTP 302
https://acint.net/match?dp=80&euid=sQycoa6SJ69Jojhs7dtj

Request Chain 60

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP 302
https://www.acint.net/match?dp=95&euid=BMCRBXCN

Request Chain 61

https://sync.adspend.space/sape?uid=1503420A0FFBD164211E941F0208C2A7 HTTP 302
https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D80de8f1f-46e6-4260-acd0-f9e9d0c3b3d1 HTTP 302
https://www.acint.net/match?dp=98&euid=80de8f1f-46e6-4260-acd0-f9e9d0c3b3d1

Request Chain 62

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=Ba2SUuCLdSJa

Request Chain 63

https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=1503420A0FFBD164211E941F0208C2A7&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=1503420A0FFBD164211E941F0208C2A7&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1&rts=-8154574506560267616 HTTP 302
https://acint.net/match?dp=107&euid=b2dbdd81-d6f3-53dc-afd6-0693cb07fd83

Request Chain 64

https://ads.adlook.me/csync?pid=sape&uid=1503420A0FFBD164211E941F0208C2A7&url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=ad7a366ce0c34de0a993df056b8bbc6d

Request Chain 65

https://sm.rtb.mts.ru/p?ssp=sape&id=1503420A0FFBD164211E941F0208C2A7 HTTP 301
https://vma.mts.ru/match/second?ssp=30&exu=1503420A0FFBD164211E941F0208C2A7 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=6f0c6979-db94-4a1d-930a-436df05ca88a&return_url=https%3A%2F%2Fmts-dsp-sync.rutarget.ru%2Fsync%3Fcallback_url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D30%2526em%253D3%2526ssp%253Dsegmento%2526id%253D%2524%257BRUTARGET_VISITOR_ID%257D HTTP 302
https://mts-dsp-sync.rutarget.ru/sync?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D30%26em%3D3%26ssp%3Dsegmento%26id%3D%24%7BRUTARGET_VISITOR_ID%7D HTTP 302
https://vma.mts.ru/em?next=30&em=3&ssp=segmento&id=Ba2SUuCLdSJa HTTP 301
https://www.acint.net/match?dp=125&euid=6f0c6979-db94-4a1d-930a-436df05ca88a

Request Chain 66

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=92d56e27-87eb-412c-7d7c-2cd5356ba479

Request Chain 67

https://s.uuidksinc.net/match/396/?remote_uid=1503420A0FFBD164211E941F0208C2A7 HTTP 302
https://www.acint.net/match?dp=127&euid=Bj7Ghqur0MGyVilQuPod

Request Chain 68

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=ys9tl5cz01

Request Chain 70

https://x01.aidata.io/0.gif?pid=9401454&id=1503420A0FFBD164211E941F0208C2A7 HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=1503420A0FFBD164211E941F0208C2A7&bounce=1 HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=EC369CAC5FB5724C9D31&back=STOP

Request Chain 71

https://sync.gonet-ads.com/match/sape.js?id=1503420A0FFBD164211E941F0208C2A7 HTTP 302
https://sync.gonet-ads.com/match/sape.js?id=1503420A0FFBD164211E941F0208C2A7&chk=1

Request Chain 72

https://sync.bumlam.com/?src=sap1&uid=1503420A0FFBD164211E941F0208C2A7 HTTP 302
https://sync.bumlam.com/?src=sap1&s_data=CAIQARiQ9semBmIgMTUwMzQyMEEwRkZCRDE2NDIxMUU5NDFGMDIwOEMyQTeiARCXfOEWNcQR7rHaACWQyCQ3

Request Chain 73

https://pix.bumlam.com/sync/sape/check?sspuid=1503420A0FFBD164211E941F0208C2A7 HTTP 302
https://sync.bumlam.com/?src=sape HTTP 302
https://pix.bumlam.com/sync/sape/sync_ok?guid=977ce116-35c4-11ee-b1da-002590c82437 HTTP 302
https://977ce116-35c4-11ee-b1da-002590c82437.n4.sync.bumlam.com/?src=sape HTTP 302
https://pix.bumlam.com/sync/sape/done

Request Chain 74

https://an.yandex.ru/mapuid/sapeis/1503420A0FFBD164211E941F0208C2A7 HTTP 302
https://an.yandex.ru/mapuid/sapeis/1503420A0FFBD164211E941F0208C2A7?redir-setuniq=1

Request Chain 75

https://nr.bidderstack.com/sape/cm?user_id=1503420A0FFBD164211E941F0208C2A7 HTTP 302
https://nr.bidderstack.com/sape/cm?user_id=1503420A0FFBD164211E941F0208C2A7&pupa=1 HTTP 302
https://sm.rtb.mts.ru/p?ssp=hyper&id=35aea82e-b97f-81ba-10e9-a5448dd2cdc3 HTTP 301
https://vma.mts.ru/match/second?ssp=15&exu=35aea82e-b97f-81ba-10e9-a5448dd2cdc3 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=6f0c6979-db94-4a1d-930a-436df05ca88a&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D15%2526em%253D2%2526ssp%253Daidata%2526id%253D%2524UID HTTP 302
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D15%26em%3D2%26ssp%3Daidata%26id%3D%24UID HTTP 302
https://vma.mts.ru/em?next=15&em=2&ssp=aidata&id=69xbgmtCo0m78DavYMOVRA HTTP 301
https://nr.bidderstack.com/mts/cm?user_id=6f0c6979-db94-4a1d-930a-436df05ca88a HTTP 302
https://nr.bidderstack.com/mts/cm?user_id=6f0c6979-db94-4a1d-930a-436df05ca88a&pupa=1

Request Chain 76

https://cs.agency2.ru/p?ssp=sp&uid=1503420A0FFBD164211E941F0208C2A7 HTTP 301
https://www.acint.net/match?dp=186&euid=74426a30-d662-43e5-903f-a93ccc70a78e

Request Chain 79

https://sync.programmatica.com/match/01 HTTP 302
https://sync.programmatica.com/match/01?chk=1 HTTP 302
https://www.acint.net/rmatch?dp=235&euid=NjBjM2RhYmU2OTk3ZjUxNg&r=https%3A%2F%2Fsync.programmatica.com%2Fmatch%2F01%3Fid%3D%24%7BUSER_ID%7D%26fp%3D1642882560 HTTP 302
https://sync.programmatica.com/match/01?id=1503420A0FFBD164211E941F0208C2A7&fp=1642882560 HTTP 302
https://dmg.digitaltarget.ru/1/7536/i/i?a=1051&e=NjBjM2RhYmU2OTk3ZjUxNg&i=1kbvyin3v3i7c HTTP 307
https://dmg.digitaltarget.ru/awg/custom/7536/i/i?call_source=awg&ts=1691482897528&a=1051&e=NjBjM2RhYmU2OTk3ZjUxNg&i=1kbvyin3v3i7c

Request Chain 80

https://adx.com.ru/sape-sync?uid=1503420A0FFBD164211E941F0208C2A7 HTTP 302
https://adx.com.ru/sync?sspKey=25&sspUserID=1503420A0FFBD164211E941F0208C2A7 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D64d1fb11d41e060001184f86%2526r%253D%26webouid%3D{WEBO_CID} HTTP 307
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D64d1fb11d41e060001184f86%2526r%253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=2315010243 HTTP 302
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D64d1fb11d41e060001184f86%26r%3D&webouid=TbJZnKUJx9UrOjvxgcGSvu HTTP 302
https://prodmp.ru/yabbi.gif?uid=64d1fb11d41e060001184f86&r=

Request Chain 81

https://kimberlite.io/rtb/sync/sape2?u=1503420A0FFBD164211E941F0208C2A7 HTTP 307
https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbuzzoola%3Fu%3D%24%7BUUID%7D%26f%3Dhttps%253A%252F%252Fwww.acint.net%252Fmatch%253Fdp%253D243%2526euid%253DZNH7EaymJw0%26n%3D1 HTTP 301
https://kimberlite.io/rtb/sync/buzzoola?u=48d26137-c9e6-4e53-4da7-605d9c319ee6&f=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D243%26euid%3DZNH7EaymJw0&n=1 HTTP 307
https://solta-sync.rutarget.ru/sync HTTP 302
https://kimberlite.io/rtb/sync/segmento?u=Ba2SUuCLdSJa HTTP 307
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZNH7EaymJw0 HTTP 301
https://vma.mts.ru/match/second?ssp=59&exu=ZNH7EaymJw0 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=6f0c6979-db94-4a1d-930a-436df05ca88a&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FbwxpeduUSh2TCkNt8Fyoig%3Flocation%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59%2526em%253D0%26sign%3D762712589 HTTP 302
https://an.yandex.ru/setud/mts_banner/bwxpeduUSh2TCkNt8Fyoig?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=762712589

Request Chain 82

https://sync.dsp.solta.io/match/sape?id=1503420A0FFBD164211E941F0208C2A7 HTTP 302
https://sync.dsp.solta.io/match/sape?id=1503420A0FFBD164211E941F0208C2A7&chk=1 HTTP 302
https://www.acint.net/match?dp=260&euid=NzRiN2FhMzY4ODFmYTBkMA

Request Chain 94

http://x01.aidata.io/0.gif?pid=VIHUB&id=5998a725-8e67-4027-b4c3-7beba71f53d9 HTTP 302
http://x01.aidata.io/0.gif?pid=VIHUB&id=5998a725-8e67-4027-b4c3-7beba71f53d9&bounce=1 HTTP 302
http://dmp.vihub.ru/match?sysid=ai&redir=no&uid=

Request Chain 97

http://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=5998a725-8e67-4027-b4c3-7beba71f53d9 HTTP 301
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=5998a725-8e67-4027-b4c3-7beba71f53d9 HTTP 302
https://dmp.vihub.ru/match?sysid=adr&redir=no&uid=ASekpCcqH69Vd92haq5ki6g

Request Chain 98

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 107

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 120

https://googleads.g.doubleclick.net/pagead/adview?ai=C5Z5eD_vRZMaOKaWptOUPurWdmArRkszjcdnB88mlEWQQASDhl6cKYNW11wKgAY7k2foCyAEJqQJrP7mK22uyPqgDAcgDywSqBOsBT9DlVJLMofHcUdlj5p1trtm46fwNoLDa8CM7XUOmJBmq4RLn4Y78DoqpgjlzT0HroEf02RouxQyG2lxr79fqzxT4-QbfsFUDdTGGRAowX71Qm2KObHesU6deOvhj4SaU5s8c-Dcyx7gqyLOR6JOsjPEkwaSx61HajDQYR8onAz-iAYHnuLvgSfkQ_fJxYK2-D6OeZDgBuV_YPGu47VIZckNACx8tLby186o7BDC9YS0ddMC7S5Z1TW-rY_86O9Un0AqO7PbTgPf5LJytotbiBlD1bJw9XnowzXEKSo1GCJ7nz3-MuAR-1SCJV8AEjYzDitUBkgUECAQYAZIFBAgFGASgBi6AB9qbpoUBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ2dsB0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJG2h0dHBzOi8vd3d3LnRhbWF5b3ljaWEuY29tL4AKAcgLAaIMCCoGCgTDsLECuBPkA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi0xNDYyMzU4MTUyOTMxMDMwGAA&sigh=Bvmtk_QM2wI&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWQceDXrA9f2j2pJ75U_r6-hQTUcg_-xgB&template_id=484&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211541977589356011671%22,%22debug_reporting%22:true,%22destination%22:%22https://tamayoycia.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22794194446%22],%224%22:[%2208-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22521989245959989057%22}&andc=true

Request Chain 127

https://googleads.g.doubleclick.net/pagead/adview?ai=CU4ZBD_vRZMnXKJeRtOUPwrGyqA3NxMqHco2H5PPGEdSEu_uaAhABIOGXpwpg1bXXAqAB75f2vwPIAQKpAlzoT7uFcLI-qAMByAPJBKoEvQFP0Kl7sispCHLW17O8cdy43GRy4hmnzQmNC8qMIhhAbPM5njMmRwrDEsTc1j6FkSIHCDFNvNakz0VsYe0xXsJdjPwcRUEGBw8IK_LWjr7jxanhFBRiuEGH-GhjT1K_WrVcYF3Vaj160WoEVZycXCco1B9VrYN8mPl8kpqf6KLsI1Yk7IYXN97wRR3Tp55tUm-gDBZDiQ8BhWX5RmQebvEgu8Vvot_68H-AQWn29ru8iJz6mvJuvT4F6GWGCWLABOf91J2xBJIFBAgEGAGSBQQIBRgEoAYCgAf554lAqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ44cD0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJM2h0dHBzOi8vYXJhbWFsaWtpYW4uY29tL2NvbmNpZXJ0by9ndWFkYWxhamFyYS0yMDIzL4AKAcgLAaIMCCoGCgTDsLEC2BMN0BUBgBcBshccChoIABIUcHViLTE0NjIzNTgxNTI5MzEwMzAYAA&sigh=QjVsr6x9Ixc&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWkx9lziKjh1GdGFf2slYUrxWIZW8mZhgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216598544324194815368%22,%22debug_reporting%22:true,%22destination%22:%22https://aramalikian.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22939363311%22],%224%22:[%2208-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221121804736198065265%22}&andc=true

Request Chain 128

https://googleads.g.doubleclick.net/pagead/adview?ai=CeWm2D_vRZL_AItT2mLAP36ebiAPB2oLecYHm5_CKEaTn8u2VAhABIOGXpwpg1bXXAqAB1_-Z0wPIAQGpAlzoT7uFcLI-qAMByAPLBKoEuQFP0L0_4yjxPvfcxcDWjgKWiPa5r9kYqgIwzeJhsvXdnxUeGzTUWhV7kkz2nMHerifwm7bYlyU_3x1pgCdNGWsnLloNyTXXhNB5-e9S_yMlJndXPtgP9Hl1ug25-ek1jNw77ISdNaMwiI1DH9fvgOd5lIH9Y93cumINHnPkrQdbptS3aibZH_XMj0TW8TiPPKYxhvvSeOGCX5-YRA2e5KML3mpEtyQNBouzGwknciSLgYAck5Sy5IGWZMAE67vYhJ0EkgUECAQYAZIFBAgFGASAB_vPvSuoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCAmwPSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mglIaHR0cHM6Ly93d3cuaW5maW5lb24uY29tL2Ntcy9lbi9wcm9kdWN0L3Byb21vcGFnZXMvbWF0dGVyLz9nY2xzcmM9YXcuZHMmgAoByAsBogwIKgYKBMOwsQLYEwqIFAbQFQGYFgGAFwGyFxwKGggAEhRwdWItMTQ2MjM1ODE1MjkzMTAzMBgA&sigh=KBDI9KxO25k&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWWyVDk3kyE0IiRUmq6zuJjBJEyvraGxgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214741035011184032420%22,%22debug_reporting%22:true,%22destination%22:%22https://infineon.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22979795927%22],%224%22:[%2208-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222919094431712824049%22}&andc=true

Request Chain 136

https://dmg.digitaltarget.ru/1/1093/i/i?i=865564189053843.126518426461940&a=77&e=1503420A0FFBD164211E941F0208C2A7&pref=http%3A%2F%2Fflines.ru%2F&c=ss:77.up:1503420A0FFBD164211E941F0208C2A7.sync:up.xdua:dujNOomv7JHwkuF1PmmJzd8q.xps:xps2SQejGZEmwtS7UiTAEo0S4.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1691482897568&i=865564189053843.126518426461940&a=77&e=1503420A0FFBD164211E941F0208C2A7&pref=http%3A%2F%2Fflines.ru%2F&c=ss:77.up:1503420A0FFBD164211E941F0208C2A7.sync:up.xdua:dujNOomv7JHwkuF1PmmJzd8q.xps:xps2SQejGZEmwtS7UiTAEo0S4.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://top-fwz1.mail.ru/counter?id=3210372;pid=k3SiB4uiAsQADqd74Naj

Request Chain 137

https://dmg.digitaltarget.ru/1/1093/i/i?i=865564189053843.357187976945468&a=77&e=1503420A0FFBD164211E941F0208C2A7&pref=http%3A%2F%2Fflines.ru%2F&c=ss:77.up:1503420A0FFBD164211E941F0208C2A7.sync:up.xdua:dujNOomv7JHwkuF1PmmJzd8q.xps:xps2SQejGZEmwtS7UiTAEo0S4.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1691482897645&i=865564189053843.357187976945468&a=77&e=1503420A0FFBD164211E941F0208C2A7&pref=http%3A%2F%2Fflines.ru%2F&c=ss:77.up:1503420A0FFBD164211E941F0208C2A7.sync:up.xdua:dujNOomv7JHwkuF1PmmJzd8q.xps:xps2SQejGZEmwtS7UiTAEo0S4.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://top-fwz1.mail.ru/counter?id=3210372;pid=.MTPT3YiRyAVLoV79jPI

Request Chain 139

http://www.acint.net/ping/?v=0.6.0&uid=175e8b84-cb7b-4eb7-bd41-f80870c26211&dp=10&tz=%2B00%3A00&nc=685056&dT=2023-08-08T08%3A21%3A38.338 HTTP 302
https://www.acint.net/ping/?v=0.6.0&uid=175e8b84-cb7b-4eb7-bd41-f80870c26211&dp=10&tz=%2B00%3A00&nc=685056&dT=2023-08-08T08%3A21%3A38.338

136 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
flines.ru/ 22 KB
7 KB 1505ms
1084ms Document
text/html 46.254.17.231
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://flines.ru/
Protocol: HTTP/1.1
Server: 46.254.17.231 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx / PHP/5.2.17
Resource Hash: 250ddfcd64220de2e1d8e2961a095f1c8538b5ead3358bd2d1aaf7cd05f06c5c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Cache-Control: store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 08 Aug 2023 08:21:34 GMT
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Tue, 08 Aug 2023 08:21:33 GMT
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.2.17

GET
H/1.1 200
OK views.css
flines.ru/sites/all/modules/views/css/ 2 KB
889 B 99ms
98ms Stylesheet
text/css 46.254.17.231
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://flines.ru/sites/all/modules/views/css/views.css?v
Requested by: Host: flines.ru
URL: http://flines.ru/
Protocol: HTTP/1.1
Server: 46.254.17.231 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: a0b8a4bd74d499ebe2edff4a450b545c8d1ab98433f37cf3976cd5d974cf768d

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jun 2008 23:08:00 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK node.css
flines.ru/modules/node/ 740 B
948 B 197ms
98ms Stylesheet
text/css 46.254.17.231
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://flines.ru/modules/node/node.css?v
Requested by: Host: flines.ru
URL: http://flines.ru/
Protocol: HTTP/1.1
Server: 46.254.17.231 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 7cb6bb2d1fcc4440a2bc17d268db1ddd407e93726f539f44cb4e529363b8c383

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:34 GMT
Last-Modified: Fri, 25 Jan 2008 21:21:44 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 740
Content-Type: text/css

GET
H/1.1 200
OK defaults.css
flines.ru/modules/system/ 757 B
965 B 198ms
98ms Stylesheet
text/css 46.254.17.231
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://flines.ru/modules/system/defaults.css?v
Requested by: Host: flines.ru
URL: http://flines.ru/
Protocol: HTTP/1.1
Server: 46.254.17.231 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: d71c4ede4adb08cee902dd2a598461fb2c8e1057bed997f705ddaaf29cc81de2

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:34 GMT
Last-Modified: Tue, 02 Oct 2007 11:10:40 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 757
Content-Type: text/css

GET
H/1.1 200
OK system.css
flines.ru/modules/system/ 10 KB
3 KB 199ms
99ms Stylesheet
text/css 46.254.17.231
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://flines.ru/modules/system/system.css?v
Requested by: Host: flines.ru
URL: http://flines.ru/
Protocol: HTTP/1.1
Server: 46.254.17.231 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: fd7ba7b9571406a40e33dabe1f0b5eb9a8b95541cb30078c03f7500ea4bf9f26

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Jan 2008 09:56:40 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK system-menus.css
flines.ru/modules/system/ 935 B
1 KB 197ms
98ms Stylesheet
text/css 46.254.17.231
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://flines.ru/modules/system/system-menus.css?v
Requested by: Host: flines.ru
URL: http://flines.ru/
Protocol: HTTP/1.1
Server: 46.254.17.231 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 79cd557d6d9f52f12657ec3b469ee3692920720af96b573d591d44c45914788c

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:34 GMT
Last-Modified: Fri, 05 Oct 2007 13:50:26 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 935
Content-Type: text/css

GET
H/1.1 200
OK user.css
flines.ru/modules/user/ 1 KB
710 B 199ms
100ms Stylesheet
text/css 46.254.17.231
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://flines.ru/modules/user/user.css?v
Requested by: Host: flines.ru
URL: http://flines.ru/
Protocol: HTTP/1.1
Server: 46.254.17.231 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 36273eefecf92422ef4ed8271bd027cacb855fcf437390d41f8ce7216b2e912f

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Jun 2007 03:38:42 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK style.css
flines.ru/sites/all/themes/colorfulness_theme/ 8 KB
3 KB 199ms
100ms Stylesheet
text/css 46.254.17.231
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://flines.ru/sites/all/themes/colorfulness_theme/style.css?v
Requested by: Host: flines.ru
URL: http://flines.ru/
Protocol: HTTP/1.1
Server: 46.254.17.231 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 8a61e7d6f5bc31a574a9be1cd598d764b7d454c8c7950c83541faff7579f52f8

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Nov 2010 02:14:00 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK jquery.js Show response
flines.ru/misc/ 30 KB
16 KB 305ms
105ms Script
application/x-javascript 46.254.17.231
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://flines.ru/misc/jquery.js?v
Requested by: Host: flines.ru
URL: http://flines.ru/
Protocol: HTTP/1.1
Server: 46.254.17.231 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 6fa0e98811e3ed03bb01a98f757980dd16c8ea494fd207e50e9cc88534cedbe1

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Jun 2008 08:38:40 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/x-javascript

GET
H/1.1 200
OK drupal.js Show response
flines.ru/misc/ 10 KB
4 KB 298ms
98ms Script
application/x-javascript 46.254.17.231
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://flines.ru/misc/drupal.js?v
Requested by: Host: flines.ru
URL: http://flines.ru/
Protocol: HTTP/1.1
Server: 46.254.17.231 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 37dbbc0da918410d4fd1662e1534f3389b603a7c95dfedf3a97049a6713ea42d

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jul 2009 07:59:10 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/x-javascript

GET
H/1.1 200
OK ru_6029737853dc2679045317ac3c794194.js Show response
flines.ru/sites/default/files/languages/ 2 KB
1 KB 305ms
105ms Script
application/x-javascript 46.254.17.231
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://flines.ru/sites/default/files/languages/ru_6029737853dc2679045317ac3c794194.js?v
Requested by: Host: flines.ru
URL: http://flines.ru/
Protocol: HTTP/1.1
Server: 46.254.17.231 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: c79702613b0eea39823b86fb964855dca2909136dda3ede5d68d5a851a83804b

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Nov 2009 21:59:18 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/x-javascript

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 92 KB
35 KB 171ms
100ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: flines.ru
URL: http://flines.ru/

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4043017d4cb2caa320dd22feb81c39d5b00041d6c0a7e383c8b776e93e72429d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 2692402910160697700
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 34935
X-XSS-Protection: 0
Expires: Tue, 08 Aug 2023 08:21:34 GMT

GET
H/1.1 200
OK smiley-smile.gif
flines.ru/sites/all/libraries/tinymce/jscripts/tiny_mce/plugins/emotions/img/ 345 B
554 B 98ms
97ms Image
image/gif 46.254.17.231
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://flines.ru/sites/all/libraries/tinymce/jscripts/tiny_mce/plugins/emotions/img/smiley-smile.gif
Requested by: Host: flines.ru
URL: http://flines.ru/
Protocol: HTTP/1.1
Server: 46.254.17.231 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 26dc134dd8f00285c940e0f09f2006213423f5053cad89c31fa4c5af039ce50e

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:34 GMT
Last-Modified: Tue, 22 Sep 2009 10:21:00 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 345
Content-Type: image/gif

GET
H/1.1 200
OK smiley-wink.gif
flines.ru/sites/all/libraries/tinymce/jscripts/tiny_mce/plugins/emotions/img/ 351 B
560 B 99ms
97ms Image
image/gif 46.254.17.231
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://flines.ru/sites/all/libraries/tinymce/jscripts/tiny_mce/plugins/emotions/img/smiley-wink.gif
Requested by: Host: flines.ru
URL: http://flines.ru/
Protocol: HTTP/1.1
Server: 46.254.17.231 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 675635adeabcc950282b70067beaa95053788a65abf25f9293fd42e97307c365

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:34 GMT
Last-Modified: Tue, 22 Sep 2009 10:21:00 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 351
Content-Type: image/gif

GET
H/1.1 200
OK 82.jpg
flines.ru/timelines/ 9 KB
9 KB 99ms
98ms Image
image/jpeg 46.254.17.231
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://flines.ru/timelines/82.jpg
Requested by: Host: flines.ru
URL: http://flines.ru/
Protocol: HTTP/1.1
Server: 46.254.17.231 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: abbe7009fae4258ae9a3541a99174f0f677d920c5111eadf5d455eadcd02126b

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:34 GMT
Last-Modified: Thu, 26 May 2016 20:03:08 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8981
Content-Type: image/jpeg

GET
H/1.1 200
OK createline.png
flines.ru/ 8 KB
9 KB 99ms
98ms Image
image/png 46.254.17.231
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://flines.ru/createline.png
Requested by: Host: flines.ru
URL: http://flines.ru/
Protocol: HTTP/1.1
Server: 46.254.17.231 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 90156872997ef6f3d3822208cfab2bc10ae3ba41d339f4dfbee588e3366a1674

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:34 GMT
Last-Modified: Tue, 19 Jan 2010 18:14:35 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8680
Content-Type: image/png

GET
H2

404

33f41ae461f1ea2e92597f884fdb0ca3.png
www.telderi.ru/uploads/promote/33/
Redirect Chain

http://www.telderi.ru/uploads/promote/33/33f41ae461f1ea2e92597f884fdb0ca3.png
https://www.telderi.ru/uploads/promote/33/33f41ae461f1ea2e92597f884fdb0ca3.png

0
0

369ms
298ms

Image
text/html

2606:4700:20::681a:3c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.telderi.ru/uploads/promote/33/33f41ae461f1ea2e92597f884fdb0ca3.png
Requested by: Host: flines.ru
URL: http://flines.ru/
Protocol: H2
Server: 2606:4700:20::681a:3c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Redirect headers

Date: Tue, 08 Aug 2023 08:21:35 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
X-Frame-Options: deny
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3ywDVE8hInLTaMPMmQiz2%2F8tGe5dmNE6%2FAPMkweyYM6NrQJ2MwNxviQJWEaNHpWBEuqXrOqXbY%2FXEoT4XN%2FWs2ZPKuHdspZ6bU9hVL5Q6fex3CVLSqu1gXOVp7plnqSa%2Fjsk6Mkzis6rkiw"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Location: https://www.telderi.ru/uploads/promote/33/33f41ae461f1ea2e92597f884fdb0ca3.png
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7f3658bdeecb2184-MAD
Content-Length: 162

GET
H/1.1 200
OK bn.php Show response
am15.net/ 5 KB
3 KB 177ms
85ms Script
text/javascript 95.216.240.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/bn.php?s=39052&f=3&d=44220
Requested by: Host: flines.ru
URL: http://flines.ru/
Protocol: HTTP/1.1
Server: 95.216.240.254 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.254.240.216.95.clients.your-server.de
Software: openresty / PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash: 9461fbdce530c7c54dc8f95c4ccca8678d912420c1451adfb62f6c0811770dae

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 08:21:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Aug 2023 08:21:34 GMT
Server: openresty
X-Powered-By: PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/javascript; charset=windows-1251
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
53 KB 107ms
106ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: flines.ru
URL: http://flines.ru/

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ba484f4dc7004aafba6c06213ac871d9eace0003f36af00fa7f4247f30816aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 53672
X-XSS-Protection: 0
Server: cafe
ETag: 1133587546245785568
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Tue, 08 Aug 2023 08:21:35 GMT

GET
H/1.1 200
OK googleanalytics.js Show response
flines.ru/sites/all/modules/google_analytics/ 2 KB
949 B 98ms
98ms Script
application/x-javascript 46.254.17.231
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://flines.ru/sites/all/modules/google_analytics/googleanalytics.js?v
Requested by: Host: flines.ru
URL: http://flines.ru/
Protocol: HTTP/1.1
Server: 46.254.17.231 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 3271186537c73dc9314f5baf36124165a2534dd2fe251c529c4ca7f3ac882aa2

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Mar 2009 07:25:47 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/x-javascript

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//flines.ru/;0.999838293627433
https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//flines.ru/;0.999838293627433
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//flines.ru/;0.999838293627433

43 B
528 B

93ms
92ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//flines.ru/;0.999838293627433

Requested by

Host: flines.ru
URL: http://flines.ru/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 08:21:35 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Sun, 07 Aug 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 08:21:35 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//flines.ru/;0.999838293627433
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Sun, 07 Aug 2022 21:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308020101/ 372 KB
126 KB 358ms
127ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1462358152931030&plah=flines.ru

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c2e256025363e72b6eba89baeee3e42941df4395891a35dcc669c03e14d39ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128277
x-xss-protection: 0
server: cafe
etag: 8969693642371289926
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 08:21:35 GMT

GET
H/1.1 200
OK head960.gif
flines.ru/sites/all/themes/colorfulness_theme/images/ 24 KB
24 KB 98ms
97ms Image
image/gif 46.254.17.231
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://flines.ru/sites/all/themes/colorfulness_theme/images/head960.gif
Requested by: Host: flines.ru
URL: http://flines.ru/sites/all/themes/colorfulness_theme/style.css?v
Protocol: HTTP/1.1
Server: 46.254.17.231 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 5b26f9b01ab954e34183dfc334fa74accdc21417549ac1987be609d576ee6caa

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/sites/all/themes/colorfulness_theme/style.css?v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:34 GMT
Last-Modified: Tue, 07 Sep 2010 18:31:04 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24434
Content-Type: image/gif

GET
H/1.1 200
OK menu.png
flines.ru/sites/all/themes/colorfulness_theme/images/ 160 B
369 B 186ms
101ms Image
image/png 46.254.17.231
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://flines.ru/sites/all/themes/colorfulness_theme/images/menu.png
Requested by: Host: flines.ru
URL: http://flines.ru/sites/all/themes/colorfulness_theme/style.css?v
Protocol: HTTP/1.1
Server: 46.254.17.231 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: e963c1ca7015609dc039e072491493f645d8990a446457a447b76b19c3c043a7

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/sites/all/themes/colorfulness_theme/style.css?v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:35 GMT
Last-Modified: Tue, 29 Jul 2008 14:30:02 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 160
Content-Type: image/png

GET
H/1.1 200
OK bg_col.gif
flines.ru/sites/all/themes/colorfulness_theme/images/ 4 KB
4 KB 154ms
98ms Image
image/gif 46.254.17.231
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://flines.ru/sites/all/themes/colorfulness_theme/images/bg_col.gif
Requested by: Host: flines.ru
URL: http://flines.ru/sites/all/themes/colorfulness_theme/style.css?v
Protocol: HTTP/1.1
Server: 46.254.17.231 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 05829f2f9ed5152b6c01beed29fb0d848c9d6a3e07cbc3b0faedab8add37169e

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/sites/all/themes/colorfulness_theme/style.css?v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:35 GMT
Last-Modified: Tue, 29 Jul 2008 14:30:02 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3626
Content-Type: image/gif

GET
H/1.1 200
OK uid.php Show response
am15.net/x/ Frame 144A 2 KB
1 KB 84ms
84ms Document
text/html 95.216.240.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/x/uid.php?rand=1838328910&uid=dAfK8Zw
Requested by: Host: am15.net
URL: http://am15.net/bn.php?s=39052&f=3&d=44220
Protocol: HTTP/1.1
Server: 95.216.240.254 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.254.240.216.95.clients.your-server.de
Software: openresty / PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash: 6b0d4f3b369f75dc2b8f203a586bda1030d1f941d57b99483da7e289b24c538a

Request headers

Referer: http://flines.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 08 Aug 2023 08:21:35 GMT
Expires: Tue, 01 Jan 2000 00:00:00 GMT
Last-Modified: Tue, 08 Aug 2023 08:21:35 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: openresty
Transfer-Encoding: chunked
X-Powered-By: PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1

GET
H/1.1 200
OK fpx.php Show response
am15.net/x/ Frame 3B05 2 KB
2 KB 167ms
85ms Document
text/html 95.216.240.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbDyI_x293n&s=39052&t=bn&rand=955754893
Requested by: Host: am15.net
URL: http://am15.net/bn.php?s=39052&f=3&d=44220
Protocol: HTTP/1.1
Server: 95.216.240.254 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.254.240.216.95.clients.your-server.de
Software: openresty / PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash: 5874033e2e3a34ae30303dbab3f29e99e0cd360c2420b01b48676ad4d09b20fa

Request headers

Referer: http://flines.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=windows-1251
Date: Tue, 08 Aug 2023 08:21:35 GMT
Expires: Tue, 01 Jan 2000 00:00:00 GMT
Last-Modified: Tue, 08 Aug 2023 08:21:35 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: openresty
Transfer-Encoding: chunked
X-Powered-By: PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1

GET
H/1.1 200
OK tk.php Show response
am15.net/tk/ 16 B
836 B 170ms
87ms Script
text/javascript 95.216.240.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/tk/tk.php?k=S-gxyQYDy8lxNO-thm.T1BbD1h3D19Ix18JXNOajhIRX1dQtr1XSywU29QmbK9o.2BiSxMQtNQgjFICcFFnn&p=Win32
Requested by: Host: am15.net
URL: http://am15.net/bn.php?s=39052&f=3&d=44220
Protocol: HTTP/1.1
Server: 95.216.240.254 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.254.240.216.95.clients.your-server.de
Software: openresty / PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash: d394943f23c6995ae4f92fa38deb1d61ab0166e155faac6e061ea2c65c85cc9a

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 08:21:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Aug 2023 08:21:35 GMT
Server: openresty
X-Powered-By: PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/javascript; charset=windows-1251
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK dsp Show response
am15.net/ssp/ 512 B
623 B 243ms
160ms Script
application/javascript 95.216.240.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/ssp/dsp?upst=j9ouyBm.sBbDyI_x293n&site=39052&height=200&width=600&block=ambn44220&ref=http%3A%2F%2Fflines.ru%2F&title=%D0%9B%D0%B8%D0%BD%D0%B5%D0%B9%D0%BA%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D1%84%D0%BE%D1%80%D1%83%D0%BC%D0%BE%D0%B2%2C%20%D0%BB%D0%B8%D0%BD%D0%B5%D0%B5%D1%87%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B8%D0%B9%20%D1%81%D1%82%D0%BE%D0%BB&js=1&time=1691482895&ctype=undefined
Requested by: Host: am15.net
URL: http://am15.net/bn.php?s=39052&f=3&d=44220
Protocol: HTTP/1.1
Server: 95.216.240.254 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.254.240.216.95.clients.your-server.de
Software: openresty /
Resource Hash: 7143219fc14098ea9366ce4041f1c71796379ade6457cf5571dbb7e52b3cd7ba

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 08:21:35 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive

GET
H2 200 aci.js Show response
www.acint.net/ 29 KB
8 KB 306ms
99ms Script
application/x-javascript 193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: flines.ru
URL: http://flines.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: 9a4d4b0095f5dfd9adf1a509029b110a24bfc96c1cf3273c6d59718563e4c7db

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:35 GMT
content-encoding: gzip
last-modified: Tue, 13 Jun 2023 08:01:43 GMT
server: openresty
etag: "64882267-20c3"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 8387
expires: Tue, 08 Aug 2023 20:21:35 GMT

GET
H/1.1 200
OK menu-expanded.gif
flines.ru/sites/all/themes/colorfulness_theme/images/ 183 B
392 B 128ms
102ms Image
image/gif 46.254.17.231
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://flines.ru/sites/all/themes/colorfulness_theme/images/menu-expanded.gif
Requested by: Host: flines.ru
URL: http://flines.ru/sites/all/themes/colorfulness_theme/style.css?v
Protocol: HTTP/1.1
Server: 46.254.17.231 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: aa76185f417cf85d7029b35e3a6544d4495402e17f76a32633b5ba80a81faa26

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/sites/all/themes/colorfulness_theme/style.css?v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:35 GMT
Last-Modified: Tue, 29 Jul 2008 14:30:02 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 183
Content-Type: image/gif

GET
H/1.1 200
OK menu-leaf.gif
flines.ru/sites/all/themes/colorfulness_theme/images/ 175 B
384 B 127ms
101ms Image
image/gif 46.254.17.231
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://flines.ru/sites/all/themes/colorfulness_theme/images/menu-leaf.gif
Requested by: Host: flines.ru
URL: http://flines.ru/sites/all/themes/colorfulness_theme/style.css?v
Protocol: HTTP/1.1
Server: 46.254.17.231 Moscow, Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: hosted-by.ihc.ru
Software: nginx /
Resource Hash: 913e0bff2ebdfd8aa46e82e8282910638f68fdb9f56f447f1f6b259f3fe5e539

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/sites/all/themes/colorfulness_theme/style.css?v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:35 GMT
Last-Modified: Tue, 29 Jul 2008 14:30:02 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 175
Content-Type: image/gif

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

228ms
63ms

Script
text/javascript

2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: flines.ru
URL: http://flines.ru/

Protocol

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 08 Aug 2023 07:45:00 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2195
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Tue, 08 Aug 2023 09:45:00 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230803/r20190131/ Frame A224 10 KB
5 KB 191ms
61ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230803/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://flines.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

age: 5962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 06:42:13 GMT
etag: 12368291122986407432
expires: Tue, 22 Aug 2023 06:42:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rsc.php Show response
rbnt.org/ Frame 3B05
Redirect Chain

http://t02.rbnt.org/rsc.php?mode=bu&pkey=4ac0e82e6c07f71ddb00a3d567c38488&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=39052
https://rbnt.org/rsc.php?mode=bu&pkey=4ac0e82e6c07f71ddb00a3d567c38488&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=39052
https://rbnt.org/rsc.php?mode=bu&pkey=4ac0e82e6c07f71ddb00a3d567c38488&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=39052&csc=1

20 B
521 B

64ms
63ms

Script
text/javascript

148.251.159.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rbnt.org/rsc.php?mode=bu&pkey=4ac0e82e6c07f71ddb00a3d567c38488&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=39052&csc=1

Requested by

Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbDyI_x293n&s=39052&t=bn&rand=955754893

Protocol

HTTP/1.1

Server

148.251.159.22 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.22.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

21b82e2818317d8154b0015d7a606c590429a8645c79d2f90922449c805a2fd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 08:21:35 GMT
Strict-Transport-Security: max-age=0
Content-Encoding: gzip
Last-Modified: Tue, 08 Aug 2023 08:21:35 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 08:21:35 GMT
Strict-Transport-Security: max-age=0
Last-Modified: Tue, 08 Aug 2023 08:21:35 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=UTF-8
Location: /rsc.php?mode=bu&pkey=4ac0e82e6c07f71ddb00a3d567c38488&scr=1&p=advmaker&callback=AdvMakerMyragon&sitename=39052&csc=1
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

204

aotm.js Show response
sync.dmp.otm-r.com/match/ Frame 3B05
Redirect Chain

http://sync.dmp.otm-r.com/match/aotm.js
https://sync.dmp.otm-r.com/match/aotm.js

0
69 B

191ms
61ms

Script
text/plain

138.201.65.68
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.dmp.otm-r.com/match/aotm.js
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbDyI_x293n&s=39052&t=bn&rand=955754893
Protocol: H2
Server: 138.201.65.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.68.65.201.138.clients.your-server.de
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 08 Aug 2023 08:21:35 GMT
server: nginx/1.17.4

Redirect headers

Location: https://sync.dmp.otm-r.com/match/aotm.js
Date: Tue, 08 Aug 2023 08:21:35 GMT
Server: nginx/1.17.10
Connection: keep-alive
Content-Length: 170
Content-Type: text/html

GET
H/1.1

200
OK

cm.gif
ad.mail.ru/ Frame 3B05
Redirect Chain

http://x.instreamatic.com/v2/mark/787.gif
https://x.instreamatic.com/v2/mark/787.gif
https://ad.mail.ru/cm.gif?p=66&id=0d90baee0102150a

43 B
764 B

413ms
102ms

Image
image/gif

2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=66&id=0d90baee0102150a
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbDyI_x293n&s=39052&t=bn&rand=955754893
Protocol: HTTP/1.1
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:36 GMT
Last-Modified: Tue, 08 Aug 2023 08:21:36 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Tue, 08 Aug 2023 14:21:36 GMT

Redirect headers

Location: https://ad.mail.ru/cm.gif?p=66&id=0d90baee0102150a
Date: Tue, 08 Aug 2023 08:21:35 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK banner Show response
am15.net/ssp/ Frame 0C7A 729 B
648 B 84ms
83ms Document
text/html 95.216.240.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am15.net/ssp/banner?upst=j9ouyBm.sBbDyI_x293n&bid=be3cc12b-905d-4f0a-8a1a-6cb8a17609d8
Requested by: Host: am15.net
URL: http://am15.net/ssp/dsp?upst=j9ouyBm.sBbDyI_x293n&site=39052&height=200&width=600&block=ambn44220&ref=http%3A%2F%2Fflines.ru%2F&title=%D0%9B%D0%B8%D0%BD%D0%B5%D0%B9%D0%BA%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D1%84%D0%BE%D1%80%D1%83%D0%BC%D0%BE%D0%B2%2C%20%D0%BB%D0%B8%D0%BD%D0%B5%D0%B5%D1%87%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B8%D0%B9%20%D1%81%D1%82%D0%BE%D0%BB&js=1&time=1691482895&ctype=undefined
Protocol: HTTP/1.1
Server: 95.216.240.254 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.254.240.216.95.clients.your-server.de
Software: openresty /
Resource Hash: 224000b805a674988b4d7ba45131637c09a9561f827ffede9df18bde823693af

Request headers

Referer: http://flines.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 08 Aug 2023 08:21:35 GMT
Server: openresty
Transfer-Encoding: chunked

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1145967978&utmhn=flines.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9B%D0%B...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1145967978&utmhn=flines.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9B%D0%...

35 B
197 B

70ms
69ms

Image
image/gif

2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1145967978&utmhn=flines.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9B%D0%B8%D0%BD%D0%B5%D0%B9%D0%BA%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D1%84%D0%BE%D1%80%D1%83%D0%BC%D0%BE%D0%B2%2C%20%D0%BB%D0%B8%D0%BD%D0%B5%D0%B5%D1%87%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B8%D0%B9%20%D1%81%D1%82%D0%BE%D0%BB&utmhid=765523353&utmr=-&utmp=%2F&utmht=1691482895290&utmac=UA-11493876-1&utmcc=__utma%3D162415467.1815878899.1691482895.1691482895.1691482895.1%3B%2B__utmz%3D162415467.1691482895.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1560230439&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: flines.ru
URL: http://flines.ru/

Protocol

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 08:21:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1145967978&utmhn=flines.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9B%D0%B8%D0%BD%D0%B5%D0%B9%D0%BA%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D1%84%D0%BE%D1%80%D1%83%D0%BC%D0%BE%D0%B2%2C%20%D0%BB%D0%B8%D0%BD%D0%B5%D0%B5%D1%87%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B8%D0%B9%20%D1%81%D1%82%D0%BE%D0%BB&utmhid=765523353&utmr=-&utmp=%2F&utmht=1691482895290&utmac=UA-11493876-1&utmcc=__utma%3D162415467.1815878899.1691482895.1691482895.1691482895.1%3B%2B__utmz%3D162415467.1691482895.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1560230439&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

/ Show response
www.acint.net/mc/ Frame 13F5
Redirect Chain

http://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10&tc=1

5 KB
4 KB

100ms
100ms

Document
text/html

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=10&tc=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: 0a5cb1e1065610673f85a27bb5352ae912795764a316b6c5b541059df2354175

Request headers

Referer: http://flines.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 08 Aug 2023 08:21:35 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server: openresty

Redirect headers

content-length: 154
content-type: text/html
date: Tue, 08 Aug 2023 08:21:35 GMT
location: /mc/?dp=10&tc=1
server: openresty

GET
H2

200

oci.js Show response
www.acint.net/
Redirect Chain

http://www.acint.net/oci.js?t=1691482895338
https://www.acint.net/oci.js?t=1691482895338

31 KB
14 KB

101ms
100ms

Script
application/x-javascript

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/oci.js?t=1691482895338
Requested by: Host: flines.ru
URL: http://flines.ru/
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: 97f83d837c88230eb5cca8c25ef55b49525beef37ca13c1d7b6af17252f9879d

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:35 GMT
content-encoding: gzip
last-modified: Mon, 09 Jan 2023 08:01:12 GMT
server: openresty
etag: W/"63bbc9c8-7dac"
content-type: application/x-javascript

Redirect headers

Location: https://www.acint.net/oci.js?t=1691482895338
Date: Tue, 08 Aug 2023 08:21:35 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H2

200

/
www.acint.net/hit/
Redirect Chain

http://www.acint.net/hit/?v=0.6.0&uid=175e8b84-cb7b-4eb7-bd41-f80870c26211&dp=10&tz=%2B00%3A00&nc=366398&u=http%3A%2F%2Fflines.ru%2F&r=&rs=1600x1200&t=%D0%9B%D0%B8%D0%BD%D0%B5%D0%B9%D0%BA%D0%B8%20%...
https://www.acint.net/hit/?v=0.6.0&uid=175e8b84-cb7b-4eb7-bd41-f80870c26211&dp=10&tz=%2B00%3A00&nc=366398&u=http%3A%2F%2Fflines.ru%2F&r=&rs=1600x1200&t=%D0%9B%D0%B8%D0%BD%D0%B5%D0%B9%D0%BA%D0%B8%20...

43 B
340 B

101ms
101ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.6.0&uid=175e8b84-cb7b-4eb7-bd41-f80870c26211&dp=10&tz=%2B00%3A00&nc=366398&u=http%3A%2F%2Fflines.ru%2F&r=&rs=1600x1200&t=%D0%9B%D0%B8%D0%BD%D0%B5%D0%B9%D0%BA%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D1%84%D0%BE%D1%80%D1%83%D0%BC%D0%BE%D0%B2%2C%20%D0%BB%D0%B8%D0%BD%D0%B5%D0%B5%D1%87%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B8%D0%B9%20%D1%81%D1%82%D0%BE%D0%BB&oE=1&oP=1&dT=2023-08-08T08%3A21%3A35.333&fu=1f4e0db9-5ed3-4849-b379-7e789c860501
Requested by: Host: flines.ru
URL: http://flines.ru/
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 08 Aug 2023 08:21:35 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/hit/?v=0.6.0&uid=175e8b84-cb7b-4eb7-bd41-f80870c26211&dp=10&tz=%2B00%3A00&nc=366398&u=http%3A%2F%2Fflines.ru%2F&r=&rs=1600x1200&t=%D0%9B%D0%B8%D0%BD%D0%B5%D0%B9%D0%BA%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D1%84%D0%BE%D1%80%D1%83%D0%BC%D0%BE%D0%B2%2C%20%D0%BB%D0%B8%D0%BD%D0%B5%D0%B5%D1%87%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B8%D0%B9%20%D1%81%D1%82%D0%BE%D0%BB&oE=1&oP=1&dT=2023-08-08T08%3A21%3A35.333&fu=1f4e0db9-5ed3-4849-b379-7e789c860501
Date: Tue, 08 Aug 2023 08:21:35 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H2 200 rlf.js Show response
cdn.adlook.me/js/ Frame 0C7A 73 KB
21 KB 894ms
144ms Script
application/javascript 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adlook.me/js/rlf.js
Requested by: Host: am15.net
URL: http://am15.net/ssp/banner?upst=j9ouyBm.sBbDyI_x293n&bid=be3cc12b-905d-4f0a-8a1a-6cb8a17609d8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 4db4a06085d09c9492059b07dae0f9c6acd998c5a0eff738c81a55d61cc00cf7

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-id: m9-up-gc91
date: Tue, 08 Aug 2023 08:21:36 GMT
content-encoding: gzip
last-modified: Mon, 05 Jun 2023 10:51:11 GMT
server: nginx
etag: "80b9eba39b97d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cached-since: 2023-08-08T08:14:25+00:00
content-type: application/javascript,application/javascript;charset=utf-8
cache: HIT
accept-ranges: bytes
content-length: 21498

GET
H/1.1 200
OK ambn.png
b.am15.net/ Frame 0C7A 6 KB
6 KB 175ms
83ms Image
image/png 95.216.224.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.am15.net/ambn.png
Requested by: Host: am15.net
URL: http://am15.net/ssp/banner?upst=j9ouyBm.sBbDyI_x293n&bid=be3cc12b-905d-4f0a-8a1a-6cb8a17609d8
Protocol: HTTP/1.1
Server: 95.216.224.48 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.48.224.216.95.clients.your-server.de
Software: openresty /
Resource Hash: f8ef0068a018e69ac5f56505d59a2fa3acf3916b0040fa3a28301b39daf6bc19

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:35 GMT
Last-Modified: Fri, 06 Sep 2013 09:15:37 GMT
Server: openresty
ETag: "52299d39-18fb"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6395

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
602 B 206ms
70ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=flines.ru&callback=_gfp_s_&client=ca-pub-1462358152931030

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1462358152931030&plah=flines.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d2b6767c1eeec6527b35c80396c6cf594c986cacb4533e05b9bb21f5bb87516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D3EF 111 KB
39 KB 392ms
391ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1462358152931030&output=html&h=90&slotname=3958875260&adk=3102626627&adf=3135236955&pi=t.ma~as.3958875260&w=728&lmt=1691482893&url=http%3A%2F%2Fflines.ru%2F&wgl=1&dt=1691482894962&bpp=16&bdt=436&idt=532&shv=r20230803&mjsv=m202308020101&ptt=5&saldr=sa&abxe=1&correlator=5659033326546&frm=20&pv=2&ga_vid=1815878899.1691482895&ga_sid=1691482895&ga_hid=765523353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31076511%2C31076686%2C31076688&oid=2&pvsid=2172235896029367&tmod=183745331&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=gyWO2tnR8J&p=http%3A//flines.ru&dtd=546

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68e2b1636cfdb420164f7df160652ff0dbece639bea93c175e28b92fb75906d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://flines.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39900
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 08:21:35 GMT
expires: Tue, 08 Aug 2023 08:21:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0285 93 KB
36 KB 565ms
564ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1462358152931030&output=html&h=600&slotname=8520186874&adk=1604639398&adf=3459201735&pi=t.ma~as.8520186874&w=160&lmt=1691482893&format=160x600&url=http%3A%2F%2Fflines.ru%2F&wgl=1&dt=1691482895146&bpp=2&bdt=620&idt=370&shv=r20230803&mjsv=m202308020101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3958875260&correlator=5659033326546&frm=20&pv=1&ga_vid=1815878899.1691482895&ga_sid=1691482895&ga_hid=765523353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1356&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31076511%2C31076686%2C31076688&oid=2&pvsid=2172235896029367&tmod=183745331&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=AUuITisSzs&p=http%3A//flines.ru&dtd=373

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdc6a517565fca0fd219c019766714e5e1f48c7b15d997e6b83bc5faf8df67e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://flines.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36652
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 08:21:36 GMT
expires: Tue, 08 Aug 2023 08:21:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7F49 104 KB
36 KB 828ms
828ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1462358152931030&output=html&h=200&slotname=4361553359&adk=883275230&adf=1422343706&pi=t.ma~as.4361553359&w=200&lmt=1691482893&format=200x200&url=http%3A%2F%2Fflines.ru%2F&wgl=1&dt=1691482895148&bpp=2&bdt=622&idt=373&shv=r20230803&mjsv=m202308020101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&prev_slotnames=3958875260&correlator=5659033326546&frm=20&pv=1&ga_vid=1815878899.1691482895&ga_sid=1691482895&ga_hid=765523353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=66&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31076511%2C31076686%2C31076688&oid=2&pvsid=2172235896029367&tmod=183745331&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=pVcMkWPVSk&p=http%3A//flines.ru&dtd=376

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6f1e3cc85c557f030fb35477d5877b517bf14eab65e067e4119e0aea1876fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://flines.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37070
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 08:21:36 GMT
expires: Tue, 08 Aug 2023 08:21:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
www.acint.net/oci/
Redirect Chain

http://www.acint.net/oci/?v=0.6.0&uid=175e8b84-cb7b-4eb7-bd41-f80870c26211&dp=10&tz=%2B00%3A00&nc=822739&oid=e918f97047bc11db082c82b419bbe7ba
https://www.acint.net/oci/?v=0.6.0&uid=175e8b84-cb7b-4eb7-bd41-f80870c26211&dp=10&tz=%2B00%3A00&nc=822739&oid=e918f97047bc11db082c82b419bbe7ba

43 B
224 B

99ms
99ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/oci/?v=0.6.0&uid=175e8b84-cb7b-4eb7-bd41-f80870c26211&dp=10&tz=%2B00%3A00&nc=822739&oid=e918f97047bc11db082c82b419bbe7ba
Requested by: Host: flines.ru
URL: http://flines.ru/
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 08 Aug 2023 08:21:35 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/oci/?v=0.6.0&uid=175e8b84-cb7b-4eb7-bd41-f80870c26211&dp=10&tz=%2B00%3A00&nc=822739&oid=e918f97047bc11db082c82b419bbe7ba
Date: Tue, 08 Aug 2023 08:21:35 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET 556d807310823b694772f699.js
static.weborama.io/ Frame 3B05 0
0

GET
H/1.1 200
OK smartPixel.min.js Show response
pixel.vihub.ru/smart/_pub/advmaker/dist/ Frame 3B05 9 KB
9 KB 128ms
61ms Script
application/javascript 136.243.149.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pixel.vihub.ru/smart/_pub/advmaker/dist/smartPixel.min.js
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbDyI_x293n&s=39052&t=bn&rand=955754893
Protocol: HTTP/1.1
Server: 136.243.149.224 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.149.243.136.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: a72f6e287ccbd8e44f5f415148688ca4cc0abddd57e0b14e62560eb7e3152397

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:35 GMT
Last-Modified: Wed, 26 Jul 2017 10:56:15 GMT
Server: nginx/1.12.2
ETag: "5978754f-232e"
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 9006

GET
H2

200

match
acint.net/ Frame 13F5
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=C7B803C10FFBD164B600069B02C4E88E

43 B
269 B

100ms
99ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=C7B803C10FFBD164B600069B02C4E88E
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:36 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Tue, 08 Aug 2023 08:21:35 GMT
Server: openresty
Access-Control-Allow-Methods: GET
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Location: https://acint.net/match?dp=14&euid=C7B803C10FFBD164B600069B02C4E88E
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 13F5
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=1503420A0FFBD164211E941F0208C2A7
https://px.adhigh.net/p/cm/sape?u=1503420A0FFBD164211E941F0208C2A7&bounced=1
https://acint.net/match?dp=17&euid=LrOcGr0WDwm.AikABlGJ1Dy2Rg

43 B
269 B

103ms
99ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=LrOcGr0WDwm.AikABlGJ1Dy2Rg
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:36 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Aug 2023 08:21:35 GMT
server: nginx
x-backend-id: f10-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://acint.net/match?dp=17&euid=LrOcGr0WDwm.AikABlGJ1Dy2Rg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 13F5
Redirect Chain

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4510180606
https://www.acint.net/rmatch?dp=45&euid=ASekpCcqH69Vd92haq5ki6g&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1503420A0FFBD164211E941F0208C2A7

42 B
201 B

98ms
97ms

Image
image/gif

81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1503420A0FFBD164211E941F0208C2A7
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:36 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Tue, 08 Aug 2023 08:21:36 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1503420A0FFBD164211E941F0208C2A7
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame 13F5 0
773 B 181ms
102ms Image
text/plain 2606:4700:3035::ac43:832e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=8&id=1503420A0FFBD164211E941F0208C2A7
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:832e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5n1xt%2FhWTWSUYZAAJGQfrW6Xj56ZYVpX7TDCG%2BuVg9gNZVzrqnqo7If8ivN0Da4VthuqnxyDnJnRw%2F5dAByF5U4sDW3EUGxGeIduBX6jVfhjVXFWkAxfrzHC0%2BjlwotcePkANmu%2BttbYcY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 7f3658c29beb314b-MAD
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc: h3=":443"; ma=86400

GET
H2 204 match
dm-eu.hybrid.ai/ Frame 13F5 0
281 B 286ms
150ms Image
text/plain 37.230.131.21
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=1503420A0FFBD164211E941F0208C2A7

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.21 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 08:21:35 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://www.acint.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 512
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame 13F5 3 KB
3 KB 403ms
99ms Script
application/javascript 185.15.175.145
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:36 GMT
Last-Modified: Tue, 08 Aug 2023 08:04:13 GMT
Server: nginx
ETag: "64d1f6fd-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame 13F5 0
68 B 112ms
109ms Image
text/plain 138.201.65.68
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=1503420A0FFBD164211E941F0208C2A7
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.65.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.68.65.201.138.clients.your-server.de
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 08 Aug 2023 08:21:35 GMT
server: nginx/1.17.4

GET
H2

200

match
www.acint.net/ Frame 13F5
Redirect Chain

https://sync.upravel.com/sape/sync
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
https://www.acint.net/match?dp=71&euid=41393fcc-04b4-4328-bb42-8c63dbb0336e

43 B
269 B

101ms
100ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=71&euid=41393fcc-04b4-4328-bb42-8c63dbb0336e
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:36 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Tue, 08 Aug 2023 08:21:35 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://www.acint.net/match?dp=71&euid=41393fcc-04b4-4328-bb42-8c63dbb0336e
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

match
acint.net/ Frame 13F5
Redirect Chain

https://s.ccsyncuuid.net/match/5/?remote_uid=1503420A0FFBD164211E941F0208C2A7
https://acint.net/match?dp=80&euid=sQycoa6SJ69Jojhs7dtj

43 B
269 B

109ms
100ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=80&euid=sQycoa6SJ69Jojhs7dtj
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:36 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=80&euid=sQycoa6SJ69Jojhs7dtj
date: Tue, 08 Aug 2023 08:21:35 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 13F5 42 B
201 B 407ms
96ms Image
image/gif 81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1503420A0FFBD164211E941F0208C2A7
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:36 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

match
www.acint.net/ Frame 13F5
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
https://www.acint.net/match?dp=95&euid=BMCRBXCN

43 B
269 B

102ms
101ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=95&euid=BMCRBXCN
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:36 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=95&euid=BMCRBXCN
date: Tue, 08 Aug 2023 08:21:36 GMT
server: nginx/1.16.1
content-length: 74
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 13F5
Redirect Chain

https://sync.adspend.space/sape?uid=1503420A0FFBD164211E941F0208C2A7
https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D80de8f1f-46e6-4260-acd0-f9e9d0c3b3d1
https://www.acint.net/match?dp=98&euid=80de8f1f-46e6-4260-acd0-f9e9d0c3b3d1

43 B
269 B

102ms
100ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=98&euid=80de8f1f-46e6-4260-acd0-f9e9d0c3b3d1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:36 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Tue, 08 Aug 2023 08:21:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-max-age: 1728000
access-control-allow-methods: PUT, GET, POST, OPTIONS
content-type: text/html; charset=utf-8
location: https://www.acint.net/match?dp=98&euid=80de8f1f-46e6-4260-acd0-f9e9d0c3b3d1
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, authorization
content-length: 102

GET
H2

200

match
www.acint.net/ Frame 13F5
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=Ba2SUuCLdSJa

43 B
269 B

101ms
100ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=Ba2SUuCLdSJa
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:36 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=Ba2SUuCLdSJa
Date: Tue, 08 Aug 2023 08:21:36 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame 13F5
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=1503420A0FFBD164211E941F0208C2A7&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=1503420A0FFBD164211E941F0208C2A7&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1&rts=-8...
https://acint.net/match?dp=107&euid=b2dbdd81-d6f3-53dc-afd6-0693cb07fd83

43 B
269 B

100ms
99ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=b2dbdd81-d6f3-53dc-afd6-0693cb07fd83
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:36 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=b2dbdd81-d6f3-53dc-afd6-0693cb07fd83
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 13F5
Redirect Chain

https://ads.adlook.me/csync?pid=sape&uid=1503420A0FFBD164211E941F0208C2A7&url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=ad7a366ce0c34de0a993df056b8bbc6d

43 B
269 B

99ms
99ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=ad7a366ce0c34de0a993df056b8bbc6d
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:36 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=ad7a366ce0c34de0a993df056b8bbc6d
date: Tue, 08 Aug 2023 08:21:35 GMT
server: Microsoft-IIS/10.0

GET
H2

200

match
www.acint.net/ Frame 13F5
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=1503420A0FFBD164211E941F0208C2A7
https://vma.mts.ru/match/second?ssp=30&exu=1503420A0FFBD164211E941F0208C2A7
https://tech.rtb.mts.ru/?dsp_uid=6f0c6979-db94-4a1d-930a-436df05ca88a&return_url=https%3A%2F%2Fmts-dsp-sync.rutarget.ru%2Fsync%3Fcallback_url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D30...
https://mts-dsp-sync.rutarget.ru/sync?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D30%26em%3D3%26ssp%3Dsegmento%26id%3D%24%7BRUTARGET_VISITOR_ID%7D
https://vma.mts.ru/em?next=30&em=3&ssp=segmento&id=Ba2SUuCLdSJa
https://www.acint.net/match?dp=125&euid=6f0c6979-db94-4a1d-930a-436df05ca88a

43 B
269 B

100ms
99ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=125&euid=6f0c6979-db94-4a1d-930a-436df05ca88a
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:37 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Tue, 08 Aug 2023 08:21:37 GMT
Server: nginx
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Location: https://www.acint.net/match?dp=125&euid=6f0c6979-db94-4a1d-930a-436df05ca88a
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame 13F5
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=92d56e27-87eb-412c-7d7c-2cd5356ba479

43 B
269 B

102ms
101ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=92d56e27-87eb-412c-7d7c-2cd5356ba479
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:36 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=92d56e27-87eb-412c-7d7c-2cd5356ba479
date: Tue, 08 Aug 2023 08:21:36 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 13F5
Redirect Chain

https://s.uuidksinc.net/match/396/?remote_uid=1503420A0FFBD164211E941F0208C2A7
https://www.acint.net/match?dp=127&euid=Bj7Ghqur0MGyVilQuPod

43 B
269 B

101ms
99ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=Bj7Ghqur0MGyVilQuPod
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:36 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=Bj7Ghqur0MGyVilQuPod
date: Tue, 08 Aug 2023 08:21:36 GMT
server: nginx/1.23.2
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 13F5
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=ys9tl5cz01

43 B
269 B

100ms
99ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=129&euid=ys9tl5cz01
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:36 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Aug 2023 08:21:36 GMT
server: nginx/1.22.0
surrogate-control: no-store
vary: Origin
access-control-allow-origin: *
location: https://www.acint.net/match?dp=129&euid=ys9tl5cz01
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: 9f7c601f-7d2b-4ff0-9728-0790378883d6
expires: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame 13F5 0
215 B 330ms
104ms Image
text/plain 217.65.2.150
CITYTELECOM-AS Fi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=1503420A0FFBD164211E941F0208C2A7
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 08 Aug 2023 08:21:36 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.22.1
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2

204

0.gif
x01.aidata.io/ Frame 13F5
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=1503420A0FFBD164211E941F0208C2A7
https://x01.aidata.io/0.gif?pid=9401454&id=1503420A0FFBD164211E941F0208C2A7&bounce=1
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=EC369CAC5FB5724C9D31&back=STOP

0
432 B

98ms
97ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=EC369CAC5FB5724C9D31&back=STOP
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 08:21:36 GMT
last-modified: Tue, 08 Aug 2023 08:21:35 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Tue, 08 Aug 2023 08:21:35 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=EC369CAC5FB5724C9D31&back=STOP
Date: Tue, 08 Aug 2023 08:21:36 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 262
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

sape.js
sync.gonet-ads.com/match/ Frame 13F5
Redirect Chain

https://sync.gonet-ads.com/match/sape.js?id=1503420A0FFBD164211E941F0208C2A7
https://sync.gonet-ads.com/match/sape.js?id=1503420A0FFBD164211E941F0208C2A7&chk=1

268 B
268 B

62ms
61ms

Image
application/javascript

188.42.105.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.gonet-ads.com/match/sape.js?id=1503420A0FFBD164211E941F0208C2A7&chk=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

188.42.105.236 , Luxembourg, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

Redirect headers

date: Tue, 08 Aug 2023 08:21:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
location: https://sync.gonet-ads.com/match/sape.js?id=1503420A0FFBD164211E941F0208C2A7&chk=1
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 13F5
Redirect Chain

https://sync.bumlam.com/?src=sap1&uid=1503420A0FFBD164211E941F0208C2A7
https://sync.bumlam.com/?src=sap1&s_data=CAIQARiQ9semBmIgMTUwMzQyMEEwRkZCRDE2NDIxMUU5NDFGMDIwOEMyQTeiARCXfOEWNcQR7rHaACWQyCQ3

0
523 B

58ms
57ms

Image
text/html

31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&s_data=CAIQARiQ9semBmIgMTUwMzQyMEEwRkZCRDE2NDIxMUU5NDFGMDIwOEMyQTeiARCXfOEWNcQR7rHaACWQyCQ3
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Date: Tue, 08 Aug 2023 08:21:36 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Tue, 08 Aug 2023 08:21:36 GMT
Server: nginx
ETag: 977ce116-35c4-11ee-b1da-002590c82437
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARiQ9semBmIgMTUwMzQyMEEwRkZCRDE2NDIxMUU5NDFGMDIwOEMyQTeiARCXfOEWNcQR7rHaACWQyCQ3
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

done
pix.bumlam.com/sync/sape/ Frame 13F5
Redirect Chain

https://pix.bumlam.com/sync/sape/check?sspuid=1503420A0FFBD164211E941F0208C2A7
https://sync.bumlam.com/?src=sape
https://pix.bumlam.com/sync/sape/sync_ok?guid=977ce116-35c4-11ee-b1da-002590c82437
https://977ce116-35c4-11ee-b1da-002590c82437.n4.sync.bumlam.com/?src=sape
https://pix.bumlam.com/sync/sape/done

43 B
673 B

57ms
57ms

Image
image/gif

31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.bumlam.com/sync/sape/done

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 08:21:37 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.acint.net
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-Xss-Protection: 0
Expires: 05-Jun-2005 22:00:00 GMT

Redirect headers

location: https://pix.bumlam.com/sync/sape/done
access-control-allow-origin: *
date: Tue, 08 Aug 2023 08:21:37 GMT
server: nginx/1.24.0
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

1503420A0FFBD164211E941F0208C2A7
an.yandex.ru/mapuid/sapeis/ Frame 13F5
Redirect Chain

https://an.yandex.ru/mapuid/sapeis/1503420A0FFBD164211E941F0208C2A7
https://an.yandex.ru/mapuid/sapeis/1503420A0FFBD164211E941F0208C2A7?redir-setuniq=1

43 B
108 B

109ms
109ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/1503420A0FFBD164211E941F0208C2A7?redir-setuniq=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 08:21:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 08 Aug 2023 08:21:36 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 08 Aug 2023 08:21:36 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Aug 2023 08:21:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 08 Aug 2023 08:21:36 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/sapeis/1503420A0FFBD164211E941F0208C2A7?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 08 Aug 2023 08:21:36 GMT

GET
H/1.1

200
OK

cm
nr.bidderstack.com/mts/ Frame 13F5
Redirect Chain

https://nr.bidderstack.com/sape/cm?user_id=1503420A0FFBD164211E941F0208C2A7
https://nr.bidderstack.com/sape/cm?user_id=1503420A0FFBD164211E941F0208C2A7&pupa=1
https://sm.rtb.mts.ru/p?ssp=hyper&id=35aea82e-b97f-81ba-10e9-a5448dd2cdc3
https://vma.mts.ru/match/second?ssp=15&exu=35aea82e-b97f-81ba-10e9-a5448dd2cdc3
https://tech.rtb.mts.ru/?dsp_uid=6f0c6979-db94-4a1d-930a-436df05ca88a&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D15%2...
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D15%26em%3D2%26ssp%3Daidata%26id%3D%24UID
https://vma.mts.ru/em?next=15&em=2&ssp=aidata&id=69xbgmtCo0m78DavYMOVRA
https://nr.bidderstack.com/mts/cm?user_id=6f0c6979-db94-4a1d-930a-436df05ca88a
https://nr.bidderstack.com/mts/cm?user_id=6f0c6979-db94-4a1d-930a-436df05ca88a&pupa=1

44 B
384 B

101ms
101ms

Image
image/gif

94.130.221.58
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr.bidderstack.com/mts/cm?user_id=6f0c6979-db94-4a1d-930a-436df05ca88a&pupa=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 94.130.221.58 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.58.221.130.94.clients.your-server.de
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 08 Aug 2023 08:21:37 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 44
Content-Type: image/gif

Redirect headers

Location: /mts/cm?user_id=6f0c6979-db94-4a1d-930a-436df05ca88a&pupa=1
Access-Control-Allow-Origin: *
Date: Tue, 08 Aug 2023 08:21:37 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
www.acint.net/ Frame 13F5
Redirect Chain

https://cs.agency2.ru/p?ssp=sp&uid=1503420A0FFBD164211E941F0208C2A7
https://www.acint.net/match?dp=186&euid=74426a30-d662-43e5-903f-a93ccc70a78e

43 B
269 B

100ms
99ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=186&euid=74426a30-d662-43e5-903f-a93ccc70a78e
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:36 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Tue, 08 Aug 2023 08:21:36 GMT
Server: fasthttp
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Location: https://www.acint.net/match?dp=186&euid=74426a30-d662-43e5-903f-a93ccc70a78e
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Host: 23.111.107.44
Connection: keep-alive
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET cm
match.ohmy.bid/ Frame 13F5 0
0

GET
H/1.1 200
OK user-sync
sync.adkernel.com/ Frame 13F5 0
160 B 244ms
59ms Image
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 08:21:36 GMT
Cache-Control: no-store
Server: nginx
Connection: close
Age: 0
Content-Length: 0

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/7536/i/ Frame 13F5
Redirect Chain

https://sync.programmatica.com/match/01
https://sync.programmatica.com/match/01?chk=1
https://www.acint.net/rmatch?dp=235&euid=NjBjM2RhYmU2OTk3ZjUxNg&r=https%3A%2F%2Fsync.programmatica.com%2Fmatch%2F01%3Fid%3D%24%7BUSER_ID%7D%26fp%3D1642882560
https://sync.programmatica.com/match/01?id=1503420A0FFBD164211E941F0208C2A7&fp=1642882560
https://dmg.digitaltarget.ru/1/7536/i/i?a=1051&e=NjBjM2RhYmU2OTk3ZjUxNg&i=1kbvyin3v3i7c
https://dmg.digitaltarget.ru/awg/custom/7536/i/i?call_source=awg&ts=1691482897528&a=1051&e=NjBjM2RhYmU2OTk3ZjUxNg&i=1kbvyin3v3i7c

49 B
523 B

148ms
111ms

Image
image/gif

185.15.175.174
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/7536/i/i?call_source=awg&ts=1691482897528&a=1051&e=NjBjM2RhYmU2OTk3ZjUxNg&i=1kbvyin3v3i7c

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

185.15.175.174 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:37 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 49
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Tue, 08 Aug 2023 08:21:37 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Max-Age: 86400
Location: https://dmg.digitaltarget.ru/awg/custom/7536/i/i?call_source=awg&ts=1691482897528&a=1051&e=NjBjM2RhYmU2OTk3ZjUxNg&i=1kbvyin3v3i7c
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

yabbi.gif
prodmp.ru/ Frame 13F5
Redirect Chain

https://adx.com.ru/sape-sync?uid=1503420A0FFBD164211E941F0208C2A7
https://adx.com.ru/sync?sspKey=25&sspUserID=1503420A0FFBD164211E941F0208C2A7
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D64d1fb11d41e060001184f86%2526r%253D%26webouid%3...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D64d1fb11d41e060001184f86%2526r%253D%26webouid%3...
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D64d1fb11d41e060001184f86%26r%3D&webouid=TbJZnKUJx9UrOjvxgcGSvu
https://prodmp.ru/yabbi.gif?uid=64d1fb11d41e060001184f86&r=

0
229 B

301ms
97ms

Image
text/html

193.106.93.124
ITSOFT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prodmp.ru/yabbi.gif?uid=64d1fb11d41e060001184f86&r=
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.106.93.124 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/html;charset=utf-8
date: Tue, 08 Aug 2023 08:21:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://prodmp.ru/yabbi.gif?uid=64d1fb11d41e060001184f86&r=
date: Tue, 08 Aug 2023 08:21:37 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
content-type: text/html; charset=utf-8
server: nginx/1.22.0
content-length: 86
p3p: CP="adx.com.ru does not have a P3P policy"

GET
H2

404

bwxpeduUSh2TCkNt8Fyoig
an.yandex.ru/setud/mts_banner/ Frame 13F5
Redirect Chain

https://kimberlite.io/rtb/sync/sape2?u=1503420A0FFBD164211E941F0208C2A7
https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbuzzoola%3Fu%3D%24%7BUUID%7D%26f%3Dhttps%253A%252F%252Fwww.acint.net%252Fmatch%253Fdp%253D2...
https://kimberlite.io/rtb/sync/buzzoola?u=48d26137-c9e6-4e53-4da7-605d9c319ee6&f=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D243%26euid%3DZNH7EaymJw0&n=1
https://solta-sync.rutarget.ru/sync
https://kimberlite.io/rtb/sync/segmento?u=Ba2SUuCLdSJa
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZNH7EaymJw0
https://vma.mts.ru/match/second?ssp=59&exu=ZNH7EaymJw0
https://tech.rtb.mts.ru/?dsp_uid=6f0c6979-db94-4a1d-930a-436df05ca88a&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FbwxpeduUSh2TCkNt8Fyoig%3Flocation%3Dhttps%253A%252F%252Fvma.mts.ru...
https://an.yandex.ru/setud/mts_banner/bwxpeduUSh2TCkNt8Fyoig?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=762712589

43 B
176 B

116ms
116ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/bwxpeduUSh2TCkNt8Fyoig?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=762712589

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 08:21:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 08 Aug 2023 08:21:39 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 08 Aug 2023 08:21:39 GMT

Redirect headers

Date: Tue, 08 Aug 2023 08:21:39 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/bwxpeduUSh2TCkNt8Fyoig?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=762712589
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

match
www.acint.net/ Frame 13F5
Redirect Chain

https://sync.dsp.solta.io/match/sape?id=1503420A0FFBD164211E941F0208C2A7
https://sync.dsp.solta.io/match/sape?id=1503420A0FFBD164211E941F0208C2A7&chk=1
https://www.acint.net/match?dp=260&euid=NzRiN2FhMzY4ODFmYTBkMA

43 B
269 B

100ms
99ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=260&euid=NzRiN2FhMzY4ODFmYTBkMA
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:37 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=260&euid=NzRiN2FhMzY4ODFmYTBkMA
date: Tue, 08 Aug 2023 08:21:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
content-length: 0

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 13F5 43 B
452 B 99ms
98ms Image
image/gif 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=1503420A0FFBD164211E941F0208C2A7
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:37 GMT
Last-Modified: Tue, 08 Aug 2023 08:21:37 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Tue, 08 Aug 2023 14:21:37 GMT

GET
H2 200 set
sync.rambler.ru/ Frame 13F5 0
172 B 398ms
194ms Image
text/plain 91.192.150.52
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.rambler.ru/set?partner_id=1b87f89d-4fb1-4046-b5d4-1814eb9a34db&id=1503420A0FFBD164211E941F0208C2A7

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.150.52 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

sync.rambler.ru

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:37 GMT
strict-transport-security: max-age=0
x-passed: 0bal2
server: nginx
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK pixeljs Show response
dmp.vihub.ru/ Frame 3B05 1 KB
1 KB 179ms
62ms Script
application/javascript 136.243.149.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://dmp.vihub.ru/pixeljs?sa=17
Requested by: Host: pixel.vihub.ru
URL: http://pixel.vihub.ru/smart/_pub/advmaker/dist/smartPixel.min.js
Protocol: HTTP/1.1
Server: 136.243.149.224 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.149.243.136.clients.your-server.de
Software: fasthttp /
Resource Hash: 3effb8542983e0a8449a8bc89ad3e79da21934bc1bfd3d13c2a51558e929e240

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:35 GMT
Server: fasthttp
Connection: keep-alive
Content-Length: 1149
Content-Type: application/javascript

GET
H2 200 css
fonts.googleapis.com/ Frame D3EF 14 KB
2 KB 225ms
69ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1462358152931030&output=html&h=90&slotname=3958875260&adk=3102626627&adf=3135236955&pi=t.ma~as.3958875260&w=728&lmt=1691482893&url=http%3A%2F%2Fflines.ru%2F&wgl=1&dt=1691482894962&bpp=16&bdt=436&idt=532&shv=r20230803&mjsv=m202308020101&ptt=5&saldr=sa&abxe=1&correlator=5659033326546&frm=20&pv=2&ga_vid=1815878899.1691482895&ga_sid=1691482895&ga_hid=765523353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31076511%2C31076686%2C31076688&oid=2&pvsid=2172235896029367&tmod=183745331&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=gyWO2tnR8J&p=http%3A//flines.ru&dtd=546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 08 Aug 2023 08:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 07:07:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Aug 2023 08:21:36 GMT

GET
DATA 200
OK truncated
/ Frame D3EF 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/ Frame D3EF 23 KB
9 KB 202ms
67ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 21:32:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:32:41 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2BAE 143 B
166 B 64ms
60ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1462358152931030&output=html&h=90&slotname=3958875260&adk=3102626627&adf=3135236955&pi=t.ma~as.3958875260&w=728&lmt=1691482893&url=http%3A%2F%2Fflines.ru%2F&wgl=1&dt=1691482894962&bpp=16&bdt=436&idt=532&shv=r20230803&mjsv=m202308020101&ptt=5&saldr=sa&abxe=1&correlator=5659033326546&frm=20&pv=2&ga_vid=1815878899.1691482895&ga_sid=1691482895&ga_hid=765523353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31076511%2C31076686%2C31076688&oid=2&pvsid=2172235896029367&tmod=183745331&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=gyWO2tnR8J&p=http%3A//flines.ru&dtd=546
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

age: 801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 08:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/ Frame D3EF 3 KB
1 KB 208ms
76ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 21:32:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:32:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/ Frame D3EF 20 KB
8 KB 191ms
59ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 21:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:33:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D3EF 179 KB
57 KB 238ms
71ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57420
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691408699217355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 08:21:36 GMT

GET
H2 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame D3EF 33 KB
14 KB 236ms
69ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 19:53:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 12:59:03 GMT

GET
H/1.1

200
OK

match
dmp.vihub.ru/ Frame 3B05
Redirect Chain

http://x01.aidata.io/0.gif?pid=VIHUB&id=5998a725-8e67-4027-b4c3-7beba71f53d9
http://x01.aidata.io/0.gif?pid=VIHUB&id=5998a725-8e67-4027-b4c3-7beba71f53d9&bounce=1
http://dmp.vihub.ru/match?sysid=ai&redir=no&uid=

35 B
297 B

63ms
61ms

Image
image/gif

136.243.149.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dmp.vihub.ru/match?sysid=ai&redir=no&uid=
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbDyI_x293n&s=39052&t=bn&rand=955754893
Protocol: HTTP/1.1
Server: 136.243.149.224 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.149.243.136.clients.your-server.de
Software: fasthttp /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:36 GMT
Server: fasthttp
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 08:21:36 GMT
Last-Modified: Tue, 08 Aug 2023 08:21:35 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Location: http://dmp.vihub.ru/match?sysid=ai&redir=no&uid=
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 0
Expires: Tue, 08 Aug 2023 08:21:35 GMT

GET
H/1.1 200
OK ssp
sync.videonow.ru/ Frame 3B05 35 B
370 B 227ms
107ms Image
image/gif 212.76.131.50
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sync.videonow.ru/ssp?dsp=16&uuid=5998a725-8e67-4027-b4c3-7beba71f53d9
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbDyI_x293n&s=39052&t=bn&rand=955754893
Protocol: HTTP/1.1
Server: 212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS: vs25.videonow.ru
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:36 GMT
Server: nginx
X-Conn-Req: 1
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Conn-Id: 602673
X-Error: dsp disabled
Content-Length: 35

GET pixel.gif
sync.1dmp.io/ Frame 3B05 0
0

GET
H2

200

match
dmp.vihub.ru/ Frame 3B05
Redirect Chain

http://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=5998a725-8e67-4027-b4c3-7beba71f53d9
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5166553&bn=5166553&rnd=5998a725-8e67-4027-b4c3-7beba71f53d9
https://dmp.vihub.ru/match?sysid=adr&redir=no&uid=ASekpCcqH69Vd92haq5ki6g

35 B
192 B

256ms
61ms

Image
image/gif

136.243.149.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.vihub.ru/match?sysid=adr&redir=no&uid=ASekpCcqH69Vd92haq5ki6g
Requested by: Host: am15.net
URL: http://am15.net/x/fpx.php?upst=j9ouyBm.sBbDyI_x293n&s=39052&t=bn&rand=955754893
Protocol: H2
Server: 136.243.149.224 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.149.243.136.clients.your-server.de
Software: fasthttp /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:36 GMT
server: fasthttp
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 08:21:36 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Content-Type: text/html
Location: //dmp.vihub.ru/match?sysid=adr&redir=no&uid=ASekpCcqH69Vd92haq5ki6g
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2BAE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

78ms
76ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 08:21:36 GMT
expires: Tue, 08 Aug 2023 08:21:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 08:21:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame 13F5 16 KB
16 KB 198ms
197ms Script
application/javascript 185.15.175.145
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=301104872953742
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 08:21:37 GMT
Last-Modified: Tue, 08 Aug 2023 08:04:13 GMT
Server: nginx
ETag: "64d1f6fd-3e14"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15892

GET
H2 200 10423327149975865548
tpc.googlesyndication.com/daca_images/simgad/ Frame 0285 87 KB
87 KB 117ms
116ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10423327149975865548

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1462358152931030&output=html&h=600&slotname=8520186874&adk=1604639398&adf=3459201735&pi=t.ma~as.8520186874&w=160&lmt=1691482893&format=160x600&url=http%3A%2F%2Fflines.ru%2F&wgl=1&dt=1691482895146&bpp=2&bdt=620&idt=370&shv=r20230803&mjsv=m202308020101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3958875260&correlator=5659033326546&frm=20&pv=1&ga_vid=1815878899.1691482895&ga_sid=1691482895&ga_hid=765523353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1356&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31076511%2C31076686%2C31076688&oid=2&pvsid=2172235896029367&tmod=183745331&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=AUuITisSzs&p=http%3A//flines.ru&dtd=373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39da92f47fafb43a17390709be8bce1ba238d0adb5dbadb1c9f5d20f34249324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 12:01:29 GMT
x-content-type-options: nosniff
age: 246007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88929
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 09:05:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 04 Aug 2024 12:01:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/ Frame 0285 23 KB
9 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 21:32:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:32:41 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DB30 143 B
166 B 62ms
60ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1462358152931030&output=html&h=600&slotname=8520186874&adk=1604639398&adf=3459201735&pi=t.ma~as.8520186874&w=160&lmt=1691482893&format=160x600&url=http%3A%2F%2Fflines.ru%2F&wgl=1&dt=1691482895146&bpp=2&bdt=620&idt=370&shv=r20230803&mjsv=m202308020101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3958875260&correlator=5659033326546&frm=20&pv=1&ga_vid=1815878899.1691482895&ga_sid=1691482895&ga_hid=765523353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1356&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31076511%2C31076686%2C31076688&oid=2&pvsid=2172235896029367&tmod=183745331&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=AUuITisSzs&p=http%3A//flines.ru&dtd=373
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

age: 801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 08:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/ Frame 0285 3 KB
1 KB 207ms
205ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 21:32:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:32:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/ Frame 0285 20 KB
8 KB 208ms
207ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 21:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:33:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0285 179 KB
56 KB 202ms
177ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57420
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691408699217355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 08:21:36 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/ Frame 0285 33 KB
13 KB 211ms
211ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

769651ed8ed763552ff527a25a5fa5a5ead5337270bd76b03eda1e4ee8e45e8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 21:35:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38781
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13536
x-xss-protection: 0
server: cafe
etag: 530816353660834600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:35:15 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DB30
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

76ms
74ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 08:21:36 GMT
expires: Tue, 08 Aug 2023 08:21:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 08:21:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D3EF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 866d270f009ea801391dbce675c4ac86510cdca863476efccdf35783e4cc4e22

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame D3EF 33 KB
34 KB 236ms
73ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 271055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 05:04:01 GMT

GET
H2 200 cds.html Show response
cdn.adlook.me/u/ Frame 01E1 1 KB
2 KB 137ms
135ms Document
text/html 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adlook.me/u/cds.html
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 8719a7a7e474f30d7a1d5dbf2ab97bbd73437c28ef567b410361540ad38c985e

Request headers

Referer: http://am15.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

accept-ranges: bytes
cache: HIT
content-length: 1439
content-type: text/html
date: Tue, 08 Aug 2023 08:21:36 GMT
etag: "207a2dfe136cd61:0"
last-modified: Thu, 06 Aug 2020 17:06:57 GMT
server: nginx
x-cached-since: 2023-08-08T08:19:19+00:00
x-id: m9-up-gc91
x-powered-by: ASP.NET

GET
H2 200 rlf.css
cdn.adlook.me/css/ Frame 0C7A 2 KB
2 KB 136ms
133ms Stylesheet
text/css 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adlook.me/css/rlf.css?1.4
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 99956dd0176eb7a7bd68cf621287c4b200ec827b0254c38f276f58070012821d

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-id: m9-up-gc91
date: Tue, 08 Aug 2023 08:21:36 GMT
last-modified: Thu, 30 Mar 2023 10:46:31 GMT
server: nginx
etag: "a2d6aee3f462d91:0"
x-powered-by: ASP.NET
x-cached-since: 2023-08-08T08:14:22+00:00
content-type: text/css
cache: HIT
accept-ranges: bytes
content-length: 2276

GET
H2 200 css
fonts.googleapis.com/ Frame 7F49 6 KB
779 B 71ms
69ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1462358152931030&output=html&h=200&slotname=4361553359&adk=883275230&adf=1422343706&pi=t.ma~as.4361553359&w=200&lmt=1691482893&format=200x200&url=http%3A%2F%2Fflines.ru%2F&wgl=1&dt=1691482895148&bpp=2&bdt=622&idt=373&shv=r20230803&mjsv=m202308020101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&prev_slotnames=3958875260&correlator=5659033326546&frm=20&pv=1&ga_vid=1815878899.1691482895&ga_sid=1691482895&ga_hid=765523353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=66&ady=363&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759837%2C44759927%2C31076511%2C31076686%2C31076688&oid=2&pvsid=2172235896029367&tmod=183745331&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=pVcMkWPVSk&p=http%3A//flines.ru&dtd=376

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 08 Aug 2023 08:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 07:03:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Aug 2023 08:21:36 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/ Frame 7F49 23 KB
9 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 21:32:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:32:41 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/ Frame 7F49 3 KB
1 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 21:32:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:32:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/ Frame 7F49 20 KB
8 KB 61ms
59ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 21:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:33:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F49 179 KB
56 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57420
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691408699217355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 08:21:36 GMT

GET
H2 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame 7F49 33 KB
14 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 19:53:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 12:59:03 GMT

GET
H2 200 vast Show response
ads.adlook.me/ Frame 0C7A 2 B
207 B 91ms
91ms XHR
application/json 5.200.43.243
ITGRAD

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adlook.me/vast?id=8526&w=600&h=338&mult=1&rw=0&ref=&loc=http%3A%2F%2Fflines.ru&top=http%3A%2F%2Fflines.ru&_ts=1691482896452
Requested by: Host: cdn.adlook.me
URL: https://cdn.adlook.me/js/rlf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.200.43.243 , Russian Federation, ASN48096 (ITGRAD, RU),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://am15.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: http://am15.net
date: Tue, 08 Aug 2023 08:21:36 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
content-length: 2
content-type: application/json

GET
DATA 200
OK truncated
/ Frame 0285 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12b75770d9b7baa45de8c398c7c4e9e69a717a1688528cc3dacd73eeef417c7f

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 7F49
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C5Z5eD_vRZMaOKaWptOUPurWdmArRkszjcdnB88mlEWQQASDhl6cKYNW11wKgAY7k2foCyAEJqQJrP7mK22uyPqgDAcgDywSqBOsBT9DlVJLMofHcUdlj5p1trtm46fwNoLDa8CM7XUOmJBm...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211541977589356011671%22,%22debug_reporting%22:true,%22destination%22:%22https://tamayoycia.com%22,%22event_report_window%2...

0
0

214ms
93ms

Fetch
text/css

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211541977589356011671%22,%22debug_reporting%22:true,%22destination%22:%22https://tamayoycia.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22794194446%22],%224%22:[%2208-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22521989245959989057%22}&andc=true

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:36 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11541977589356011671","debug_reporting":true,"destination":"https://tamayoycia.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["794194446"],"4":["08-08"],"6":["true"]},"priority":"500","source_event_id":"521989245959989057"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 08 Aug 2023 08:21:36 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 08 Aug 2023 08:21:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11541977589356011671","debug_reporting":true,"destination":"https://tamayoycia.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["794194446"],"4":["08-08"],"6":["true"]},"priority":"500","source_event_id":"521989245959989057"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/16788818949103116114/ Frame 7F49 57 KB
57 KB 150ms
149ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16788818949103116114/2076313506083323656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d356fb1eaa5f5587b51697044216e99700fafab5f55a917b99f33a83cf6e08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:36 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58469
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 13:49:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Aug 2024 08:21:36 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8987898145126679071/ Frame 7F49 2 KB
2 KB 60ms
60ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8987898145126679071/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f60ec73d058044894a27176e2f23d9a98100490b77128d7dbcfaddcb0adf18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 03:33:12 GMT
x-content-type-options: nosniff
age: 17304
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1713
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 13:49:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Aug 2024 03:33:12 GMT

GET
DATA 200
OK truncated
/ Frame 7F49 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7F49 15 KB
15 KB 62ms
62ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 360884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 04:06:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7F49 15 KB
16 KB 73ms
73ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 240257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 13:37:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7F49 15 KB
15 KB 85ms
85ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 15:22:55 GMT
x-content-type-options: nosniff
age: 320321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 15:22:55 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0285
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CU4ZBD_vRZMnXKJeRtOUPwrGyqA3NxMqHco2H5PPGEdSEu_uaAhABIOGXpwpg1bXXAqAB75f2vwPIAQKpAlzoT7uFcLI-qAMByAPJBKoEvQFP0Kl7sispCHLW17O8cdy43GRy4hmnzQmNC8q...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216598544324194815368%22,%22debug_reporting%22:true,%22destination%22:%22https://aramalikian.com%22,%22event_report_window%...

0
0

214ms
95ms

Fetch
text/css

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216598544324194815368%22,%22debug_reporting%22:true,%22destination%22:%22https://aramalikian.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22939363311%22],%224%22:[%2208-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221121804736198065265%22}&andc=true

Requested by

Host: flines.ru
URL: http://flines.ru/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:37 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"16598544324194815368","debug_reporting":true,"destination":"https://aramalikian.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["939363311"],"4":["08-08"],"6":["true"]},"priority":"500","source_event_id":"1121804736198065265"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 08 Aug 2023 08:21:37 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 08 Aug 2023 08:21:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16598544324194815368","debug_reporting":true,"destination":"https://aramalikian.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["939363311"],"4":["08-08"],"6":["true"]},"priority":"500","source_event_id":"1121804736198065265"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D3EF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CeWm2D_vRZL_AItT2mLAP36ebiAPB2oLecYHm5_CKEaTn8u2VAhABIOGXpwpg1bXXAqAB1_-Z0wPIAQGpAlzoT7uFcLI-qAMByAPLBKoEuQFP0L0_4yjxPvfcxcDWjgKWiPa5r9kYqgIwzeJ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214741035011184032420%22,%22debug_reporting%22:true,%22destination%22:%22https://infineon.com%22,%22event_report_window%22:...

0
0

210ms
91ms

Fetch
text/css

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214741035011184032420%22,%22debug_reporting%22:true,%22destination%22:%22https://infineon.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22979795927%22],%224%22:[%2208-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222919094431712824049%22}&andc=true

Requested by

Host: flines.ru
URL: http://flines.ru/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:36 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"14741035011184032420","debug_reporting":true,"destination":"https://infineon.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["979795927"],"4":["08-08"],"6":["true"]},"priority":"500","source_event_id":"2919094431712824049"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 08 Aug 2023 08:21:36 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 08 Aug 2023 08:21:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14741035011184032420","debug_reporting":true,"destination":"https://infineon.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["979795927"],"4":["08-08"],"6":["true"]},"priority":"500","source_event_id":"2919094431712824049"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 899E 37 KB
15 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:48:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Aug 2024 07:48:48 GMT

GET
H2 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 41A4 37 KB
14 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:48:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Aug 2024 07:48:48 GMT

GET
DATA 200
OK truncated
/ Frame 7F49 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00c4b5424189e864da7bdeda3e18e784377747cc166c0a2791a43c13d910ad0f

Request headers

accept-language: es-ES,es;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 241ms
92ms Preflight
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 08 Aug 2023 08:21:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 165ms
93ms Preflight
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 08 Aug 2023 08:21:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 164ms
94ms Preflight
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 08 Aug 2023 08:21:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame CA42 37 KB
14 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 07:48:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Aug 2024 07:48:48 GMT

GET
H2

200

counter
top-fwz1.mail.ru/ Frame 13F5
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=865564189053843.126518426461940&a=77&e=1503420A0FFBD164211E941F0208C2A7&pref=http%3A%2F%2Fflines.ru%2F&c=ss:77.up:1503420A0FFBD164211E941F0208C2A7.sync:up....
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1691482897568&i=865564189053843.126518426461940&a=77&e=1503420A0FFBD164211E941F0208C2A7&pref=http%3A%2F%2Fflines.ru%2F&c=ss:77.up...
https://top-fwz1.mail.ru/counter?id=3210372;pid=k3SiB4uiAsQADqd74Naj

43 B
876 B

309ms
100ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3210372;pid=k3SiB4uiAsQADqd74Naj

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:38 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Tue, 08 Aug 2023 08:21:37 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Max-Age: 86400
Location: https://top-fwz1.mail.ru/counter?id=3210372;pid=k3SiB4uiAsQADqd74Naj
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

counter
top-fwz1.mail.ru/ Frame 13F5
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=865564189053843.357187976945468&a=77&e=1503420A0FFBD164211E941F0208C2A7&pref=http%3A%2F%2Fflines.ru%2F&c=ss:77.up:1503420A0FFBD164211E941F0208C2A7.sync:up....
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1691482897645&i=865564189053843.357187976945468&a=77&e=1503420A0FFBD164211E941F0208C2A7&pref=http%3A%2F%2Fflines.ru%2F&c=ss:77.up...
https://top-fwz1.mail.ru/counter?id=3210372;pid=.MTPT3YiRyAVLoV79jPI

43 B
872 B

256ms
101ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3210372;pid=.MTPT3YiRyAVLoV79jPI

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 08:21:38 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Tue, 08 Aug 2023 08:21:37 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Max-Age: 86400
Location: https://top-fwz1.mail.ru/counter?id=3210372;pid=.MTPT3YiRyAVLoV79jPI
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7F49 42 B
64 B 286ms
168ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgOXqm9tV8ZmnWg6Iu1-wiE4nH8G60hVF_uqGzCQtQYmUmweLYspNpMdVWkXkfeoYDL0jsBq9Sx8xkOiXoiidCCjgetAD2DHH0oyC_UJli91Ix2k4DFoq_UjwVwZryX-AwxW1w0GgTssZ7&sai=AMfl-YQeXH8-SDDpBw2Fa3C62iOwtQTjdh-C0cKp9EXyIY20uMPUUSGacpRjxQ6WLG3NyrARu9Hf_NYFCjwT&sig=Cg0ArKJSzFJN7fzkUgmpEAE&cid=CAQSGwBpAlJWQceDXrA9f2j2pJ75U_r6-hQTUcg_-xgB&id=lidar2&mcvt=1000&p=0,0,200,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230807&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=883275230&rs=2&la=0&cr=0&vs=4&r=v&rst=1691482895525&rpt=1153&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 08:21:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.acint.net/ping/
Redirect Chain

http://www.acint.net/ping/?v=0.6.0&uid=175e8b84-cb7b-4eb7-bd41-f80870c26211&dp=10&tz=%2B00%3A00&nc=685056&dT=2023-08-08T08%3A21%3A38.338
https://www.acint.net/ping/?v=0.6.0&uid=175e8b84-cb7b-4eb7-bd41-f80870c26211&dp=10&tz=%2B00%3A00&nc=685056&dT=2023-08-08T08%3A21%3A38.338

43 B
224 B

100ms
100ms

Image
image/gif

193.3.184.135
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.6.0&uid=175e8b84-cb7b-4eb7-bd41-f80870c26211&dp=10&tz=%2B00%3A00&nc=685056&dT=2023-08-08T08%3A21%3A38.338
Requested by: Host: flines.ru
URL: http://flines.ru/
Protocol: H2
Server: 193.3.184.135 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv319.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://flines.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 08 Aug 2023 08:21:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/ping/?v=0.6.0&uid=175e8b84-cb7b-4eb7-bd41-f80870c26211&dp=10&tz=%2B00%3A00&nc=685056&dT=2023-08-08T08%3A21%3A38.338
Date: Tue, 08 Aug 2023 08:21:38 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.weborama.io
URL: http://static.weborama.io/556d807310823b694772f699.js

Domain: match.ohmy.bid
URL: https://match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D

Domain: sync.1dmp.io
URL: http://sync.1dmp.io/pixel.gif?cid=5cf84683-2e0c-42f6-ad4f-7502fc73b092&pid=1c414efa-7700-4fed-9953-20c233fe626d&uid=5998a725-8e67-4027-b4c3-7beba71f53d9

Verdicts & Comments Add Verdict or Comment

186 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

95 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kimberlite.io/rtb/sync	1970-01-20 13:51:22	Name: f Value: https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D243%26euid%3DZNH7EaymJw0
kimberlite.io/rtb/sync	1970-01-20 13:51:22	Name: n Value: 3
.flines.ru/	1970-01-20 14:24:42	Name: SESS92683ef507a5fcf17d55f2d1f71f805d Value: kcij1njfgkc9i1o49n75oq19h3
flines.ru/	1969-12-31 23:59:59	Name: has_js Value: 1
.flines.ru/	1970-01-20 23:27:22	Name: __utma Value: 162415467.1815878899.1691482895.1691482895.1691482895.1
.flines.ru/	1969-12-31 23:59:59	Name: __utmc Value: 162415467
.flines.ru/	1970-01-20 18:14:10	Name: __utmz Value: 162415467.1691482895.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.flines.ru/	1970-01-20 13:51:23	Name: __utmt Value: 1
.flines.ru/	1970-01-20 13:51:24	Name: __utmb Value: 162415467.1.10.1691482895
flines.ru/	1970-01-20 23:27:22	Name: fid Value: 1f4e0db9-5ed3-4849-b379-7e789c860501
.yadro.ru/	1970-01-20 22:36:18	Name: FTID Value: 1aqViF084kOc1aqViF003Bqa
.rbnt.org/	1970-01-20 23:27:22	Name: bus Value: LHL45g2ucC7ZBLy52hmEQ1
.rbnt.org/	1970-01-20 13:51:22	Name: csc Value: 1
.acint.net/	1970-01-20 13:51:23	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-20 23:27:22	Name: aid Value: CkIDFWTR+w8flB4hp8IIAm7Aas6o5679hYb2nnMRByTbGH4s
.yadro.ru/	1970-01-20 22:36:18	Name: VID Value: 31yUx32GmRec1aqViF003GkV
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp14v4 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp17 Value: 1691482895
.acint.net/	1970-01-20 13:52:49	Name: cSyncDp45v4 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp53v3 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp62 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp67v2 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp68 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp71 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp80 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp85 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp95v3 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp98v2 Value: 1691482895
.acint.net/	1970-01-20 14:11:32	Name: cSyncDp104v2 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp107v1 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp110v2 Value: 1691482895
.acint.net/	1970-01-20 14:12:58	Name: cSyncDp125v3 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp126 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp127 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp129 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp136v2 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp146 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp148v1 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp149v2 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp151 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp178 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp186 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp217 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp221 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp235v1 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp239 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp243 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp260 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp244 Value: 1691482895
.acint.net/	1970-01-20 14:34:34	Name: cSyncDp248 Value: 1691482895
flines.ru/	1970-01-20 23:27:22	Name: _ac_oid Value: e918f97047bc11db082c82b419bbe7ba%3A1691486495668
.flines.ru/	1970-01-20 23:12:58	Name: __gads Value: ID=2bf1c7f48ceab9ea-223de8954cde00a5:T=1691482895:RT=1691482895:S=ALNI_MZAAc8SdPG6ze4aNhTPm_bYNJmqZw
.flines.ru/	1970-01-20 23:12:58	Name: __gpi Value: UID=00000c50459e66f9:T=1691482895:RT=1691482895:S=ALNI_MZg7FQBqWEdROvUshTDyC5KcJwj0g
.instreamatic.com/	1970-01-20 23:27:22	Name: uns Value: ISZJXWRCYJXK
.utraff.com/	1970-01-20 14:34:42	Name: preutid Value: 1
.upravel.com/	1970-01-20 13:51:23	Name: session_tptc Value: 1691482895877
.ccsyncuuid.net/	1970-01-20 22:36:58	Name: jcsuuid Value: sQycoa6SJ69Jojhs7dtj
.ssp-rtb.sape.ru/	1970-01-20 23:27:22	Name: sspuid Value: wQO4x2TR+w+bBgC2jujEArRWqBvTU8dp48Co5ZEzb89FKNWn
.adhigh.net/	1970-01-20 22:36:58	Name: gi_u Value: LrOcGr0WDwm.AikABlGJ1Dy2Rg
.upravel.com/	1970-01-20 23:27:22	Name: user_id Value: 41393fcc-04b4-4328-bb42-8c63dbb0336e
.adhigh.net/	1970-01-20 22:36:58	Name: sape_sync Value: LLLG
.adriver.ru/	1970-01-20 23:27:22	Name: cid Value: ASekpCcqH69Vd92haq5ki6g
sync.adspend.space/	1970-01-20 22:36:58	Name: as-user Value: 80de8f1f-46e6-4260-acd0-f9e9d0c3b3d1
.uuidksinc.net/	1970-01-20 22:36:58	Name: jcsuuid Value: Bj7Ghqur0MGyVilQuPod
.rutarget.ru/	1970-01-20 18:10:34	Name: userId Value: Ba2SUuCLdSJa
.doubleclick.net/	1970-01-20 13:51:26	Name: DSID Value: NO_DATA
.mts.ru/	1970-01-20 22:24:01	Name: dspid Value: 6f0c6979-db94-4a1d-930a-436df05ca88a
.betweendigital.com/	1970-01-20 22:36:58	Name: dc Value: was1
.betweendigital.com/	1970-01-20 22:36:58	Name: tuuid Value: b2dbdd81-d6f3-53dc-afd6-0693cb07fd83
.betweendigital.com/	1970-01-20 22:36:58	Name: ss Value: 1
.bidvol.com/	1970-01-20 23:27:22	Name: bvuid Value: ys9tl5cz01
.betweendigital.com/	1970-01-20 22:36:58	Name: ut Value: ZNH7EAAIZHD_R3wxziWIPL9r7UYgrgdPLroLOg==
.doubleclick.net/	1970-01-20 23:12:58	Name: IDE Value: AHWqTUn91Ozsf_q_y92LMpkyjMX9AT0VWwPO1Uj2vRrvyJkCh0ApbxQNY41A4krLc7I
.aidata.io/	1970-01-20 23:27:22	Name: __upin Value: 69xbgmtCo0m78DavYMOVRA
.aidata.io/	1970-01-20 23:27:22	Name: __upints Value: 1691482896
.bumlam.com/	1970-01-20 23:27:22	Name: suuid3 Value: IiQ5NzdjZTExNi0zNWM0LTExZWUtYjFkYS0wMDI1OTBjODI0Mzc*
x01.aidata.io/	1970-01-20 13:55:42	Name: livin Value: 1
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.yandex.ru/	1970-01-20 23:27:22	Name: yuidss Value: 3962179981691482896
.yandex.ru/	1970-01-20 23:27:22	Name: yandexuid Value: 3962179981691482896
.gonet-ads.com/	1970-01-20 22:38:25	Name: pid Value: Mzc0OTEzMTBkYTYxYWNhNw
.agency2.ru/	1970-01-20 22:24:01	Name: uuid Value: 74426a30-d662-43e5-903f-a93ccc70a78e
sync.programmatica.com/	1969-12-31 23:59:59	Name: chk Value: 1
.googleadservices.com/	1970-01-20 16:00:58	Name: ar_debug Value: 1
.programmatica.com/	1970-01-20 23:27:22	Name: pid Value: NjBjM2RhYmU2OTk3ZjUxNg
.mts.ru/	1970-01-20 23:27:22	Name: mts_id_last_sync Value: 1691482897
.adx.com.ru/	1970-01-20 22:36:58	Name: user Value: 64d1fb11d41e060001184f86
kimberlite.io/	1970-01-20 16:00:58	Name: u Value: ZNH7EaymJw0~348fjCg064Ys9b_j0FhthZX-DWY
.mts.ru/	1970-01-20 23:27:22	Name: mts_id Value: 50888342-fdbd-4314-8d1c-040422621e77
sync.dsp.solta.io/	1969-12-31 23:59:59	Name: chk Value: 1
.dsp.solta.io/	1970-01-20 23:27:22	Name: pid Value: NzRiN2FhMzY4ODFmYTBkMA
.weborama.fr/	1970-01-20 23:17:18	Name: AFFICHE_W Value: hC859h1D@X6E69
.dmg.digitaltarget.ru/	1970-01-20 23:27:22	Name: viuserid Value: .MTPT3YiRyAVLoV79jPI
prodmp.ru/	1970-01-20 16:00:58	Name: rai Value: ce6cb62ceec8d2229db521c678722736
.mail.ru/	1970-01-20 22:38:25	Name: VID Value: 1luuu20Cb62J002CW_1oy4IJ:::0-0-0-9ec53d0:CAASEF0is6ctW4zpsjFO1Hij-1caYLfDXutUxUqRYmf2HeFOR2-p_YmA7sskbAUhFJr14ZT63wDhHvf4sHEGEXbamZNV2z-Okefee1q2wvpOuUKdA5BrthXONLvzKc2g_QJxC3KQ8IR7owCANc139kESMHZE2A

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://flines.ru/(Line 278) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://flines.ru/(Line 278) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.telderi.ru/uploads/promote/33/33f41ae461f1ea2e92597f884fdb0ca3.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: http://static.weborama.io/556d807310823b694772f699.js Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://an.yandex.ru/setud/mts_banner/bwxpeduUSh2TCkNt8Fyoig?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=762712589 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

977ce116-35c4-11ee-b1da-002590c82437.n4.sync.bumlam.com
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
ads.adlook.me
ads.betweendigital.com
adx.com.ru
am15.net
an.yandex.ru
b.am15.net
cdn.adlook.me
counter.yadro.ru
cs.agency2.ru
dm-eu.hybrid.ai
dmg.digitaltarget.ru
dmp.vihub.ru
ev.adriver.ru
exchange.buzzoola.com
flines.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
kimberlite.io
match.new-programmatic.com
match.ohmy.bid
mts-dsp-sync.rutarget.ru
nr.bidderstack.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.bumlam.com
pixel.vihub.ru
prodmp.ru
px.adhigh.net
rbnt.org
redirect.frontend.weborama.fr
s.ccsyncuuid.net
s.uuidksinc.net
sape-sync.rutarget.ru
sm.rtb.mts.ru
solta-sync.rutarget.ru
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bestssp.com
ssp.bidvol.com
static.weborama.io
sync.1dmp.io
sync.adkernel.com
sync.adspend.space
sync.bumlam.com
sync.dmp.otm-r.com
sync.dsp.solta.io
sync.gonet-ads.com
sync.programmatica.com
sync.rambler.ru
sync.upravel.com
sync.videonow.ru
t02.rbnt.org
tag.digitaltarget.ru
tech.rtb.mts.ru
top-fwz1.mail.ru
tpc.googlesyndication.com
vma.mts.ru
www.acint.net
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.telderi.ru
x.instreamatic.com
x01.aidata.io
match.ohmy.bid
static.weborama.io
sync.1dmp.io
136.243.149.224
138.201.65.68
142.132.138.213
148.251.159.22
148.251.236.118
159.69.142.212
159.69.59.100
167.235.117.41
185.147.80.35
185.15.175.145
185.15.175.174
185.40.31.214
188.120.241.43
188.42.105.236
188.72.109.103
193.106.93.124
193.3.184.135
193.3.184.219
194.190.76.38
195.209.108.49
195.209.108.50
195.209.108.56
212.76.129.182
212.76.131.50
213.87.44.187
216.58.212.130
217.199.220.44
217.65.2.150
217.66.147.35
23.111.107.44
2606:4700:20::681a:3c2
2606:4700:3035::ac43:832e
2a00:1148:db00::17
2a00:1450:4001:806::2002
2a00:1450:4001:809::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2001
2a02:6b8::90
2a11:27c0::93
31.172.81.158
31.172.81.159
31.220.27.134
35.190.24.218
37.230.131.21
45.9.24.193
46.243.172.93
46.254.17.231
5.200.43.243
51.250.21.242
65.109.65.188
77.245.57.72
81.222.128.214
83.222.117.2
88.212.202.52
89.108.119.28
89.108.120.68
91.192.150.52
94.130.221.58
94.228.127.171
95.163.52.67
95.216.224.48
95.216.240.254
96.46.183.20
00c4b5424189e864da7bdeda3e18e784377747cc166c0a2791a43c13d910ad0f
05829f2f9ed5152b6c01beed29fb0d848c9d6a3e07cbc3b0faedab8add37169e
0a5cb1e1065610673f85a27bb5352ae912795764a316b6c5b541059df2354175
0d2b6767c1eeec6527b35c80396c6cf594c986cacb4533e05b9bb21f5bb87516
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12b75770d9b7baa45de8c398c7c4e9e69a717a1688528cc3dacd73eeef417c7f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
21b82e2818317d8154b0015d7a606c590429a8645c79d2f90922449c805a2fd9
224000b805a674988b4d7ba45131637c09a9561f827ffede9df18bde823693af
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
250ddfcd64220de2e1d8e2961a095f1c8538b5ead3358bd2d1aaf7cd05f06c5c
26dc134dd8f00285c940e0f09f2006213423f5053cad89c31fa4c5af039ce50e
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30d356fb1eaa5f5587b51697044216e99700fafab5f55a917b99f33a83cf6e08
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3271186537c73dc9314f5baf36124165a2534dd2fe251c529c4ca7f3ac882aa2
36273eefecf92422ef4ed8271bd027cacb855fcf437390d41f8ce7216b2e912f
37dbbc0da918410d4fd1662e1534f3389b603a7c95dfedf3a97049a6713ea42d
39da92f47fafb43a17390709be8bce1ba238d0adb5dbadb1c9f5d20f34249324
3effb8542983e0a8449a8bc89ad3e79da21934bc1bfd3d13c2a51558e929e240
4043017d4cb2caa320dd22feb81c39d5b00041d6c0a7e383c8b776e93e72429d
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc
4db4a06085d09c9492059b07dae0f9c6acd998c5a0eff738c81a55d61cc00cf7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5874033e2e3a34ae30303dbab3f29e99e0cd360c2420b01b48676ad4d09b20fa
5b26f9b01ab954e34183dfc334fa74accdc21417549ac1987be609d576ee6caa
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
675635adeabcc950282b70067beaa95053788a65abf25f9293fd42e97307c365
68e2b1636cfdb420164f7df160652ff0dbece639bea93c175e28b92fb75906d5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b0d4f3b369f75dc2b8f203a586bda1030d1f941d57b99483da7e289b24c538a
6fa0e98811e3ed03bb01a98f757980dd16c8ea494fd207e50e9cc88534cedbe1
7143219fc14098ea9366ce4041f1c71796379ade6457cf5571dbb7e52b3cd7ba
769651ed8ed763552ff527a25a5fa5a5ead5337270bd76b03eda1e4ee8e45e8c
79cd557d6d9f52f12657ec3b469ee3692920720af96b573d591d44c45914788c
7ba484f4dc7004aafba6c06213ac871d9eace0003f36af00fa7f4247f30816aa
7cb6bb2d1fcc4440a2bc17d268db1ddd407e93726f539f44cb4e529363b8c383
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50
866d270f009ea801391dbce675c4ac86510cdca863476efccdf35783e4cc4e22
8719a7a7e474f30d7a1d5dbf2ab97bbd73437c28ef567b410361540ad38c985e
8a61e7d6f5bc31a574a9be1cd598d764b7d454c8c7950c83541faff7579f52f8
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
90156872997ef6f3d3822208cfab2bc10ae3ba41d339f4dfbee588e3366a1674
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
913e0bff2ebdfd8aa46e82e8282910638f68fdb9f56f447f1f6b259f3fe5e539
9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e
9461fbdce530c7c54dc8f95c4ccca8678d912420c1451adfb62f6c0811770dae
97f83d837c88230eb5cca8c25ef55b49525beef37ca13c1d7b6af17252f9879d
99956dd0176eb7a7bd68cf621287c4b200ec827b0254c38f276f58070012821d
9a4d4b0095f5dfd9adf1a509029b110a24bfc96c1cf3273c6d59718563e4c7db
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9c2e256025363e72b6eba89baeee3e42941df4395891a35dcc669c03e14d39ee
a0b8a4bd74d499ebe2edff4a450b545c8d1ab98433f37cf3976cd5d974cf768d
a72f6e287ccbd8e44f5f415148688ca4cc0abddd57e0b14e62560eb7e3152397
aa76185f417cf85d7029b35e3a6544d4495402e17f76a32633b5ba80a81faa26
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abbe7009fae4258ae9a3541a99174f0f677d920c5111eadf5d455eadcd02126b
c79702613b0eea39823b86fb964855dca2909136dda3ede5d68d5a851a83804b
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d394943f23c6995ae4f92fa38deb1d61ab0166e155faac6e061ea2c65c85cc9a
d71c4ede4adb08cee902dd2a598461fb2c8e1057bed997f705ddaaf29cc81de2
e2f60ec73d058044894a27176e2f23d9a98100490b77128d7dbcfaddcb0adf18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e963c1ca7015609dc039e072491493f645d8990a446457a447b76b19c3c043a7
e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334
eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6f1e3cc85c557f030fb35477d5877b517bf14eab65e067e4119e0aea1876fab
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8ef0068a018e69ac5f56505d59a2fa3acf3916b0040fa3a28301b39daf6bc19
fd7ba7b9571406a40e33dabe1f0b5eb9a8b95541cb30078c03f7500ea4bf9f26
fdc6a517565fca0fd219c019766714e5e1f48c7b15d997e6b83bc5faf8df67e4

flines.ru Open in urlscan Pro 46.254.17.231 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

136 Requests

42 %HTTPS

22 %IPv6

54 Domains

72 Subdomains

40 IPs

7 Countries

1084 kBTransfer

2424 kBSize

95 Cookies

5 Outgoing links

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

flines.ru Open in urlscan Pro
46.254.17.231 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

42 %
HTTPS

22 %
IPv6

54
Domains

72
Subdomains

40
IPs

7
Countries

1084 kB
Transfer

2424 kB
Size

95
Cookies

136 HTTP transactions
5 data transactions