www.binetti.ru Open in urlscan Pro
37.140.192.226 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://binetti.ru/
Effective URL:
http://www.binetti.ru/
Submission: On October 07 via api (October 7th 2022, 12:02:50 am UTC) from US — Scanned from DE

Summary HTTP 124 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 37 IPs in 8 countries across 49 domains to perform 124 HTTP transactions. The main IP is 37.140.192.226, located in Russian Federation and belongs to AS-REG, RU. The main domain is www.binetti.ru.

This is the only time www.binetti.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	37.140.192.226 37.140.192.226	197695 (AS-REG) (AS-REG)
1	2a00:1450:400... 2a00:1450:400d:80a::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
6 22	157.90.179.28 157.90.179.28	24940 (HETZNER-AS) (HETZNER-AS)
9	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
2 4	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
1 1	193.3.184.217 193.3.184.217	50214 (QWARTA) (QWARTA)
2 2	193.232.150.70 193.232.150.70	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
2 2	195.209.108.36 195.209.108.36	52007 (ADRIVER-AS) (ADRIVER-AS)
2	195.209.111.7 195.209.111.7	52007 (ADRIVER-AS) (ADRIVER-AS)
1	2606:4700:303... 2606:4700:3032::6815:3b42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.88.82.46 23.88.82.46	24940 (HETZNER-AS) (HETZNER-AS)
1	37.18.103.21 37.18.103.21	205675 (HYBRID-AS) (HYBRID-AS)
2	185.15.175.133 185.15.175.133	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	138.201.65.74 138.201.65.74	24940 (HETZNER-AS) (HETZNER-AS)
3 3	148.251.236.118 148.251.236.118	24940 (HETZNER-AS) (HETZNER-AS)
1	142.251.39.34 142.251.39.34	15169 (GOOGLE) (GOOGLE)
1 1	109.248.237.36 109.248.237.36	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	185.147.80.35 185.147.80.35	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
1 2	78.46.100.125 78.46.100.125	24940 (HETZNER-AS) (HETZNER-AS)
1 1	87.242.93.112 87.242.93.112	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	176.122.21.139 176.122.21.139	48096 (ITGRAD) (ITGRAD)
1 1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1 2	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
2 2	217.66.147.33 217.66.147.33	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
2 4	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1 1	168.119.8.212 168.119.8.212	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.135 31.220.27.135	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	65.108.236.88 65.108.236.88	24940 (HETZNER-AS) (HETZNER-AS)
1	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
2 3	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
1 1	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
2 2	142.132.209.138 142.132.209.138	24940 (HETZNER-AS) (HETZNER-AS)
1 2	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	148.251.217.100 148.251.217.100	24940 (HETZNER-AS) (HETZNER-AS)
1	139.45.228.100 139.45.228.100	9002 (RETN-AS) (RETN-AS)
1 1	23.111.107.44 23.111.107.44	39134 (UNITEDNET) (UNITEDNET)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
6	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
4 4	185.15.175.134 185.15.175.134	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
11	2a00:1450:400... 2a00:1450:400d:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.20.2 172.217.20.2	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:400d:80c::2006	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:f70... 2a02:26f0:f700:2ae::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
124	37

15 37.140.192.226 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: server69.hosting.reg.ru

binetti.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.binetti.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 157.90.179.28 (Germany) 6 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1487986.sapientru.net

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.3.184.217 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.70 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp2.senders.ntvplus.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.36 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.111.7 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
PTR: ssp2.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:3b42 (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.82.46 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.82.88.23.clients.your-server.de

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.21 (Netherlands)

ASN205675 (HYBRID-AS, DE)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.133 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.65.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.65.201.138.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 148.251.236.118 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-4.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fa51c5ff-2b21-4eb9-b145-c6d649f2a279.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.39.34 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.36 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.147.80.35 (Russian Federation) 1 redirects

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: ssp2.bestssp.com

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.100.125 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.242.93.112 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr15.segmento.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.122.21.139 (Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation) 1 redirects

ASN16345 (BEE-AS Russia, RU)

1cb35a9da56c3f63fd002206027e0159-sp.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.97.2 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.33 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-33-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.8.212 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.212.8.119.168.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.135 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.236.88 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88.236.108.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.108.120.76 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.132.209.138 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.138.209.132.142.clients.your-server.de

dmp.gotechnology.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.159 (Frankfurt am Main, Germany) 1 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.217.100 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.100.217.251.148.clients.your-server.de

nr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.228.100 (Russian Federation)

ASN9002 (RETN-AS, GB)
PTR: serv20.mt.viaprog.eu

mediatoday.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.107.44 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

cs.agency2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.15.175.134 (Russian Federation) 4 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.20.2 (United States)

ASN15169 (GOOGLE, US)
PTR: ham02s13-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:400d:80c::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:f700:2ae::4469 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	acint.net 6 redirects www.acint.net — Cisco Umbrella Rank: 19593 acint.net — Cisco Umbrella Rank: 15755	18 KB
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 170	361 KB
17	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 364	220 KB
15	binetti.ru 1 redirects binetti.ru www.binetti.ru	187 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	105 KB
7	doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 304 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 390	78 KB
6	digitaltarget.ru 4 redirects tag.digitaltarget.ru — Cisco Umbrella Rank: 73779 dmg.digitaltarget.ru — Cisco Umbrella Rank: 13997	22 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 704 tps.doubleverify.com — Cisco Umbrella Rank: 712 tpsc-eu3.doubleverify.com — Cisco Umbrella Rank: 9324	109 KB
4	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 2472	1 KB
4	adriver.ru 2 redirects ad.adriver.ru — Cisco Umbrella Rank: 12742 ssp.adriver.ru — Cisco Umbrella Rank: 14638	2 KB
4	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2616	2 KB
3	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 11119	1 KB
3	mts.ru 3 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 20961 tech.rtb.mts.ru — Cisco Umbrella Rank: 21550	2 KB
3	upravel.com 3 redirects sync.upravel.com — Cisco Umbrella Rank: 19601 fa51c5ff-2b21-4eb9-b145-c6d649f2a279.sync.upravel.com	2 KB
3	mail.ru ad.mail.ru — Cisco Umbrella Rank: 5894 top-fwz1.mail.ru — Cisco Umbrella Rank: 5365	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 228	89 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 136	671 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 5221	914 B
2	bumlam.com 1 redirects sync.bumlam.com — Cisco Umbrella Rank: 3953	1 KB
2	gotechnology.io 2 redirects dmp.gotechnology.io — Cisco Umbrella Rank: 33599	611 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 9297	510 B
2	rktch.com 1 redirects ut.rktch.com — Cisco Umbrella Rank: 40002	679 B
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 12004	815 B
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 11418	827 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1003	645 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 4816	109 B
1	agency2.ru 1 redirects cs.agency2.ru — Cisco Umbrella Rank: 55940	753 B
1	mediatoday.ru mediatoday.ru — Cisco Umbrella Rank: 65026	367 B
1	bidderstack.com nr.bidderstack.com — Cisco Umbrella Rank: 21364	351 B
1	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 5532	287 B
1	gnezdo.ru fcgi4.gnezdo.ru — Cisco Umbrella Rank: 29706	189 B
1	new-programmatic.com match.new-programmatic.com — Cisco Umbrella Rank: 26151	215 B
1	bidvol.com 1 redirects ssp.bidvol.com — Cisco Umbrella Rank: 17767	455 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 3931	206 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 11852	176 B
1	beeline.ru 1 redirects 1cb35a9da56c3f63fd002206027e0159-sp.ops.beeline.ru	634 B
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 34593	186 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru — Cisco Umbrella Rank: 118975	411 B
1	bestssp.com 1 redirects ssp.bestssp.com — Cisco Umbrella Rank: 38204	304 B
1	adlmerge.com adlmerge.com — Cisco Umbrella Rank: 106965	115 B
1	adlabs.ru 1 redirects stat.adlabs.ru — Cisco Umbrella Rank: 137470	109 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 12047	69 B
1	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 13378	239 B
1	republer.com sync.republer.com — Cisco Umbrella Rank: 37789	68 B
1	utraff.com a.utraff.com — Cisco Umbrella Rank: 31854	785 B
1	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 18731	633 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
0	advarkads.com Failed s3.advarkads.com Failed
0	cloudfront.net Failed d31j93rd8oukbv.cloudfront.net Failed
124	49

	Domain	Requested by
18	www.acint.net	6 redirects www.binetti.ru www.acint.net
17	s0.2mdn.net	www.binetti.ru s0.2mdn.net
14	www.binetti.ru	www.binetti.ru
11	tpc.googlesyndication.com	googleads.g.doubleclick.net www.binetti.ru tpc.googlesyndication.com
10	pagead2.googlesyndication.com	www.binetti.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	fonts.gstatic.com	fonts.googleapis.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	dmg.digitaltarget.ru	4 redirects
4	an.yandex.ru	2 redirects www.acint.net
4	acint.net	www.acint.net
4	ads.betweendigital.com	2 redirects www.acint.net
3	x01.aidata.io	2 redirects www.acint.net
2	cdn.doubleverify.com	s0.2mdn.net www.binetti.ru
2	www.googletagservices.com	googleads.g.doubleclick.net
2	top-fwz1.mail.ru	www.acint.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	sync.bumlam.com	1 redirects www.acint.net
2	dmp.gotechnology.io	2 redirects
2	sm.rtb.mts.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	ut.rktch.com	1 redirects www.acint.net
2	sync.1dmp.io	1 redirects www.acint.net
2	sync.upravel.com	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	ssp.adriver.ru	www.acint.net
2	ad.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
1	tpsc-eu3.doubleverify.com	cdn.doubleverify.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	googleads4.g.doubleclick.net	www.binetti.ru
1	www.gstatic.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	sync.adkernel.com	www.acint.net
1	cs.agency2.ru	1 redirects
1	mediatoday.ru	www.acint.net
1	nr.bidderstack.com	www.acint.net
1	counter.yadro.ru	1 redirects
1	fcgi4.gnezdo.ru	www.acint.net
1	match.new-programmatic.com	www.acint.net
1	ssp.bidvol.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	exchange.buzzoola.com	1 redirects
1	tech.rtb.mts.ru	1 redirects
1	1cb35a9da56c3f63fd002206027e0159-sp.ops.beeline.ru	1 redirects
1	ads.adlook.me	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	ssp.bestssp.com	1 redirects
1	adlmerge.com	www.acint.net
1	stat.adlabs.ru	1 redirects
1	cm.g.doubleclick.net	www.acint.net
1	fa51c5ff-2b21-4eb9-b145-c6d649f2a279.sync.upravel.com	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm-eu.hybrid.ai	www.acint.net
1	sync.republer.com	www.acint.net
1	a.utraff.com	www.acint.net
1	ad.mail.ru	www.acint.net
1	ssp-rtb.sape.ru	1 redirects
1	fonts.googleapis.com	www.binetti.ru
1	binetti.ru	1 redirects
0	s3.advarkads.com Failed	www.acint.net
0	d31j93rd8oukbv.cloudfront.net Failed	www.binetti.ru
124	62

This site contains links to these domains. Also see Links.

Domain
gozdiploma.com
classiccarsbay.com
socolive1.com

Subject Issuer	Validity	Valid
*.acint.net R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
sync.republer.com R3	`2022-08-02` - `2022-10-31`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
tag.digitaltarget.ru R3	`2022-08-23` - `2022-11-21`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
new-programmatic.com R3	`2022-07-18` - `2022-10-16`	3 months	crt.sh
fcgi4.gnezdo.ru R3	`2022-09-08` - `2022-12-07`	3 months	crt.sh
*.bidderstack.com Go Daddy Secure Certificate Authority - G2	`2021-11-18` - `2022-12-20`	a year	crt.sh
mediatoday.ru R3	`2022-09-06` - `2022-12-05`	3 months	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G2	`2021-12-30` - `2023-01-31`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh

This page contains 11 frames:

Primary Page: http://www.binetti.ru/
Frame ID: B74D2FAC5A8CBB2AFDA3E96B711EA983
Requests: 39 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: 029557CA4109A65921A2290FC47D8029
Requests: 39 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=1CB35A9DA56C3F63FD002206027E0159
Frame ID: B3965A350C0F719ED763B61B2569895C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
Frame ID: 8FF87A28B6F6367535E5D70B84475FE3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7347418398743349&output=html&h=600&slotname=5573466918&adk=3456431468&adf=1572408509&pi=t.ma~as.5573466918&w=300&fwrn=4&fwrnh=100&lmt=1665100965&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.binetti.ru%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1665100965146&bpp=4&bdt=308&idt=194&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&correlator=2839911320933&frm=20&pv=2&ga_vid=687965031.1665100965&ga_sid=1665100965&ga_hid=1428362672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=90&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531705%2C44773613%2C31070101&oid=2&pvsid=2078307069603409&tmod=897092818&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HZqNpx4HQt&p=http%3A//www.binetti.ru&dtd=210
Frame ID: C5AE0BBB10BE6CE349322496CD40A839
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7347418398743349&output=html&adk=1812271804&adf=3025194257&lmt=1665100965&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.binetti.ru%2F&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1665100965160&bpp=2&bdt=321&idt=202&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&nras=1&correlator=2839911320933&frm=20&pv=1&ga_vid=687965031.1665100965&ga_sid=1665100965&ga_hid=1428362672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531705%2C44773613%2C31070101&oid=2&pvsid=2078307069603409&tmod=897092818&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=205
Frame ID: 3AB898CE3B97AF8226C3D8A7A9E9E888
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js
Frame ID: 3E11AEA792E8D5F44887596C22083F4F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1
Frame ID: 924FF52E99408AEB781AD9CC4C3C43FC
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 50BB1CD4C22029AF93F6BA2FC3018C3F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
Frame ID: 5F6670BA1AA9B42CACDA7311F24E6CC0
Requests: 16 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3094.js
Frame ID: C95EEFD3F3B8264E77AB2D659F249DB5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Электронная библиотека Marco Binetti - Теология, философия, филология, история

Page URL History Show full URLs

http://binetti.ru/ HTTP 301
http://www.binetti.ru/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

124
Requests

56 %
HTTPS

25 %
IPv6

49
Domains

62
Subdomains

37
IPs

8
Countries

1196 kB
Transfer

2971 kB
Size

77
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://gozdiploma.com/
Title: купить дипломы

Search URL Search Domain Scan URL

URL: https://classiccarsbay.com/
Title: this

Search URL Search Domain Scan URL

URL: https://socolive1.com/
Title: xem bong da

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://binetti.ru/ HTTP 301
http://www.binetti.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

http://www.acint.net/aci.js HTTP 302
https://www.acint.net/aci.js

Request Chain 26

http://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10&tc=1

Request Chain 27

http://www.acint.net/hit/?v=0.4.0&uid=5ab498e8-72f9-4b71-a98c-3b1b0942cdaa&dp=10&tz=%2B00%3A00&nc=85033770&u=http%3A%2F%2Fwww.binetti.ru%2F&r=&rs=1600x1200&t=%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B8%D0%B1%D0%BB%D0%B8%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20Marco%20Binetti%20-%20%D0%A2%D0%B5%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%8F%2C%20%D1%84%D0%B8%D0%BB%D0%BE%D1%81%D0%BE%D1%84%D0%B8%D1%8F%2C%20%D1%84%D0%B8%D0%BB%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%8F%2C%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D1%8F&oE=1&oP=1&dT=2022-10-07T00%3A02%3A45.084&fu=ad882dd4-9090-4b78-ac1e-98343563509e HTTP 302
https://www.acint.net/hit/?v=0.4.0&uid=5ab498e8-72f9-4b71-a98c-3b1b0942cdaa&dp=10&tz=%2B00%3A00&nc=85033770&u=http%3A%2F%2Fwww.binetti.ru%2F&r=&rs=1600x1200&t=%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B8%D0%B1%D0%BB%D0%B8%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20Marco%20Binetti%20-%20%D0%A2%D0%B5%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%8F%2C%20%D1%84%D0%B8%D0%BB%D0%BE%D1%81%D0%BE%D1%84%D0%B8%D1%8F%2C%20%D1%84%D0%B8%D0%BB%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%8F%2C%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D1%8F&oE=1&oP=1&dT=2022-10-07T00%3A02%3A45.084&fu=ad882dd4-9090-4b78-ac1e-98343563509e

Request Chain 28

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=1CB35A9DA56C3F63FD002206027E0159 HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=1CB35A9DA56C3F63FD002206027E0159&crf=1

Request Chain 29

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=86B803C1A56C3F638E00CE820288FA64

Request Chain 30

https://px.adhigh.net/p/cm/sape?u=1CB35A9DA56C3F63FD002206027E0159 HTTP 302
https://px.adhigh.net/p/cm/sape?u=1CB35A9DA56C3F63FD002206027E0159&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=ux96fXSFqOeb.AikABlGDr8Bm6A

Request Chain 32

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6154784242 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=AXnBZ1G2g2bVHLXqDPrs26Q&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1CB35A9DA56C3F63FD002206027E0159

Request Chain 38

https://sync.upravel.com/sape/sync HTTP 302
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP 302
https://fa51c5ff-2b21-4eb9-b145-c6d649f2a279.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP 302
https://www.acint.net/match?dp=71&euid=fa51c5ff-2b21-4eb9-b145-c6d649f2a279

Request Chain 40

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=1CB35A9DA56C3F63FD002206027E0159 HTTP 302
https://adlmerge.com/merge_gpsid/?sid=50&id=1CB35A9DA56C3F63FD002206027E0159

Request Chain 42

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP 302
https://www.acint.net/match?dp=95&euid=XVJUUGEF

Request Chain 43

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1CB35A9DA56C3F63FD002206027E0159 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1CB35A9DA56C3F63FD002206027E0159&cs=1

Request Chain 44

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=qbm-57bYUeux

Request Chain 45

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=107&euid=df73a830-aa57-5218-9fb0-475ffc8f2bfa

Request Chain 46

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=665422be12f24d1b9158bcf0d0b06fdf

Request Chain 47

https://1cb35a9da56c3f63fd002206027e0159-sp.ops.beeline.ru/p?ssp=sp&id=1CB35A9DA56C3F63FD002206027E0159 HTTP 301
https://www.acint.net/match?dp=111&euid=bbaf28ef-9cb0-4aea-ba2c-5ac9b369b338

Request Chain 48

https://ut.rktch.com/matchspm?pi=1000005&pui=1CB35A9DA56C3F63FD002206027E0159 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=2163173532 HTTP 302
https://ut.rktch.com/matchspm?pi=1000006&pui=sH3Wom2KWLhvguL/1wWXfu&noredirect

Request Chain 49

https://sm.rtb.mts.ru/p?ssp=sape&id=1CB35A9DA56C3F63FD002206027E0159 HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=30&exu=1CB35A9DA56C3F63FD002206027E0159 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=9157dd0f-3a01-4a6b-ac6d-4ee1e62bf71b&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FkVfdDzoBSmusbU7h5iv3Gw%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D0%26sign%3D789008300 HTTP 302
https://an.yandex.ru/setud/mts_banner/kVfdDzoBSmusbU7h5iv3Gw?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=789008300 HTTP 302
https://an.yandex.ru/setud/mts_banner/kVfdDzoBSmusbU7h5iv3Gw?redir-setuniq=1&location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=789008300

Request Chain 50

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=064c584a-0d72-4818-7922-cb2d57b447a9

Request Chain 51

https://s.uuidksinc.net/match/396/?remote_uid=1CB35A9DA56C3F63FD002206027E0159 HTTP 302
https://www.acint.net/match?dp=127&euid=gLJfWyFlZeed8tro7gIs

Request Chain 52

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=hf3dfhlmds

Request Chain 55

https://x01.aidata.io/0.gif?pid=9401454&id=1CB35A9DA56C3F63FD002206027E0159 HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=1CB35A9DA56C3F63FD002206027E0159&bounce=1 HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

Request Chain 56

https://dmp.gotechnology.io/match/sape?id=1CB35A9DA56C3F63FD002206027E0159 HTTP 302
https://dmp.gotechnology.io/match/sape?id=1CB35A9DA56C3F63FD002206027E0159&chk=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=98&external_user_id=NWI5OWYzYmI5Zjg2YTEyNA

Request Chain 57

https://sync.bumlam.com/?src=sap1&uid=1CB35A9DA56C3F63FD002206027E0159 HTTP 302
https://sync.bumlam.com/?src=sap1&s_data=CAIQARil2f2ZBmIgMUNCMzVBOURBNTZDM0Y2M0ZEMDAyMjA2MDI3RTAxNTmiARBfO4DwRdMR7YbgACWQwGR8

Request Chain 58

https://an.yandex.ru/mapuid/sapeis/1CB35A9DA56C3F63FD002206027E0159 HTTP 302
https://an.yandex.ru/mapuid/sapeis/1CB35A9DA56C3F63FD002206027E0159?redir-setuniq=1

Request Chain 61

https://cs.agency2.ru/p?ssp=sp&uid=1CB35A9DA56C3F63FD002206027E0159 HTTP 301
https://www.acint.net/match?dp=186&euid=f556864d-c2eb-4a10-aed0-704ee03bdb2f

Request Chain 72

https://dmg.digitaltarget.ru/1/1093/i/i?i=752446228291494.460771563857251&a=77&e=1CB35A9DA56C3F63FD002206027E0159&pref=http%3A%2F%2Fwww.binetti.ru%2F&c=ss:77.up:1CB35A9DA56C3F63FD002206027E0159.sync:up.xdua:du4nTa2BJmcUdujH4NZ_DCHO.xps:xpsQk6mZBTbm5SXYgtuIwUVNa.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=752446228291494.460771563857251&a=77&e=1CB35A9DA56C3F63FD002206027E0159&pref=http%3A%2F%2Fwww.binetti.ru%2F&c=ss:77.up:1CB35A9DA56C3F63FD002206027E0159.sync:up.xdua:du4nTa2BJmcUdujH4NZ_DCHO.xps:xpsQk6mZBTbm5SXYgtuIwUVNa.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://top-fwz1.mail.ru/counter?id=3210372;pid=fSt0kFfJCti2oDV7r3Nq

Request Chain 73

https://dmg.digitaltarget.ru/1/1093/i/i?i=752446228291494.318464607184151&a=77&e=1CB35A9DA56C3F63FD002206027E0159&pref=http%3A%2F%2Fwww.binetti.ru%2F&c=ss:77.up:1CB35A9DA56C3F63FD002206027E0159.sync:up.xdua:du4nTa2BJmcUdujH4NZ_DCHO.xps:xpsQk6mZBTbm5SXYgtuIwUVNa.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=752446228291494.318464607184151&a=77&e=1CB35A9DA56C3F63FD002206027E0159&pref=http%3A%2F%2Fwww.binetti.ru%2F&c=ss:77.up:1CB35A9DA56C3F63FD002206027E0159.sync:up.xdua:du4nTa2BJmcUdujH4NZ_DCHO.xps:xpsQk6mZBTbm5SXYgtuIwUVNa.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://top-fwz1.mail.ru/counter?id=3210372;pid=fSt0kFfJCti2oDV7r3Nq

Request Chain 123

http://www.acint.net/ping/?v=0.4.0&uid=5ab498e8-72f9-4b71-a98c-3b1b0942cdaa&dp=10&tz=%2B00%3A00&nc=17871089&dT=2022-10-07T00%3A02%3A48.087 HTTP 302
https://www.acint.net/ping/?v=0.4.0&uid=5ab498e8-72f9-4b71-a98c-3b1b0942cdaa&dp=10&tz=%2B00%3A00&nc=17871089&dT=2022-10-07T00%3A02%3A48.087

124 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.binetti.ru/
Redirect Chain

http://binetti.ru/
http://www.binetti.ru/

57 KB
13 KB

1319ms
1254ms

Document
text/html

37.140.192.226
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://www.binetti.ru/
Protocol: HTTP/1.1
Server: 37.140.192.226 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server69.hosting.reg.ru
Software: nginx / PHP/5.6.36
Resource Hash: bedf7b457c24d5b383eacc4e94e836c9379969e56b9b817f99d3d5482793a23f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 07 Oct 2022 00:02:44 GMT
Link: <http://www.binetti.ru/wp-json/>; rel="https://api.w.org/"
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.36

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 07 Oct 2022 00:02:43 GMT
Location: http://www.binetti.ru/
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK css
fonts.googleapis.com/ 11 KB
1 KB 75ms
43ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300italic,300,400italic,600&subset=latin,latin-ext

Requested by

Host: www.binetti.ru
URL: http://www.binetti.ru/

Protocol

HTTP/1.1

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

68b488221fba08c1279a8519975343e9d36180e35d4f3b64d6e311141fb4c275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Fri, 07 Oct 2022 00:02:44 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 07 Oct 2022 00:02:44 GMT

GET
H/1.1 200
OK main.min.css
www.binetti.ru/wp-content/themes/hueman/assets/front/css/ 84 KB
16 KB 93ms
53ms Stylesheet
text/css 37.140.192.226
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://www.binetti.ru/wp-content/themes/hueman/assets/front/css/main.min.css?ver=3.3.11
Requested by: Host: www.binetti.ru
URL: http://www.binetti.ru/
Protocol: HTTP/1.1
Server: 37.140.192.226 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server69.hosting.reg.ru
Software: nginx /
Resource Hash: 6447865a0a68425a762220124ca7a15c54deff5fa7afb11d6d9a14d9d154a417

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:44 GMT
Content-Encoding: gzip
Last-Modified: Sun, 21 May 2017 16:00:08 GMT
Server: nginx
ETag: W/"5921b988-150db"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK style.css
www.binetti.ru/wp-content/themes/hueman/ 2 KB
1 KB 80ms
40ms Stylesheet
text/css 37.140.192.226
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://www.binetti.ru/wp-content/themes/hueman/style.css?ver=3.3.11
Requested by: Host: www.binetti.ru
URL: http://www.binetti.ru/
Protocol: HTTP/1.1
Server: 37.140.192.226 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server69.hosting.reg.ru
Software: nginx /
Resource Hash: fc358e62bfe8f3657156a35455f76ac0b6c0cfc9cca9427375c132a809271124

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:44 GMT
Content-Encoding: gzip
Last-Modified: Sun, 21 May 2017 15:59:44 GMT
Server: nginx
ETag: W/"5921b970-88b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK font-awesome.min.css
www.binetti.ru/wp-content/themes/hueman/assets/front/css/ 30 KB
7 KB 88ms
46ms Stylesheet
text/css 37.140.192.226
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://www.binetti.ru/wp-content/themes/hueman/assets/front/css/font-awesome.min.css?ver=3.3.11
Requested by: Host: www.binetti.ru
URL: http://www.binetti.ru/
Protocol: HTTP/1.1
Server: 37.140.192.226 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server69.hosting.reg.ru
Software: nginx /
Resource Hash: cf68aada5a36baf3ac95c07dd53ebe86fe710856417dc3d48d28ecf9951913d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:44 GMT
Content-Encoding: gzip
Last-Modified: Sun, 21 May 2017 16:00:08 GMT
Server: nginx
ETag: W/"5921b988-78ba"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK jquery.js Show response
www.binetti.ru/wp-includes/js/jquery/ 95 KB
33 KB 103ms
61ms Script
application/javascript 37.140.192.226
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://www.binetti.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: www.binetti.ru
URL: http://www.binetti.ru/
Protocol: HTTP/1.1
Server: 37.140.192.226 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server69.hosting.reg.ru
Software: nginx /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Sep 2019 10:36:21 GMT
Server: nginx
ETag: W/"5d70e525-17a6a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.binetti.ru/wp-includes/js/jquery/ 10 KB
4 KB 91ms
47ms Script
application/javascript 37.140.192.226
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://www.binetti.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: www.binetti.ru
URL: http://www.binetti.ru/
Protocol: HTTP/1.1
Server: 37.140.192.226 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server69.hosting.reg.ru
Software: nginx /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:44 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 May 2016 03:11:28 GMT
Server: nginx
ETag: W/"573e8060-2748"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
57 KB 85ms
53ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.binetti.ru
URL: http://www.binetti.ru/

Protocol

HTTP/1.1

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ebc93b05d7223eb2cda01501fe766eedf8d01721ce4da725c28cc2f878d3364

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 722624913599642461
Vary: Accept-Encoding, Origin
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 58005
X-XSS-Protection: 0
Expires: Fri, 07 Oct 2022 00:02:45 GMT

GET
H/1.1 200
OK underscore.min.js Show response
www.binetti.ru/wp-includes/js/ 16 KB
6 KB 92ms
48ms Script
application/javascript 37.140.192.226
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://www.binetti.ru/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by: Host: www.binetti.ru
URL: http://www.binetti.ru/
Protocol: HTTP/1.1
Server: 37.140.192.226 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server69.hosting.reg.ru
Software: nginx /
Resource Hash: 4f5b2528815d8b1cd9b68b1a4bb1fe689696f8dcbc2c4a5104343b886ee68828

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Feb 2016 12:22:26 GMT
Server: nginx
ETag: W/"56c46602-401a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK scripts.min.js Show response
www.binetti.ru/wp-content/themes/hueman/assets/front/js/ 80 KB
24 KB 91ms
50ms Script
application/javascript 37.140.192.226
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://www.binetti.ru/wp-content/themes/hueman/assets/front/js/scripts.min.js?ver=3.3.11
Requested by: Host: www.binetti.ru
URL: http://www.binetti.ru/
Protocol: HTTP/1.1
Server: 37.140.192.226 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server69.hosting.reg.ru
Software: nginx /
Resource Hash: b2df5dad037f49d474f8e753c29ebfb95962caceb9a792125cf48a3dbdc2a680

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:44 GMT
Content-Encoding: gzip
Last-Modified: Sun, 21 May 2017 16:00:12 GMT
Server: nginx
ETag: W/"5921b98c-13f6b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK wp-embed.min.js Show response
www.binetti.ru/wp-includes/js/ 1 KB
1 KB 91ms
42ms Script
application/javascript 37.140.192.226
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://www.binetti.ru/wp-includes/js/wp-embed.min.js?ver=4.9.21
Requested by: Host: www.binetti.ru
URL: http://www.binetti.ru/
Protocol: HTTP/1.1
Server: 37.140.192.226 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server69.hosting.reg.ru
Software: nginx /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 10:35:42 GMT
Server: nginx
ETag: W/"607816fe-56f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.binetti.ru/wp-includes/js/ 12 KB
5 KB 45ms
45ms Script
application/javascript 37.140.192.226
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://www.binetti.ru/wp-includes/js/wp-emoji-release.min.js?ver=4.9.21
Requested by: Host: www.binetti.ru
URL: http://www.binetti.ru/
Protocol: HTTP/1.1
Server: 37.140.192.226 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server69.hosting.reg.ru
Software: nginx /
Resource Hash: 647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 10:35:42 GMT
Server: nginx
ETag: W/"607816fe-2ea7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H2

200

aci.js Show response
www.acint.net/
Redirect Chain

http://www.acint.net/aci.js
https://www.acint.net/aci.js

22 KB
7 KB

22ms
7ms

Script
application/x-javascript

157.90.179.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: www.binetti.ru
URL: http://www.binetti.ru/
Protocol: H2
Server: 157.90.179.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1487986.sapientru.net
Software: openresty /
Resource Hash: a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:45 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 08:25:14 GMT
server: openresty
etag: "62fa02ea-1d25"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7461
expires: Fri, 07 Oct 2022 12:02:45 GMT

Redirect headers

Location: https://www.acint.net/aci.js
Date: Fri, 07 Oct 2022 00:02:45 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET watch_ua.js
d31j93rd8oukbv.cloudfront.net/metrika/ 0
0

GET
H/1.1 200
OK s-right-s2.png
www.binetti.ru/wp-content/themes/hueman/assets/front/img/sidebar/ 74 B
303 B 43ms
43ms Image
image/png 37.140.192.226
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.binetti.ru/wp-content/themes/hueman/assets/front/img/sidebar/s-right-s2.png
Requested by: Host: www.binetti.ru
URL: http://www.binetti.ru/wp-content/themes/hueman/assets/front/css/main.min.css?ver=3.3.11
Protocol: HTTP/1.1
Server: 37.140.192.226 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server69.hosting.reg.ru
Software: nginx /
Resource Hash: afc0cabd52e86caf0a51e8bd639b9df3a721fb57f439f7ddd3cd64502b67c578

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/wp-content/themes/hueman/assets/front/css/main.min.css?ver=3.3.11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:45 GMT
Last-Modified: Sun, 21 May 2017 16:00:04 GMT
Server: nginx
ETag: "5921b984-4a"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 74

GET
H/1.1 200
OK s-left.png
www.binetti.ru/wp-content/themes/hueman/assets/front/img/sidebar/ 76 B
305 B 46ms
45ms Image
image/png 37.140.192.226
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.binetti.ru/wp-content/themes/hueman/assets/front/img/sidebar/s-left.png
Requested by: Host: www.binetti.ru
URL: http://www.binetti.ru/wp-content/themes/hueman/assets/front/css/main.min.css?ver=3.3.11
Protocol: HTTP/1.1
Server: 37.140.192.226 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server69.hosting.reg.ru
Software: nginx /
Resource Hash: e80770517ccc4f80563fbf11a0a8ace35fd89a2e276dc090c23b73b16e157fa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/wp-content/themes/hueman/assets/front/css/main.min.css?ver=3.3.11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:45 GMT
Last-Modified: Sun, 21 May 2017 16:00:04 GMT
Server: nginx
ETag: "5921b984-4c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76

GET
H/1.1 200
OK 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwkxduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 7 KB
8 KB 41ms
21ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwkxduz8A.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300italic,300,400italic,600&subset=latin,latin-ext

Protocol

HTTP/1.1

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

150e4d03ae35f998288f482393fd255f8a698ed1a83540cb58a03cbd36ad5f44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://www.binetti.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 18:21:17 GMT
X-Content-Type-Options: nosniff
Age: 193288
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 7428
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:20:09 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 04 Oct 2023 18:21:17 GMT

GET
H/1.1 200
OK 6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkido18Smxg.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 916 B
2 KB 40ms
19ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/sourcesanspro/v21/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkido18Smxg.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300italic,300,400italic,600&subset=latin,latin-ext

Protocol

HTTP/1.1

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

259feab5acef00ed8d670dca4bc902525f83d507e72bc606c5836096511b1f72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://www.binetti.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Thu, 06 Oct 2022 19:41:49 GMT
X-Content-Type-Options: nosniff
Age: 15656
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 916
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:02:27 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 06 Oct 2023 19:41:49 GMT

GET
H/1.1 200
OK 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwkxduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 7 KB
8 KB 41ms
20ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwkxduz8A.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300italic,300,400italic,600&subset=latin,latin-ext

Protocol

HTTP/1.1

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbee536fb46bd1af26b3cea7359f5c2f018eeb5fd6167ae3f5849ec45b29db70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://www.binetti.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 02:38:46 GMT
X-Content-Type-Options: nosniff
Age: 163439
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 7324
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:54:48 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 05 Oct 2023 02:38:46 GMT

GET
H/1.1 200
OK 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 41ms
21ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300italic,300,400italic,600&subset=latin,latin-ext

Protocol

HTTP/1.1

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://www.binetti.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Thu, 06 Oct 2022 17:33:15 GMT
X-Content-Type-Options: nosniff
Age: 23370
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 12956
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:54:52 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 06 Oct 2023 17:33:15 GMT

GET
H/1.1 200
OK 6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 7 KB
8 KB 41ms
21ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300italic,300,400italic,600&subset=latin,latin-ext

Protocol

HTTP/1.1

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0acd59e18ef9ca4f55b04271a6121d58e6f7044ea91395054dd52d5caf2a7a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://www.binetti.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 08:53:57 GMT
X-Content-Type-Options: nosniff
Age: 227328
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 7448
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:14:12 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 04 Oct 2023 08:53:57 GMT

GET
H/1.1 200
OK 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 39ms
20ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300italic,300,400italic,600&subset=latin,latin-ext

Protocol

HTTP/1.1

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://www.binetti.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Thu, 06 Oct 2022 17:32:02 GMT
X-Content-Type-Options: nosniff
Age: 23443
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 13052
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:09:03 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 06 Oct 2023 17:32:02 GMT

GET
H/1.1 200
OK 6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkids18Q.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 12 KB
13 KB 60ms
20ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/sourcesanspro/v21/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkids18Q.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300italic,300,400italic,600&subset=latin,latin-ext

Protocol

HTTP/1.1

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdd99d2c3e8e201d74478aae63335ae605ee193fc052cd650a34c79108a7785d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://www.binetti.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 19:07:47 GMT
X-Content-Type-Options: nosniff
Age: 190498
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 12556
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:04:27 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 04 Oct 2023 19:07:47 GMT

GET
H/1.1 200
OK 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 59ms
20ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300italic,300,400italic,600&subset=latin,latin-ext

Protocol

HTTP/1.1

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://www.binetti.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 04 Oct 2022 13:57:49 GMT
X-Content-Type-Options: nosniff
Age: 209096
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 13036
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:04:42 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 04 Oct 2023 13:57:49 GMT

POST
H/1.1 200
OK / Show response
www.binetti.ru/ 43 B
283 B 251ms
250ms XHR
application/json 37.140.192.226
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL

http://www.binetti.ru/?huajax=1

Requested by

Host: www.binetti.ru
URL: http://www.binetti.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4

Protocol

HTTP/1.1

Server

37.140.192.226 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

server69.hosting.reg.ru

Software

nginx / PHP/5.6.36

Resource Hash

58f4932348faf4f4d5f587bd0de4461719d0b58a4383b8fce25dfa3980ec5742

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: http://www.binetti.ru/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 07 Oct 2022 00:02:45 GMT
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.6.36
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.binetti.ru/wp-content/themes/hueman/assets/front/fonts/ 75 KB
76 KB 65ms
65ms Font
application/octet-stream 37.140.192.226
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://www.binetti.ru/wp-content/themes/hueman/assets/front/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.binetti.ru
URL: http://www.binetti.ru/wp-content/themes/hueman/assets/front/css/font-awesome.min.css?ver=3.3.11
Protocol: HTTP/1.1
Server: 37.140.192.226 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server69.hosting.reg.ru
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: http://www.binetti.ru/wp-content/themes/hueman/assets/front/css/font-awesome.min.css?ver=3.3.11
Origin: http://www.binetti.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:45 GMT
Last-Modified: Sun, 21 May 2017 16:00:10 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
ETag: "12d68-5500ad959f680"
Content-Length: 77160

GET
H/1.1 200
OK 6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 12 KB
12 KB 39ms
21ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300italic,300,400italic,600&subset=latin,latin-ext

Protocol

HTTP/1.1

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee519845ad25d096974439033bfbfc99578285ab9788287b915940cc7f8d3147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://www.binetti.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sat, 01 Oct 2022 04:19:31 GMT
X-Content-Type-Options: nosniff
Age: 502994
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 11792
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:04:43 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 01 Oct 2023 04:19:31 GMT

GET
H2

200

/ Show response
www.acint.net/mc/ Frame 0295
Redirect Chain

http://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10&tc=1

4 KB
5 KB

8ms
7ms

Document
text/html

157.90.179.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=10&tc=1
Requested by: Host: www.acint.net
URL: http://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.179.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1487986.sapientru.net
Software: openresty /
Resource Hash: 582e783e9ddada56179de8f5bd5d81f9f5aa7be88511a00e9be0dcab40bee732

Request headers

Referer: http://www.binetti.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 07 Oct 2022 00:02:45 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server: openresty

Redirect headers

content-length: 154
content-type: text/html
date: Fri, 07 Oct 2022 00:02:45 GMT
location: /mc/?dp=10&tc=1
server: openresty

GET
H2

200

/
www.acint.net/hit/
Redirect Chain

http://www.acint.net/hit/?v=0.4.0&uid=5ab498e8-72f9-4b71-a98c-3b1b0942cdaa&dp=10&tz=%2B00%3A00&nc=85033770&u=http%3A%2F%2Fwww.binetti.ru%2F&r=&rs=1600x1200&t=%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0...
https://www.acint.net/hit/?v=0.4.0&uid=5ab498e8-72f9-4b71-a98c-3b1b0942cdaa&dp=10&tz=%2B00%3A00&nc=85033770&u=http%3A%2F%2Fwww.binetti.ru%2F&r=&rs=1600x1200&t=%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D...

43 B
340 B

7ms
7ms

Image
image/gif

157.90.179.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.4.0&uid=5ab498e8-72f9-4b71-a98c-3b1b0942cdaa&dp=10&tz=%2B00%3A00&nc=85033770&u=http%3A%2F%2Fwww.binetti.ru%2F&r=&rs=1600x1200&t=%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B8%D0%B1%D0%BB%D0%B8%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20Marco%20Binetti%20-%20%D0%A2%D0%B5%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%8F%2C%20%D1%84%D0%B8%D0%BB%D0%BE%D1%81%D0%BE%D1%84%D0%B8%D1%8F%2C%20%D1%84%D0%B8%D0%BB%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%8F%2C%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D1%8F&oE=1&oP=1&dT=2022-10-07T00%3A02%3A45.084&fu=ad882dd4-9090-4b78-ac1e-98343563509e
Requested by: Host: www.binetti.ru
URL: http://www.binetti.ru/
Protocol: H2
Server: 157.90.179.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1487986.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 07 Oct 2022 00:02:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/hit/?v=0.4.0&uid=5ab498e8-72f9-4b71-a98c-3b1b0942cdaa&dp=10&tz=%2B00%3A00&nc=85033770&u=http%3A%2F%2Fwww.binetti.ru%2F&r=&rs=1600x1200&t=%D0%AD%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%B1%D0%B8%D0%B1%D0%BB%D0%B8%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20Marco%20Binetti%20-%20%D0%A2%D0%B5%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%8F%2C%20%D1%84%D0%B8%D0%BB%D0%BE%D1%81%D0%BE%D1%84%D0%B8%D1%8F%2C%20%D1%84%D0%B8%D0%BB%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%8F%2C%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D1%8F&oE=1&oP=1&dT=2022-10-07T00%3A02%3A45.084&fu=ad882dd4-9090-4b78-ac1e-98343563509e
Date: Fri, 07 Oct 2022 00:02:45 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H2

200

match
ads.betweendigital.com/ Frame 0295
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=1CB35A9DA56C3F63FD002206027E0159
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=1CB35A9DA56C3F63FD002206027E0159&crf=1

68 B
607 B

20ms
20ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=1CB35A9DA56C3F63FD002206027E0159&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=1CB35A9DA56C3F63FD002206027E0159&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 0295
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=86B803C1A56C3F638E00CE820288FA64

43 B
269 B

72ms
7ms

Image
image/gif

157.90.179.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=86B803C1A56C3F638E00CE820288FA64
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 157.90.179.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1487986.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Fri, 07 Oct 2022 00:02:45 GMT
Server: openresty
Access-Control-Allow-Methods: GET
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Location: https://acint.net/match?dp=14&euid=86B803C1A56C3F638E00CE820288FA64
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 0295
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=1CB35A9DA56C3F63FD002206027E0159
https://px.adhigh.net/p/cm/sape?u=1CB35A9DA56C3F63FD002206027E0159&bounced=1
https://acint.net/match?dp=17&euid=ux96fXSFqOeb.AikABlGDr8Bm6A

43 B
269 B

6ms
6ms

Image
image/gif

157.90.179.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=ux96fXSFqOeb.AikABlGDr8Bm6A
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 157.90.179.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1487986.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Oct 2022 00:02:45 GMT
server: nginx
x-backend-id: f14-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://acint.net/match?dp=17&euid=ux96fXSFqOeb.AikABlGDr8Bm6A
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 0295 43 B
764 B 267ms
56ms Image
image/gif 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=1CB35A9DA56C3F63FD002206027E0159
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:45 GMT
Last-Modified: Fri, 07 Oct 2022 00:02:45 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Fri, 07 Oct 2022 06:02:45 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 0295
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6154784242
https://www.acint.net/rmatch?dp=45&euid=AXnBZ1G2g2bVHLXqDPrs26Q&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1CB35A9DA56C3F63FD002206027E0159

42 B
201 B

149ms
54ms

Image
image/gif

195.209.111.7
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1CB35A9DA56C3F63FD002206027E0159
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 195.209.111.7 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS: ssp2.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:45 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Fri, 07 Oct 2022 00:02:45 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1CB35A9DA56C3F63FD002206027E0159
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame 0295 0
785 B 58ms
20ms Image
text/plain 2606:4700:3032::6815:3b42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=sape
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:3b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtEgXy%2Bw0T6oipRIUODD7Tok21ZF73l%2FStgqVl41utnVa979ZgFmv9bed7JI6LPQRAsvCXdG1KzBzVdgr4RLJueakH0ya8zlrx2o6PX6lAksFS0cKz4NIaDWil5KmX8vppG1h2BaopRZmCE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 75625ea8596c692b-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 match
sync.republer.com/ Frame 0295 0
68 B 116ms
4ms Image
text/plain 23.88.82.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.republer.com/match?dsp=sape

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.88.82.46 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.46.82.88.23.clients.your-server.de

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:45 GMT
strict-transport-security: max-age=0
server: nginx

GET
H2 204 match
dm-eu.hybrid.ai/ Frame 0295 0
239 B 61ms
14ms Image
text/plain 37.18.103.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=1CB35A9DA56C3F63FD002206027E0159

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.21 , Netherlands, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 00:02:45 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 509
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame 0295 3 KB
3 KB 154ms
44ms Script
application/javascript 185.15.175.133
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.133 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:45 GMT
Last-Modified: Thu, 06 Oct 2022 23:34:29 GMT
Server: nginx
ETag: "633f6605-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame 0295 0
69 B 67ms
7ms Image
text/plain 138.201.65.74
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=1CB35A9DA56C3F63FD002206027E0159
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.65.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.74.65.201.138.clients.your-server.de
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 07 Oct 2022 00:02:45 GMT
server: nginx/1.17.4

GET
H2

200

match
www.acint.net/ Frame 0295
Redirect Chain

https://sync.upravel.com/sape/sync
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
https://fa51c5ff-2b21-4eb9-b145-c6d649f2a279.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
https://www.acint.net/match?dp=71&euid=fa51c5ff-2b21-4eb9-b145-c6d649f2a279

43 B
269 B

7ms
6ms

Image
image/gif

157.90.179.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=71&euid=fa51c5ff-2b21-4eb9-b145-c6d649f2a279
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 157.90.179.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1487986.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Fri, 07 Oct 2022 00:02:45 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://www.acint.net/match?dp=71&euid=fa51c5ff-2b21-4eb9-b145-c6d649f2a279
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 0295 170 B
502 B 118ms
44ms Image
image/png 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=HLNanaVsP2P9ACIGAn4BWQ

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 00:02:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adlmerge.com/merge_gpsid/ Frame 0295
Redirect Chain

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=1CB35A9DA56C3F63FD002206027E0159
https://adlmerge.com/merge_gpsid/?sid=50&id=1CB35A9DA56C3F63FD002206027E0159

43 B
115 B

77ms
14ms

Image
image/gif

95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adlmerge.com/merge_gpsid/?sid=50&id=1CB35A9DA56C3F63FD002206027E0159
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:45 GMT
iseu: eu
server: nginx/1.16.0
content-type: image/gif

Redirect headers

location: //adlmerge.com/merge_gpsid/?sid=50&id=1CB35A9DA56C3F63FD002206027E0159
date: Thu, 06 Oct 2022 23:50:04 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 0295 42 B
201 B 273ms
54ms Image
image/gif 195.209.111.7
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1CB35A9DA56C3F63FD002206027E0159
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.209.111.7 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS: ssp2.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:45 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

match
www.acint.net/ Frame 0295
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
https://www.acint.net/match?dp=95&euid=XVJUUGEF

43 B
269 B

7ms
6ms

Image
image/gif

157.90.179.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=95&euid=XVJUUGEF
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 157.90.179.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1487986.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=95&euid=XVJUUGEF
Date: Fri, 07 Oct 2022 00:02:45 GMT
Server: nginx/1.16.1
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 0295
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1CB35A9DA56C3F63FD002206027E0159
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1CB35A9DA56C3F63FD002206027E0159&cs=1

35 B
376 B

7ms
6ms

Image
image/gif

78.46.100.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1CB35A9DA56C3F63FD002206027E0159&cs=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 78.46.100.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.100.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 07 Oct 2022 00:02:45 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1CB35A9DA56C3F63FD002206027E0159&cs=1
date: Fri, 07 Oct 2022 00:02:45 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

match
www.acint.net/ Frame 0295
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=qbm-57bYUeux

43 B
269 B

7ms
7ms

Image
image/gif

157.90.179.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=qbm-57bYUeux
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 157.90.179.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1487986.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=qbm-57bYUeux
Date: Fri, 07 Oct 2022 00:02:45 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame 0295
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=107&euid=df73a830-aa57-5218-9fb0-475ffc8f2bfa

43 B
269 B

34ms
8ms

Image
image/gif

157.90.179.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=df73a830-aa57-5218-9fb0-475ffc8f2bfa
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 157.90.179.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1487986.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=df73a830-aa57-5218-9fb0-475ffc8f2bfa
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 0295
Redirect Chain

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=665422be12f24d1b9158bcf0d0b06fdf

43 B
269 B

7ms
6ms

Image
image/gif

157.90.179.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=665422be12f24d1b9158bcf0d0b06fdf
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 157.90.179.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1487986.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=665422be12f24d1b9158bcf0d0b06fdf
date: Fri, 07 Oct 2022 00:02:45 GMT
server: Kestrel
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 0295
Redirect Chain

https://1cb35a9da56c3f63fd002206027e0159-sp.ops.beeline.ru/p?ssp=sp&id=1CB35A9DA56C3F63FD002206027E0159
https://www.acint.net/match?dp=111&euid=bbaf28ef-9cb0-4aea-ba2c-5ac9b369b338

43 B
269 B

7ms
6ms

Image
image/gif

157.90.179.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=111&euid=bbaf28ef-9cb0-4aea-ba2c-5ac9b369b338
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 157.90.179.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1487986.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Fri, 07 Oct 2022 00:02:45 GMT
x-route: http://upstream_cookiesync
server: nginx
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
location: https://www.acint.net/match?dp=111&euid=bbaf28ef-9cb0-4aea-ba2c-5ac9b369b338
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.30
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

matchspm
ut.rktch.com/ Frame 0295
Redirect Chain

https://ut.rktch.com/matchspm?pi=1000005&pui=1CB35A9DA56C3F63FD002206027E0159
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=2163173532
https://ut.rktch.com/matchspm?pi=1000006&pui=sH3Wom2KWLhvguL/1wWXfu&noredirect

84 B
84 B

39ms
39ms

Image
image/png

89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000006&pui=sH3Wom2KWLhvguL/1wWXfu&noredirect
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:45 GMT
Server: nginx/1.22.0
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Content-Length: 84

Redirect headers

pragma: no-cache
date: Fri, 07 Oct 2022 00:02:45 GMT
via: 1.1 google
last-modified: Fri, 07 Oct 2022 00:02:45 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://ut.rktch.com/matchspm?pi=1000006&pui=sH3Wom2KWLhvguL/1wWXfu&noredirect
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

404

kVfdDzoBSmusbU7h5iv3Gw
an.yandex.ru/setud/mts_banner/ Frame 0295
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=1CB35A9DA56C3F63FD002206027E0159
https://sm.rtb.mts.ru/match/second?ssp=30&exu=1CB35A9DA56C3F63FD002206027E0159
https://tech.rtb.mts.ru/?dsp_uid=9157dd0f-3a01-4a6b-ac6d-4ee1e62bf71b&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FkVfdDzoBSmusbU7h5iv3Gw%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
https://an.yandex.ru/setud/mts_banner/kVfdDzoBSmusbU7h5iv3Gw?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=789008300
https://an.yandex.ru/setud/mts_banner/kVfdDzoBSmusbU7h5iv3Gw?redir-setuniq=1&location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=789008300

43 B
103 B

68ms
68ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/kVfdDzoBSmusbU7h5iv3Gw?redir-setuniq=1&location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=789008300

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 00:02:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 07 Oct 2022 00:02:45 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 07 Oct 2022 00:02:45 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Oct 2022 00:02:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 07 Oct 2022 00:02:45 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/setud/mts_banner/kVfdDzoBSmusbU7h5iv3Gw?redir-setuniq=1&location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=789008300
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 07 Oct 2022 00:02:45 GMT

GET
H2

200

match
www.acint.net/ Frame 0295
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=064c584a-0d72-4818-7922-cb2d57b447a9

43 B
269 B

6ms
6ms

Image
image/gif

157.90.179.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=064c584a-0d72-4818-7922-cb2d57b447a9
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 157.90.179.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1487986.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=064c584a-0d72-4818-7922-cb2d57b447a9
date: Fri, 07 Oct 2022 00:02:45 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 0295
Redirect Chain

https://s.uuidksinc.net/match/396/?remote_uid=1CB35A9DA56C3F63FD002206027E0159
https://www.acint.net/match?dp=127&euid=gLJfWyFlZeed8tro7gIs

43 B
269 B

7ms
7ms

Image
image/gif

157.90.179.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=gLJfWyFlZeed8tro7gIs
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 157.90.179.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1487986.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=gLJfWyFlZeed8tro7gIs
date: Fri, 07 Oct 2022 00:02:45 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 0295
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=hf3dfhlmds

43 B
269 B

6ms
6ms

Image
image/gif

157.90.179.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=129&euid=hf3dfhlmds
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 157.90.179.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1487986.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Oct 2022 00:02:45 GMT
server: nginx/1.23.0
surrogate-control: no-store
vary: Origin
access-control-allow-origin: *
location: https://www.acint.net/match?dp=129&euid=hf3dfhlmds
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: f8f227d5-c406-4576-87a7-e1436e72a1f4
expires: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame 0295 0
215 B 141ms
42ms Image
text/plain 217.65.2.150
CITYTELECOM-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=1CB35A9DA56C3F63FD002206027E0159
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 , Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 07 Oct 2022 00:02:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 204 1CB35A9DA56C3F63FD002206027E0159
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame 0295 0
189 B 228ms
54ms Image
text/plain 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/1CB35A9DA56C3F63FD002206027E0159
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

server: nginx
date: Fri, 07 Oct 2022 00:02:45 GMT
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2

204

0.gif
x01.aidata.io/ Frame 0295
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=1CB35A9DA56C3F63FD002206027E0159
https://x01.aidata.io/0.gif?pid=9401454&id=1CB35A9DA56C3F63FD002206027E0159&bounce=1
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

0
434 B

44ms
44ms

Image
text/plain

89.108.120.76
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51804.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 00:02:45 GMT
last-modified: Fri, 07 Oct 2022 00:02:44 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Fri, 07 Oct 2022 00:02:44 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Date: Fri, 07 Oct 2022 00:02:45 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 242
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

match
ads.betweendigital.com/ Frame 0295
Redirect Chain

https://dmp.gotechnology.io/match/sape?id=1CB35A9DA56C3F63FD002206027E0159
https://dmp.gotechnology.io/match/sape?id=1CB35A9DA56C3F63FD002206027E0159&chk=1
https://ads.betweendigital.com/match?bidder_id=98&external_user_id=NWI5OWYzYmI5Zjg2YTEyNA

68 B
607 B

22ms
22ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=98&external_user_id=NWI5OWYzYmI5Zjg2YTEyNA
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

date: Fri, 07 Oct 2022 00:02:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
location: https://ads.betweendigital.com/match?bidder_id=98&external_user_id=NWI5OWYzYmI5Zjg2YTEyNA
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 0295
Redirect Chain

https://sync.bumlam.com/?src=sap1&uid=1CB35A9DA56C3F63FD002206027E0159
https://sync.bumlam.com/?src=sap1&s_data=CAIQARil2f2ZBmIgMUNCMzVBOURBNTZDM0Y2M0ZEMDAyMjA2MDI3RTAxNTmiARBfO4DwRdMR7YbgACWQwGR8

0
523 B

8ms
8ms

Image
text/html

31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&s_data=CAIQARil2f2ZBmIgMUNCMzVBOURBNTZDM0Y2M0ZEMDAyMjA2MDI3RTAxNTmiARBfO4DwRdMR7YbgACWQwGR8
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 31.172.81.159 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Date: Fri, 07 Oct 2022 00:02:45 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Fri, 07 Oct 2022 00:02:45 GMT
Server: nginx
ETag: 5f3b80f0-45d3-11ed-86e0-002590c0647c
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARil2f2ZBmIgMUNCMzVBOURBNTZDM0Y2M0ZEMDAyMjA2MDI3RTAxNTmiARBfO4DwRdMR7YbgACWQwGR8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2

200

1CB35A9DA56C3F63FD002206027E0159
an.yandex.ru/mapuid/sapeis/ Frame 0295
Redirect Chain

https://an.yandex.ru/mapuid/sapeis/1CB35A9DA56C3F63FD002206027E0159
https://an.yandex.ru/mapuid/sapeis/1CB35A9DA56C3F63FD002206027E0159?redir-setuniq=1

43 B
108 B

61ms
60ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/1CB35A9DA56C3F63FD002206027E0159?redir-setuniq=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 00:02:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 07 Oct 2022 00:02:45 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 07 Oct 2022 00:02:45 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Oct 2022 00:02:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 07 Oct 2022 00:02:45 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/sapeis/1CB35A9DA56C3F63FD002206027E0159?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 07 Oct 2022 00:02:45 GMT

GET
H/1.1 200
OK cm
nr.bidderstack.com/sape/ Frame 0295 44 B
351 B 49ms
8ms Image
image/gif 148.251.217.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr.bidderstack.com/sape/cm?user_id=1CB35A9DA56C3F63FD002206027E0159
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.217.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.217.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 44
Content-Type: image/gif

GET
H2 200 match.gif
mediatoday.ru/core/ Frame 0295 43 B
367 B 172ms
41ms Image
image/gif 139.45.228.100
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediatoday.ru/core/match.gif?s=32&id=1CB35A9DA56C3F63FD002206027E0159
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.45.228.100 , Russian Federation, ASN9002 (RETN-AS, GB),
Reverse DNS: serv20.mt.viaprog.eu
Software: nginx/1.20.2 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 00:02:45 GMT
server: nginx/1.20.2
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: image/gif
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 43
expires: Thursday, 01-Jan-1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame 0295
Redirect Chain

https://cs.agency2.ru/p?ssp=sp&uid=1CB35A9DA56C3F63FD002206027E0159
https://www.acint.net/match?dp=186&euid=f556864d-c2eb-4a10-aed0-704ee03bdb2f

43 B
269 B

7ms
6ms

Image
image/gif

157.90.179.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=186&euid=f556864d-c2eb-4a10-aed0-704ee03bdb2f
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 157.90.179.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1487986.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Fri, 07 Oct 2022 00:02:45 GMT
Server: fasthttp
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Location: https://www.acint.net/match?dp=186&euid=f556864d-c2eb-4a10-aed0-704ee03bdb2f
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Host: 23.111.107.44
Connection: keep-alive
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK user-sync
sync.adkernel.com/ Frame 0295 0
109 B 68ms
14ms Image
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:45 GMT
Server: nginx
Connection: close
Content-Length: 0

GET frame.html
s3.advarkads.com/modules/match/ Frame B396 0
0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ 349 KB
115 KB 127ms
66ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7347418398743349&plah=www.binetti.ru&bust=31070101

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cac39331fda1036b58d952e0ea6cc7acb5e9509b52b8f5a870cf0285e05609b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117220
x-xss-protection: 0
server: cafe
etag: 9061333971316160208
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 00:02:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/ Frame 8FF8 10 KB
5 KB 104ms
30ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.binetti.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 05:16:15 GMT
etag: 9671129459699598864
expires: Thu, 20 Oct 2022 05:16:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame 0295 16 KB
16 KB 88ms
88ms Script
application/javascript 185.15.175.133
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=462747538387930
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.133 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0935447866da8ca59df7d65710e0b68377a6dbc62c761e83ebfc83998f905788

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:45 GMT
Last-Modified: Thu, 06 Oct 2022 23:34:30 GMT
Server: nginx
ETag: "633f6606-3e14"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15892

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
645 B 73ms
50ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.binetti.ru&callback=_gfp_s_&client=ca-pub-7347418398743349

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7347418398743349&plah=www.binetti.ru&bust=31070101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7692160116f65b0ed4892fa6275bdffdcb2d8787a1ba942ee70ce0704905af2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 150ms
43ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.binetti.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 117ms
42ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.binetti.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C5AE 92 KB
33 KB 440ms
439ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7347418398743349&output=html&h=600&slotname=5573466918&adk=3456431468&adf=1572408509&pi=t.ma~as.5573466918&w=300&fwrn=4&fwrnh=100&lmt=1665100965&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.binetti.ru%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1665100965146&bpp=4&bdt=308&idt=194&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&correlator=2839911320933&frm=20&pv=2&ga_vid=687965031.1665100965&ga_sid=1665100965&ga_hid=1428362672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=90&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531705%2C44773613%2C31070101&oid=2&pvsid=2078307069603409&tmod=897092818&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HZqNpx4HQt&p=http%3A//www.binetti.ru&dtd=210

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95ba6389ceefe5fb329bf16f00d8299e411f4efea4927c4dc853fd8e0d44c838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.binetti.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33783
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 00:02:45 GMT
expires: Fri, 07 Oct 2022 00:02:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3AB8 94 KB
35 KB 574ms
573ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7347418398743349&output=html&adk=1812271804&adf=3025194257&lmt=1665100965&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.binetti.ru%2F&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1665100965160&bpp=2&bdt=321&idt=202&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&nras=1&correlator=2839911320933&frm=20&pv=1&ga_vid=687965031.1665100965&ga_sid=1665100965&ga_hid=1428362672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531705%2C44773613%2C31070101&oid=2&pvsid=2078307069603409&tmod=897092818&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=205

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2971044f5d144bf8d7c3bdee9250ab7d54f78b3f07baced9018c5ae779a72e89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.binetti.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 36001
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 00:02:45 GMT
expires: Fri, 07 Oct 2022 00:02:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

counter
top-fwz1.mail.ru/ Frame 0295
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=752446228291494.460771563857251&a=77&e=1CB35A9DA56C3F63FD002206027E0159&pref=http%3A%2F%2Fwww.binetti.ru%2F&c=ss:77.up:1CB35A9DA56C3F63FD002206027E0159.syn...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=752446228291494.460771563857251&a=77&e=1CB35A9DA56C3F63FD002206027E0159&pref=http%3A%2F%2Fwww.binetti.ru%2F&c=ss:77.up:1CB35A9DA56...
https://top-fwz1.mail.ru/counter?id=3210372;pid=fSt0kFfJCti2oDV7r3Nq

43 B
873 B

193ms
46ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3210372;pid=fSt0kFfJCti2oDV7r3Nq

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:46 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Fri, 07 Oct 2022 00:02:46 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 5
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://top-fwz1.mail.ru/counter?id=3210372;pid=fSt0kFfJCti2oDV7r3Nq
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

counter
top-fwz1.mail.ru/ Frame 0295
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=752446228291494.318464607184151&a=77&e=1CB35A9DA56C3F63FD002206027E0159&pref=http%3A%2F%2Fwww.binetti.ru%2F&c=ss:77.up:1CB35A9DA56C3F63FD002206027E0159.syn...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=752446228291494.318464607184151&a=77&e=1CB35A9DA56C3F63FD002206027E0159&pref=http%3A%2F%2Fwww.binetti.ru%2F&c=ss:77.up:1CB35A9DA56...
https://top-fwz1.mail.ru/counter?id=3210372;pid=fSt0kFfJCti2oDV7r3Nq

43 B
876 B

195ms
45ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3210372;pid=fSt0kFfJCti2oDV7r3Nq

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:46 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Fri, 07 Oct 2022 00:02:46 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 5
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://top-fwz1.mail.ru/counter?id=3210372;pid=fSt0kFfJCti2oDV7r3Nq
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame C5AE 2 KB
983 B 98ms
26ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7347418398743349&output=html&h=600&slotname=5573466918&adk=3456431468&adf=1572408509&pi=t.ma~as.5573466918&w=300&fwrn=4&fwrnh=100&lmt=1665100965&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.binetti.ru%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1665100965146&bpp=4&bdt=308&idt=194&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&correlator=2839911320933&frm=20&pv=2&ga_vid=687965031.1665100965&ga_sid=1665100965&ga_hid=1428362672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=90&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531705%2C44773613%2C31070101&oid=2&pvsid=2078307069603409&tmod=897092818&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HZqNpx4HQt&p=http%3A//www.binetti.ru&dtd=210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 22:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 22:53:21 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C5AE 0
0 62ms
62ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CleUlpWw_Y5uDGKTW7_UPl8mvCPqcp-5p7fazpLIQp9z80PMFEAEgkvHbK2CV2oiCmAegAa-Zn8ooyAEBqQKNwqo363ewPqgDAcgDywSqBNYBT9DdpRqEKG_IK6124ZNpBbSz_NfbJELFEWwXYr1XzHvlS9Pv9wlo5opy_jRpq3uD2Q2IiuKUhF_Es3CP7CJi9SyGXpLHsA0KdYbvIu6n18hylo9A2DAtzQIJFGZPH3CmygfenGuoqJ7ha_s8D35vPdFPzYCoxh1f2t5aM89GqcHVya9zdOmXwPbUZHW-t8QI-oivmM7XiVYV-ZcPbdM89N-1pZ4fxvvADFU_vb0h0PsJsrtAIyAphSefkYik16oU9OeT1gKbBTQTWaXUQXUAsnRihJP1lcAE76CGxYUEkgUECAQYAZIFBAgFGASgBgKAB6_R76kDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ3LIQ0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItNzM0NzQxODM5ODc0MzM0ORgA&sigh=Bw8xPftEyLU&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7347418398743349&output=html&h=600&slotname=5573466918&adk=3456431468&adf=1572408509&pi=t.ma~as.5573466918&w=300&fwrn=4&fwrnh=100&lmt=1665100965&rafmt=1&format=300x600&url=http%3A%2F%2Fwww.binetti.ru%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1665100965146&bpp=4&bdt=308&idt=194&shv=r20221003&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&correlator=2839911320933&frm=20&pv=2&ga_vid=687965031.1665100965&ga_sid=1665100965&ga_hid=1428362672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=90&ady=998&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531705%2C44773613%2C31070101&oid=2&pvsid=2078307069603409&tmod=897092818&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HZqNpx4HQt&p=http%3A//www.binetti.ru&dtd=210
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 07 Oct 2022 00:02:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Oct 2022 00:02:45 GMT

GET
H2 200 697424874345899350
tpc.googlesyndication.com/daca_images/simgad/ Frame C5AE 28 KB
29 KB 219ms
153ms Image
image/jpeg 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/697424874345899350?w=360&h=720

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

868800b1de89b90c7551834cbd3e4a2a752088121e1b61ba07bce73775ea432a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29148
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 02:20:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 14 Oct 2022 00:02:46 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame C5AE 23 KB
10 KB 79ms
21ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 23:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9540
x-xss-protection: 0
server: cafe
etag: 6580860447119072478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 23:31:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame C5AE 3 KB
1 KB 84ms
27ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 23:48:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 883
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 23:48:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame C5AE 17 KB
7 KB 81ms
24ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 23:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 23:58:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C5AE 142 KB
44 KB 117ms
103ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 00:02:45 GMT

GET
H2 200 270cb447f650f22be90b4349b85576c2.js Show response
www.gstatic.com/mysidia/ Frame C5AE 32 KB
14 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 19:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13677
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 00:52:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 29 Dec 2022 19:44:59 GMT

GET
DATA 200
OK truncated
/ Frame C5AE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 950078db143193dc85047251bef4dcc7ff085563fe8cf98e14d4b58fb90cce0f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ 151 KB
54 KB 95ms
54ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/reactive_library_fy2021.js?bust=31070101

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9e047367fc0c2bbd592e5dc978bdeac2929c6c2591b5c6fd39e90de7b4f3a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55042
x-xss-protection: 0
server: cafe
etag: 4866812984605845871
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 00:02:46 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 93ms
53ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=1&c=ca-pub-7347418398743349&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531705%2C44773613%2C31070101

Requested by

Host: www.binetti.ru
URL: http://www.binetti.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 00:02:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 77ms
53ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-7347418398743349&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20221004_090333&sat=1665054445375&afm=0&as_count=1&d_count=0&ng_count=0&am_count=0&atf_count=1&mdns=0.265&alldns=0.265&allp=28&fd=(0%2C24%2C0)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=2268&abl=false&rr=n&su=www.binetti.ru&pvc=2078307069603409&r=0.1&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531705%2C44773613%2C31070101

Requested by

Host: www.binetti.ru
URL: http://www.binetti.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 00:02:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E11 36 KB
16 KB 21ms
21ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 17:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15966
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Oct 2023 17:31:28 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 52ms
52ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=1&c=ca-pub-7347418398743349&eid=44759876%2C44759927%2C44759842%2C44774717%2C42531705%2C44773613%2C31070101

Requested by

Host: www.binetti.ru
URL: http://www.binetti.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 00:02:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 84ms
43ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.binetti.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 82ms
41ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.binetti.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/ Frame 924F 10 KB
4 KB 20ms
19ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.binetti.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 05:24:09 GMT
etag: 9671129459699598864
expires: Thu, 20 Oct 2022 05:24:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 924F 0
0 150ms
64ms Fetch
image/gif 172.217.20.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv6djRKWo6Tbbhfhf8Or6xfwXUr5YHTduhdOTDy5N5tme1qFFdFtdy-MiGiPXxPARmiQwirYlfg-25_HRSb3ojBjLr9mUBTPm3wXbEg9yUgiLdEfTcPk2cTP_X931V6SsEM4c7wp7rER9bFN98aZ4xdsY2TpRrVFuSty2k-GmEUcQBMQExCIyF-VUDu0-p29RsPlfHY6AvILK4_pbmEJzWp1jzGRDfK7BRixrSeAPZipwKW0Q9KhWIaY1VDTD-sshlfVtRlqlAgqKMsPS0su2vRfuZ0qeo-QsBvk83AcAq1DkiT4oaWo1jKZ4XJaQWwsIHqhnWnx15DebGLp1hOI2PozZaxH43IEeuBZWWJLU0Gqn-bBLiSuP4F5WqUzFg5e74K5Qt-ozAy-H06mcLoFr7ZY-Ado1W0tgDodl0irfRrsjDhZm2d0isHKSd4QJOy5TMs3ATOQIeUNHSrxWiqLKmM_asDIcnvpyAnls-rJToVexIhOWhYob5r9XC5WV2TxEFe9-EsO5sAqhl59gA3XX4dRbpEzk24tOxKOTxMwVN9OD97Ap8xo0b5igSOblLKzkO2a68W30vyl88h36H8ioPwNtjLkRyeG17uwzSs3C7G5l_FpddAwp89lcpqZX1k4ktyIEXzwPB_Hd4I8cnA8Xy9fGO6D9aa0uYR9Yp0XHyhr-orvqDZemlbuKoSe34NzSioqjOdnM3iD0lmbGoqa2uaQnxlCvOwCsWZXXKddRTHRAa3LLUAymNII1vFKqGi8mbkMrVtqbj5KpjZdGO1HYE3OVt9Td7yn7fmNHcbTxscMPyJ0jOvVoNtUNvaLRz055oB2QeO1DK9dATyNkodc7KCec4TwsFz-bcd-a3E8pOhAgEhmnkZEBHF0Y926tsTUI8GOaOz_ew0_AgcxYf_nSguD_Og9A4zvLnoShMm9__Bb_ZehgjBiH3BlYK6A8NJ4cniHuxB8dQwN_FNFKETxUrK8jLc27YoQHgm9cDkRb-w9EAGxg&sai=AMfl-YTJhfAUQP6pnbyOe6IMZEhcwU7402QFwHpWj3tRQGzMsipMq89lKvjTt4I3wunqQJCtNI138uwl2JOHHf3xxN7p7K8eag8j1oOYvuZwo3Pg_YNH&sig=Cg0ArKJSzLgKALKw4afrEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: www.binetti.ru
URL: http://www.binetti.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 07 Oct 2022 00:02:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 924F 106 KB
38 KB 117ms
20ms Script
text/javascript 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.binetti.ru
URL: http://www.binetti.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 07:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59547
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Oct 2022 07:30:19 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 924F 41 KB
15 KB 77ms
34ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.binetti.ru
URL: http://www.binetti.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 17:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 17:31:28 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 924F 35 KB
14 KB 70ms
27ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1de33fafa47a9ed9f2c59b42da324f4135a43a142ad10bdd365c8279ab968de6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 22:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4089
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14211
x-xss-protection: 0
server: cafe
etag: 6957495301636067003
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 22:54:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 924F 3 KB
1 KB 61ms
19ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 23:48:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 23:48:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 924F 17 KB
7 KB 61ms
20ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 23:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 23:58:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 924F 142 KB
44 KB 82ms
81ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 00:02:46 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame 924F 23 KB
9 KB 64ms
23ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 23:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9540
x-xss-protection: 0
server: cafe
etag: 6580860447119072478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Oct 2022 23:31:59 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 50BB 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 281018
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 17:59:08 GMT
expires: Tue, 03 Oct 2023 17:59:08 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 924F 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a741389cec9a55e2cfe4f5ba4f306ff7230687c096a401fad0b978c1e85b7b5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js Show response
pagead2.googlesyndication.com/bg/ Frame 50BB 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 17:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15966
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Oct 2023 17:31:28 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 924F 8 KB
4 KB 171ms
16ms Script
application/javascript 2a02:26f0:f700:2ae::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13361095&cmp=25152005&sid=443002&plc=341442084&num=&adid=&advid=8650961&adsrv=1&btreg=533301858&btadsrv=doubleclick&crt=161389764&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:2ae::4469 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Sep 2022 15:59:20 GMT
Server: Microsoft-IIS/10.0
ETag: "0fc3bc740ccd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3314

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/ Frame 5F66 5 KB
2 KB 60ms
20ms Document
text/html 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b514cb89ff3b01b52524153ff2de2033ec3d0624e237d0eab7d114fb6bde11a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1677
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 23:42:21 GMT
expires: Fri, 06 Oct 2023 23:42:21 GMT
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 style.css
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/styles/ Frame 5F66 6 KB
2 KB 21ms
20ms Stylesheet
text/css 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/styles/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5ca0bf742f07d04a8d0d989c0d3f094bc395db2632a0239cd94a1b41dd64ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 23:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1225
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1867
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Oct 2023 23:42:21 GMT

GET
H3 200 brand.css
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/ Frame 5F66 2 B
50 B 22ms
21ms Stylesheet
text/css 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/brand.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 23:48:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173660
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 23:48:26 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 5F66 60 KB
24 KB 55ms
54ms Script
text/javascript 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Oct 2022 00:02:46 GMT

GET
H3 200 easepack_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 5F66 2 KB
1 KB 64ms
63ms Script
text/javascript 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/easepack_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1356
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:22:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Oct 2022 00:02:46 GMT

GET
H3 200 initialLoader.min.js Show response
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/scripts/ Frame 5F66 4 KB
2 KB 24ms
23ms Script
application/x-javascript 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/scripts/initialLoader.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27f5b100c25a8ef97876750b81222227c7d5ff0da6626d5fdfa8d4819738d4d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 23:48:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173660
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1989
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 23:48:26 GMT

GET
H3 200 fontfaceobserver.standalone.js Show response
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/scripts/ Frame 5F66 4 KB
2 KB 24ms
23ms Script
application/x-javascript 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/scripts/fontfaceobserver.standalone.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e1adee22626162c0fb089096a3bd419c5a57d50043e31bf6e7b2ea292f6341f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 23:48:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173660
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1674
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 23:48:26 GMT

GET
H3 200 logic.js Show response
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/scripts/ Frame 5F66 7 KB
2 KB 23ms
22ms Script
application/x-javascript 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/scripts/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3bfeb759bc33e947ceffcc57d70d164017bcb0426647bc7115caeecd9ac74b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 23:48:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173660
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2185
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 23:48:26 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50BB 0
20 B 55ms
55ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRACMpWw_Y43sGdmW9u8Px7KjiAMAAAAAOAHgBAI&bg=!EhGlEVXNAAYQgTJdMIE7ACkAdvg8WsIJio18sq1m4R8S7YDMFj8dBYE7CKtplaB5_YjM4Dfs4ol3JgIAAABLUgAAAAJoAQeZAur9rAAWo4rsqkP-UnGEmBB941retkm_0h4KYEs_Z7s6Tv4R3tJMcrbXppSkLpwxhWzZvYAfmN8NioLqu3c79HMIV9MUO6hDcO69kiScbnyroIkzOx7OS04raM9MZHpt9ykwjebe7hWqa3EP9eDV1X46RMsn-zWhnQ71zdeJJxwTBjSPcz0LEp7OTdG92dqCyfLw4RB3edgLqgs9wk5RU4W52S1N80OqrDyvZCVGavmLuQOgtm_r_k0l74iejwxEyqppuWPDnYiVBGPjdmcVjpZs5ZnbVMMP3u1_l5mrg9B-KgXO9XlNpxVDS68v9qGUUksyVLdeDQVk7L7g9MPjN99ntd3APY25IyOMSfmcj57t0vCfSVbWDEu7YDTVDy2mX8zCkSgHW4kh5Urq7trFtuGUSYlrECeMljDNUGFDw2cMAqT9TFiKlPDQAqt6Vgqf9MYW3cyGJsvb7-7kfM5UyWMnDDBy8eHbq4j6jfYjvd2s7rww34K3RrYZ93_00Vp2pXz42uZCMAiu8LZfSWarNjb4bnbu8hljz-vxYU1IxF4CGCivkfX2twfOttG8m7KKj_ygbB-vgSlTG-fSGXnxOClPKtNsfRrHaKuV15yP_-BmwhirGhfXLVbl4xz4g8BRAwKvYXJzjlxje-R9VypIHqlrnzW_PKmxuVi4KAm6JOE5hVqgwdD-BprSnokhkjJs74LqqlTe3sYm2D4NLnoVpstfNqhg18ZahiSUIphf9vI46ym8KICeo2u-bH2qh0ZeTsZiTRLbtNBZkprRKtBkSsdw2QPloqaH0QemAZAXZFlKDnz-jol3n_hsyJ6pmqpypIBCFAWuUB7x5EYorWJqui1AZ0Y1euctn_kYaN3pfSAZXtMaiMj1wgqUj96OP9-aHxmfGN9GCa0AQC5ukkUQ1CxFBgqpzcOG8sFd1kDXKSlS581zFgeBm0t2mKV8IHTZfQ8WQYJYdJj42uCd1nmaOxgDM9xGHzTK05rFPQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 00:02:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 config.js Show response
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/config/ Frame 5F66 594 B
411 B 52ms
52ms Script
application/x-javascript 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/config/config.js?r=0.6126343518777375

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/scripts/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64a782fe60790bf7d4635909cd7a771ab5d6747b36222d415f1d38ba7b091211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 383
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Oct 2023 00:02:46 GMT

GET
H3 200 chevron.png
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/images/ Frame 5F66 190 B
216 B 103ms
102ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/images/chevron.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/styles/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Oct 2023 00:02:46 GMT

GET
H3 200 aldine_light.woff2
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/fonts/ Frame 5F66 24 KB
24 KB 20ms
19ms Font
font/woff2 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/fonts/aldine_light.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/styles/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 23:48:28 GMT
x-content-type-options: nosniff
age: 173658
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24316
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 23:48:28 GMT

GET
H/1.1 200
OK dv-measurements3094.js Show response
cdn.doubleverify.com/ Frame C95E 545 KB
105 KB 19ms
19ms Script
application/javascript 2a02:26f0:f700:2ae::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3094.js
Requested by: Host: www.binetti.ru
URL: http://www.binetti.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:2ae::4469 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 00:02:46 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Sep 2022 19:04:54 GMT
Server: Microsoft-IIS/10.0
ETag: "0cf338991cbd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106974

GET
H3 200 yellowChildRun.jpg
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/images/ Frame 5F66 20 KB
20 KB 63ms
62ms Image
image/jpeg 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/images/yellowChildRun.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4894fb425afcd49fb62d006fb1b78f897ebe54fd7c68f44edb5d3ad7ed6965e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 00:02:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20798
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Oct 2023 00:02:46 GMT

GET
H3 200 connector.png
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/images/ Frame 5F66 74 KB
74 KB 23ms
22ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/images/connector.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 05:51:35 GMT
x-content-type-options: nosniff
age: 151871
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76141
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Oct 2023 05:51:35 GMT

GET
H3 200 introLogo.png
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/images/ Frame 5F66 85 B
112 B 22ms
21ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/images/introLogo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a600a6c0810f7fdcd49ec30e999d0be7677c058fe0eb7c8700cc27eb5f92af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:31:06 GMT
x-content-type-options: nosniff
age: 163900
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Oct 2023 02:31:06 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/images/ Frame 5F66 3 KB
3 KB 22ms
21ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae20544a2912eeb20cb1749fa9c97c4e3586ef0dc9579b729f656e85d86e23ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 02:31:06 GMT
x-content-type-options: nosniff
age: 163900
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2887
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Oct 2023 02:31:06 GMT

GET
H3 200 aldine_light_italic.woff2
s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/fonts/ Frame 5F66 26 KB
26 KB 23ms
23ms Font
font/woff2 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/fonts/aldine_light_italic.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3600388302532176392/Standard_728x90-Marriott-Bonvoy-2021/styles/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 04:38:01 GMT
x-content-type-options: nosniff
age: 156285
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26720
x-xss-protection: 0
last-modified: Sat, 19 Feb 2022 02:00:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Oct 2023 04:38:01 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame C95E 1008 B
875 B 356ms
15ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=70&ttfrms=23&brid=3&brver=106.0.5249.91&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEATbpTauTauHHH%5D3%3A%3F6EE%3A%5DCFTauU2%3F4r92%3A%3Fl9EEATbpTauTauHHH%5D3%3A%3F6EE%3A%5DCFTar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=189&ddur=172&uid=1665100966605590&jsCallback=dvCallback_1665100966605244&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.91%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=124&winw=1005&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3094&tgjsver=3094&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20221003%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-0-%26adk%3D1812271801%26client%3Dca-pub-7347418398743349%26fa%3D1%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26xpc%3D6tM29wdYsB%26p%3Dhttp%253A%2F%2Fwww.binetti.ru&fcifrms=5&brh=2&sdf=2&dvp_epl=170&noc=4&nav_pltfrm=Win32&ctx=13361095&cmp=25152005&sid=443002&plc=341442084&crt=161389764&btreg=533301858&btadsrv=doubleclick&adsrv=1&advid=8650961&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=19528357164.32012&dvp_tukv=52437353.69517114&dvp_uuid=467365246792.09753&dvp_strhd=0.2999999523162842&dvpx_strhd=0.2999999523162842&dvp_tuid=1534210105751
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 670decd5bd10da28dbebc813ae18f36fb23d0b25a68c5ce8045ad0939537e1ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Oct 2022 00:02:46 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 10/06/2022 00:02:46

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 924F 42 B
64 B 94ms
53ms Fetch
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLaQV5Qw4sjz-bRszQIjebGGM3t-4YYFWbGYgEin3Qr2_-kqhpjFWwEuRUfbLLAv_-4nHQWNs-9SCMyFoF4M9FQBh7GQVsyH1RKfJMRTPM4-T-VXQWiwUOrWxFa6Yu1-rxiAtZJuyjk21RCm4tjVFAqAYC6BvNLQruk7QqQTQbBlejAeAhXcRoEtiFpFuO_g&sai=AMfl-YRv8gkylU7mu80iOzFqSghsV7NJDGjN3cqf50ppZD0-F7EF27touqY3WoVbnn5XmmZDFqeO3z7VakQk9oI&sig=Cg0ArKJSzObmgeHS3mO-EAE&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221005&bin=7&avms=nio&bs=0,0&mc=0.88&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1665100966152&rpt=824&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 00:02:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.acint.net/ping/
Redirect Chain

http://www.acint.net/ping/?v=0.4.0&uid=5ab498e8-72f9-4b71-a98c-3b1b0942cdaa&dp=10&tz=%2B00%3A00&nc=17871089&dT=2022-10-07T00%3A02%3A48.087
https://www.acint.net/ping/?v=0.4.0&uid=5ab498e8-72f9-4b71-a98c-3b1b0942cdaa&dp=10&tz=%2B00%3A00&nc=17871089&dT=2022-10-07T00%3A02%3A48.087

43 B
224 B

7ms
7ms

Image
image/gif

157.90.179.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.4.0&uid=5ab498e8-72f9-4b71-a98c-3b1b0942cdaa&dp=10&tz=%2B00%3A00&nc=17871089&dT=2022-10-07T00%3A02%3A48.087
Requested by: Host: www.binetti.ru
URL: http://www.binetti.ru/
Protocol: H2
Server: 157.90.179.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1487986.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.binetti.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 07 Oct 2022 00:02:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/ping/?v=0.4.0&uid=5ab498e8-72f9-4b71-a98c-3b1b0942cdaa&dp=10&tz=%2B00%3A00&nc=17871089&dT=2022-10-07T00%3A02%3A48.087
Date: Fri, 07 Oct 2022 00:02:48 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

POST
H/1.1 204
No Content event.png
tpsc-eu3.doubleverify.com/ Frame C95E 0
229 B 28ms
10ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-eu3.doubleverify.com/event.png?impid=f84afa7bbdf64066bec2e8af0a69659e&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=357&eoid=11&msrjs=3094&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=172&tetms=8&msltms=51&vltms=357&sei=290&vetms=5&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=31&isumms=30&nvr=6&elmtp=1&isbxdms=2430&b0=100&b7=100&b8=100&b9=200&b10=2001&adhgt=125&adwdth=1005&norwdth=1000&norhgt=125&vsos=6&dvp_vsosnmr=16&lftb=2501&sftb=2501&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=124&cwdth=1005&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1030&isuiabvms=1030&iscvmvms=1030&engalms=29&engscrlms=130&dvp_pageEng=true&dvp_dpr=1&dvp_valpct=2&ttfurm=3385&cbust=1665100969968590
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 07 Oct 2022 00:02:49 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: 10/06/2022 00:02:49

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d31j93rd8oukbv.cloudfront.net
URL: https://d31j93rd8oukbv.cloudfront.net/metrika/watch_ua.js

Domain: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=1CB35A9DA56C3F63FD002206027E0159

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

77 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mediatoday.ru/core	1970-01-20 16:07:40	Name: idntfy Value: VUWwS108y3nv7o1
www.binetti.ru/	1970-01-20 16:07:40	Name: fid Value: ad882dd4-9090-4b78-ac1e-98343563509e
.acint.net/	1970-01-20 06:31:41	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-20 16:07:40	Name: aid Value: nVqzHGM/bKUGIgD9WQF+Ag48hofu6E5kmYBomm+JBDJoKwYt
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp7v2 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp14v3 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp17 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp32 Value: 1665100965
.acint.net/	1970-01-20 06:33:07	Name: cSyncDp45v3 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp53 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp54v2 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp62 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp67v2 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp68 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp71 Value: 1665100965
.acint.net/	1970-01-20 06:51:50	Name: cSyncDp77 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp84 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp85 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp95v3 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp101 Value: 1665100965
.acint.net/	1970-01-20 06:51:50	Name: cSyncDp104v2 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp107 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp110 Value: 1665100965
.acint.net/	1970-01-20 06:51:50	Name: cSyncDp111v2 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp112v2 Value: 1665100965
.acint.net/	1970-01-20 06:53:16	Name: cSyncDp125v2 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp126 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp127 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp129 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp136v2 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp138 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp144 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp146 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp148 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp149 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp151 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp178 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp179 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp186 Value: 1665100965
.acint.net/	1970-01-20 07:14:52	Name: cSyncDp221 Value: 1665100965
.utraff.com/	1970-01-20 07:15:03	Name: preutid Value: 1
.upravel.com/	1970-01-20 06:31:41	Name: session_tptc Value: 1665100965258
.upravel.com/	1970-01-20 16:07:40	Name: user_id Value: fa51c5ff-2b21-4eb9-b145-c6d649f2a279
.betweendigital.com/	1970-01-20 15:17:16	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 15:17:16	Name: tuuid Value: df73a830-aa57-5218-9fb0-475ffc8f2bfa
.betweendigital.com/	1970-01-20 15:17:16	Name: ss Value: 1
.ssp-rtb.sape.ru/	1970-01-20 16:07:40	Name: sspuid Value: wQO4hmM/bKWCzgCOZPqIAoPeO3MrotfzsSGxLZGuWEHm7oGb
.1dmp.io/	1970-01-20 15:17:16	Name: uid Value: 5f126352-45d3-11ed-8677-901b0e934d81
.binetti.ru/	1970-01-20 15:53:16	Name: __gads Value: ID=b7b1f8b415cb7cee-229448d13dce0048:T=1665100965:RT=1665100965:S=ALNI_MZTPCQ62CAtDWSPCdH8lbrwq7PzxQ
.adriver.ru/	1970-01-20 16:07:40	Name: cid Value: AXnBZ1G2g2bVHLXqDPrs26Q
ads.adlook.me/	1970-01-20 15:17:06	Name: adlm_userId Value: 665422be12f24d1b9158bcf0d0b06fdf
.mts.ru/	1970-01-20 15:04:19	Name: dspid Value: 9157dd0f-3a01-4a6b-ac6d-4ee1e62bf71b
.rutarget.ru/	1970-01-20 10:50:52	Name: userId Value: qbm-57bYUeux
.rktch.com/	1970-01-20 07:14:52	Name: b_uid Value: 9f60b845e182f2436b3c4873b2051ffef580
.uuidksinc.net/	1970-01-20 15:17:16	Name: jcsuuid Value: gLJfWyFlZeed8tro7gIs
.weborama.fr/	1970-01-20 15:57:36	Name: AFFICHE_W Value: PmorOWBe9-Y@25
.ops.beeline.ru/	1970-01-20 15:04:19	Name: BeeAID Value: bbaf28ef-9cb0-4aea-ba2c-5ac9b369b338
.adhigh.net/	1970-01-20 15:17:16	Name: gi_u Value: ux96fXSFqOeb.AikABlGDr8Bm6A
.bumlam.com/	1970-01-20 16:07:40	Name: suuid3 Value: IiQ1ZjNiODBmMC00NWQzLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
ssp.bidvol.com/	1970-01-20 16:07:40	Name: bvuid Value: hf3dfhlmds
.adhigh.net/	1970-01-20 15:17:16	Name: sape_sync Value: jAP
dmp.gotechnology.io/	1969-12-31 23:59:59	Name: chk Value: 1
.gotechnology.io/	1970-01-20 15:17:16	Name: pid Value: NWI5OWYzYmI5Zjg2YTEyNA
.betweendigital.com/	1970-01-20 15:17:16	Name: ut Value: Yz9spQAK6PhD13yOtxudXE-HrW6tVK4t0Ds_Rw==
.aidata.io/	1970-01-20 16:07:40	Name: __upin Value: WiZ2+NdDXwSlm4Omyg+tWg
.aidata.io/	1970-01-20 16:07:40	Name: __upints Value: 1665100965
.gnezdo.ru/	1970-01-20 16:07:40	Name: uid Value: XV9maWM/bKU6I4Y17lQmAg==
x01.aidata.io/	1970-01-20 06:36:00	Name: livin Value: 1
.mts.ru/	1970-01-20 16:07:40	Name: mts_id Value: 046d91ac-f33c-4e77-9064-435cd01a3eab
.mts.ru/	1970-01-20 16:07:40	Name: mts_id_last_sync Value: 1665100965
.agency2.ru/	1970-01-20 15:04:19	Name: uuid Value: f556864d-c2eb-4a10-aed0-704ee03bdb2f
.doubleclick.net/	1970-01-20 15:53:16	Name: IDE Value: AHWqTUl-g007gcJIm830FOD9yy3jEDb0LLnbeg8yXRS_vyma4mTpYuofPT6htb_eDLs
.yandex.ru/	1970-01-20 16:07:40	Name: yuidss Value: 6523944071665100965
.yandex.ru/	1970-01-20 16:07:40	Name: yandexuid Value: 6523944071665100965
.doubleclick.net/	1970-01-20 06:31:41	Name: test_cookie Value: CheckForPermission
.dmg.digitaltarget.ru/	1970-01-20 16:07:40	Name: viuserid Value: fSt0kFfJCti2oDV7r3Nq
.mail.ru/	1970-01-20 15:18:43	Name: VID Value: 36p5Xe3LCRYC0024T024yB2C:::0-0-0-859c565:CAASEJeFtlsABGubbBba37KeB4AaYMrtXgS07Hk1uNxyr303dnBBm17t0HJwLHcEHhf_gwj2gVfqalNaHHuJi1YI3xZD3CJLGpp5Mig1XPQyzmreBdgVeG32vFQg31UazaduWs0qM2EJU-lUSSSaGQdHfGPyGw

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://d31j93rd8oukbv.cloudfront.net/metrika/watch_ua.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://an.yandex.ru/setud/mts_banner/kVfdDzoBSmusbU7h5iv3Gw?redir-setuniq=1&location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=789008300 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1cb35a9da56c3f63fd002206027e0159-sp.ops.beeline.ru
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.adlook.me
ads.betweendigital.com
adservice.google.com
adservice.google.de
an.yandex.ru
binetti.ru
cdn.doubleverify.com
cm.g.doubleclick.net
counter.yadro.ru
cs.agency2.ru
d31j93rd8oukbv.cloudfront.net
dm-eu.hybrid.ai
dmg.digitaltarget.ru
dmp.gotechnology.io
exchange.buzzoola.com
fa51c5ff-2b21-4eb9-b145-c6d649f2a279.sync.upravel.com
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
match.new-programmatic.com
mediatoday.ru
nr.bidderstack.com
pagead2.googlesyndication.com
partner.googleadservices.com
px.adhigh.net
redirect.frontend.weborama.fr
s.uuidksinc.net
s0.2mdn.net
s3.advarkads.com
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bestssp.com
ssp.bidvol.com
stat.adlabs.ru
sync.1dmp.io
sync.adkernel.com
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync.upravel.com
tag.digitaltarget.ru
tech.rtb.mts.ru
top-fwz1.mail.ru
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
ut.rktch.com
www.acint.net
www.binetti.ru
www.googletagservices.com
www.gstatic.com
x01.aidata.io
d31j93rd8oukbv.cloudfront.net
s3.advarkads.com
109.248.237.36
138.201.65.74
139.45.228.100
142.132.209.138
142.251.39.34
148.251.217.100
148.251.236.118
157.90.179.28
168.119.8.212
172.217.20.2
176.122.21.139
185.147.80.35
185.15.175.133
185.15.175.134
188.42.196.115
193.232.150.70
193.3.184.217
195.209.108.36
195.209.111.7
213.87.44.187
217.65.2.150
217.66.147.33
23.111.107.44
23.88.82.46
2606:4700:3032::6815:3b42
2a00:1148:db00::17
2a00:1450:4001:801::2003
2a00:1450:4001:811::2002
2a00:1450:400d:806::2001
2a00:1450:400d:806::2002
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::200a
2a00:1450:400d:80c::2006
2a00:1450:400d:80d::2002
2a00:1450:400d:80e::2002
2a02:26f0:f700:2ae::4469
2a02:6b8::90
31.172.81.159
31.220.27.135
34.149.12.213
35.190.24.218
37.140.192.226
37.18.103.21
37.9.245.57
65.108.236.88
77.245.57.72
78.46.100.125
87.242.93.112
88.212.202.52
89.108.120.76
89.108.97.2
93.95.102.105
95.163.52.67
95.211.66.35
03a600a6c0810f7fdcd49ec30e999d0be7677c058fe0eb7c8700cc27eb5f92af
0935447866da8ca59df7d65710e0b68377a6dbc62c761e83ebfc83998f905788
0acd59e18ef9ca4f55b04271a6121d58e6f7044ea91395054dd52d5caf2a7a55
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe
150e4d03ae35f998288f482393fd255f8a698ed1a83540cb58a03cbd36ad5f44
173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498
1de33fafa47a9ed9f2c59b42da324f4135a43a142ad10bdd365c8279ab968de6
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
259feab5acef00ed8d670dca4bc902525f83d507e72bc606c5836096511b1f72
27f5b100c25a8ef97876750b81222227c7d5ff0da6626d5fdfa8d4819738d4d9
2971044f5d144bf8d7c3bdee9250ab7d54f78b3f07baced9018c5ae779a72e89
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
2ebc93b05d7223eb2cda01501fe766eedf8d01721ce4da725c28cc2f878d3364
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3
4f5b2528815d8b1cd9b68b1a4bb1fe689696f8dcbc2c4a5104343b886ee68828
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
582e783e9ddada56179de8f5bd5d81f9f5aa7be88511a00e9be0dcab40bee732
58f4932348faf4f4d5f587bd0de4461719d0b58a4383b8fce25dfa3980ec5742
5a741389cec9a55e2cfe4f5ba4f306ff7230687c096a401fad0b978c1e85b7b5
6447865a0a68425a762220124ca7a15c54deff5fa7afb11d6d9a14d9d154a417
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
64a782fe60790bf7d4635909cd7a771ab5d6747b36222d415f1d38ba7b091211
65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd
670decd5bd10da28dbebc813ae18f36fb23d0b25a68c5ce8045ad0939537e1ae
68b488221fba08c1279a8519975343e9d36180e35d4f3b64d6e311141fb4c275
6b514cb89ff3b01b52524153ff2de2033ec3d0624e237d0eab7d114fb6bde11a
6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00
6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
7692160116f65b0ed4892fa6275bdffdcb2d8787a1ba942ee70ce0704905af2c
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c
7e1adee22626162c0fb089096a3bd419c5a57d50043e31bf6e7b2ea292f6341f
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
868800b1de89b90c7551834cbd3e4a2a752088121e1b61ba07bce73775ea432a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
950078db143193dc85047251bef4dcc7ff085563fe8cf98e14d4b58fb90cce0f
95ba6389ceefe5fb329bf16f00d8299e411f4efea4927c4dc853fd8e0d44c838
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3
a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33
a3bfeb759bc33e947ceffcc57d70d164017bcb0426647bc7115caeecd9ac74b5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ae20544a2912eeb20cb1749fa9c97c4e3586ef0dc9579b729f656e85d86e23ce
afc0cabd52e86caf0a51e8bd639b9df3a721fb57f439f7ddd3cd64502b67c578
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2df5dad037f49d474f8e753c29ebfb95962caceb9a792125cf48a3dbdc2a680
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bdd99d2c3e8e201d74478aae63335ae605ee193fc052cd650a34c79108a7785d
bedf7b457c24d5b383eacc4e94e836c9379969e56b9b817f99d3d5482793a23f
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
cac39331fda1036b58d952e0ea6cc7acb5e9509b52b8f5a870cf0285e05609b8
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf68aada5a36baf3ac95c07dd53ebe86fe710856417dc3d48d28ecf9951913d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e5ca0bf742f07d04a8d0d989c0d3f094bc395db2632a0239cd94a1b41dd64ab1
e80770517ccc4f80563fbf11a0a8ace35fd89a2e276dc090c23b73b16e157fa8
e9e047367fc0c2bbd592e5dc978bdeac2929c6c2591b5c6fd39e90de7b4f3a05
ee519845ad25d096974439033bfbfc99578285ab9788287b915940cc7f8d3147
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4894fb425afcd49fb62d006fb1b78f897ebe54fd7c68f44edb5d3ad7ed6965e
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fbee536fb46bd1af26b3cea7359f5c2f018eeb5fd6167ae3f5849ec45b29db70
fc358e62bfe8f3657156a35455f76ac0b6c0cfc9cca9427375c132a809271124

www.binetti.ru Open in urlscan Pro 37.140.192.226 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

124 Requests

56 %HTTPS

25 %IPv6

49 Domains

62 Subdomains

37 IPs

8 Countries

1196 kBTransfer

2971 kBSize

77 Cookies

3 Outgoing links

Page URL History

Redirected requests

124 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.binetti.ru Open in urlscan Pro
37.140.192.226 Public Scan

Screenshot
Live screenshot

Full Image

124
Requests

56 %
HTTPS

25 %
IPv6

49
Domains

62
Subdomains

37
IPs

8
Countries

1196 kB
Transfer

2971 kB
Size

77
Cookies

124 HTTP transactions
2 data transactions