friends.in.ua Open in urlscan Pro
91.240.20.7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://friends.in.ua/
Effective URL:
https://friends.in.ua/
Submission: On December 02 via api (December 2nd 2022, 3:06:29 am UTC) from GB — Scanned from GB

Summary HTTP 774 Redirects Behaviour Indicators

Summary

This website contacted 53 IPs in 7 countries across 40 domains to perform 774 HTTP transactions. The main IP is 91.240.20.7, located in Lithuania and belongs to WIBO-AS, LT. The main domain is friends.in.ua.
TLS certificate: Issued by R3 on October 31st 2022. Valid for: 3 months.

This is the only time friends.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 56	91.240.20.7 91.240.20.7	59939 (WIBO-AS) (WIBO-AS)
1	2606:50c0:800... 2606:50c0:8002::153	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
6	89.149.200.234 89.149.200.234	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
10	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	138.201.204.111 138.201.204.111	24940 (HETZNER-AS) (HETZNER-AS)
3	212.224.112.249 212.224.112.249	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	91.227.52.186 91.227.52.186	56806 (ASCOM4S) (ASCOM4S)
16	108.138.17.83 108.138.17.83	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1 7	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
15	2606:4700:20:... 2606:4700:20::681a:b19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	213.196.39.165 213.196.39.165	7979 (SERVERS-COM) (SERVERS-COM)
24	178.32.210.227 178.32.210.227	16276 (OVH) (OVH)
53	37.252.171.22 37.252.171.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	157.90.0.13 157.90.0.13	24940 (HETZNER-AS) (HETZNER-AS)
15	2a02:2638:1::1a 2a02:2638:1::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
15	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
20	23.79.149.219 23.79.149.219	16625 (AKAMAI-AS) (AKAMAI-AS)
19	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
19	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
5	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
9	2a02:26f0:350... 2a02:26f0:3500:12::1730:17a3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 4	23.1.110.85 23.1.110.85	16625 (AKAMAI-AS) (AKAMAI-AS)
8	23.203.77.3 23.203.77.3	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
9	2a02:26f0:350... 2a02:26f0:3500:12::1730:17ba	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
45	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
9	217.182.178.224 217.182.178.224	16276 (OVH) (OVH)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
18	37.157.6.234 37.157.6.234	198622 (ADFORM) (ADFORM)
54	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	185.86.139.59 185.86.139.59	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
15 30	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	157.90.211.246 157.90.211.246	24940 (HETZNER-AS) (HETZNER-AS)
63	147.135.143.112 147.135.143.112	16276 (OVH) (OVH)
15	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
27	85.195.93.95 85.195.93.95	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
144	46.105.200.240 46.105.200.240	16276 (OVH) (OVH)
774	53

56 91.240.20.7 (Lithuania) 1 redirects

ASN59939 (WIBO-AS, LT)

friends.in.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)

kodir2.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 89.149.200.234 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

franecki.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.204.111 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.111.204.201.138.clients.your-server.de

stats.myangular.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.224.112.249 (Frankfurt am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde377-2.fornex.org

aurabom.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.227.52.186 (Russian Federation)

ASN56806 (ASCOM4S, RU)

www.megastock.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 108.138.17.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-83.fra56.r.cloudfront.net

sholke.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 89.108.120.76 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:20::681a:b19 (United States)

ASN13335 (CLOUDFLARENET, US)

hb.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.196.39.165 (Netherlands)

ASN7979 (SERVERS-COM, US)

mxtads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 178.32.210.227 (France)

ASN16276 (OVH, FR)
PTR: ip227.ip-178-32-210.eu

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 37.252.171.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.0.13 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.13.0.90.157.clients.your-server.de

shb.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f273649fde4f53042c4e20b74d050e27.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 23.79.149.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-149-219.deploy.static.akamaitechnologies.com

ssl.connextra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:3500:12::1730:17a3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.1.110.85 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-110-85.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.203.77.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-77-3.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:3500:12::1730:17ba (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

apps.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 217.182.178.224 (France)

ASN16276 (OVH, FR)
PTR: ip224.ip-217-182-178.eu

euw2.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.86.139.59 (France)

ASN201081 (SMARTADSERVER, FR)

www8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a02:2638:1::13 (France) 15 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.211.246 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.211.90.157.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

63 147.135.143.112 (France)

ASN16276 (OVH, FR)

mediaintelligence.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 85.195.93.95 (Frankfurt am Main, Germany)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

a.gsitrix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

144 46.105.200.240 (France)

ASN16276 (OVH, FR)

data.mediaintelligence.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
207	mediaintelligence.de mediaintelligence.de — Cisco Umbrella Rank: 274775 data.mediaintelligence.de — Cisco Umbrella Rank: 410397	2 MB
96	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 204 acdn.adnxs.com — Cisco Umbrella Rank: 606 fra1-ib.adnxs.com — Cisco Umbrella Rank: 6856 cdn.adnxs.com — Cisco Umbrella Rank: 1378	598 KB
63	adform.net track.adform.net — Cisco Umbrella Rank: 3283 s1.adform.net — Cisco Umbrella Rank: 6735	329 KB
60	criteo.com 15 redirects bidder.criteo.com — Cisco Umbrella Rank: 719 gum.criteo.com — Cisco Umbrella Rank: 384 mug.criteo.com — Cisco Umbrella Rank: 2665	110 KB
56	friends.in.ua 1 redirects friends.in.ua	2 MB
54	ad4m.at ad4m.at — Cisco Umbrella Rank: 9460 as.ad4m.at — Cisco Umbrella Rank: 25881	253 KB
41	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1456 euw2.smartadserver.com — Cisco Umbrella Rank: 35713 www8.smartadserver.com — Cisco Umbrella Rank: 5350	95 KB
27	gsitrix.com a.gsitrix.com — Cisco Umbrella Rank: 249001	526 KB
20	connextra.com ssl.connextra.com — Cisco Umbrella Rank: 7518	815 KB
18	sascdn.com ced-ns.sascdn.com — Cisco Umbrella Rank: 2493 apps.sascdn.com — Cisco Umbrella Rank: 7075	109 KB
17	criteo.net static.criteo.net — Cisco Umbrella Rank: 626	494 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 f273649fde4f53042c4e20b74d050e27.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 139	244 KB
16	rubiconproject.com 4 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 832 eus.rubiconproject.com — Cisco Umbrella Rank: 558 token.rubiconproject.com — Cisco Umbrella Rank: 540	46 KB
16	sholke.com sholke.com — Cisco Umbrella Rank: 133840	51 KB
15	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6224	3 KB
15	adpone.com hb.adpone.com — Cisco Umbrella Rank: 24200	2 MB
7	aidata.io 1 redirects x01.aidata.io — Cisco Umbrella Rank: 14457	49 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 189	162 KB
6	franecki.net franecki.net — Cisco Umbrella Rank: 115669	40 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9421	2 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	40 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	aurabom.ru aurabom.ru	45 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1361	15 B
2	richaudience.com shb.richaudience.com — Cisco Umbrella Rank: 4005 sync.richaudience.com — Cisco Umbrella Rank: 1809	453 B
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3665	57 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8649	914 B
2	gstatic.com fonts.gstatic.com	16 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 134	87 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 ajax.googleapis.com — Cisco Umbrella Rank: 296	96 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	86 KB
1	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9359	287 B
1	adnxs-simple.com acdn.adnxs-simple.com — Cisco Umbrella Rank: 2480	43 KB
1	mxtads.com mxtads.com	6 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 859	468 B
1	megastock.ru www.megastock.ru	2 KB
1	myangular.life stats.myangular.life — Cisco Umbrella Rank: 72601	187 B
1	github.io kodir2.github.io — Cisco Umbrella Rank: 150997	2 KB
0	yandex.ua Failed mc.yandex.ua Failed
0	takedwn.ws Failed test.takedwn.ws Failed
774	40

	Domain	Requested by
144	data.mediaintelligence.de	mediaintelligence.de data.mediaintelligence.de
63	mediaintelligence.de	as.ad4m.at mediaintelligence.de
56	friends.in.ua	1 redirects friends.in.ua ajax.googleapis.com
53	ib.adnxs.com	hb.adpone.com acdn.adnxs.com
45	track.adform.net	ced-ns.sascdn.com s1.adform.net sholke.com
36	ad4m.at	s1.adform.net ad4m.at
30	gum.criteo.com	15 redirects static.criteo.net
27	a.gsitrix.com	mediaintelligence.de a.gsitrix.com
24	prg.smartadserver.com	hb.adpone.com
20	ssl.connextra.com	friends.in.ua ssl.connextra.com acdn.adnxs-simple.com
19	fra1-ib.adnxs.com	friends.in.ua hb.adpone.com cdn.adnxs.com acdn.adnxs-simple.com
19	acdn.adnxs.com	hb.adpone.com sholke.com
18	as.ad4m.at	ad4m.at as.ad4m.at
18	s1.adform.net	track.adform.net s1.adform.net
17	static.criteo.net	hb.adpone.com static.criteo.net
16	sholke.com	friends.in.ua sholke.com
15	mug.criteo.com
15	prebid-eu.creativecdn.com	hb.adpone.com
15	bidder.criteo.com	hb.adpone.com
15	hb.adpone.com	sholke.com
10	pagead2.googlesyndication.com	friends.in.ua pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
9	euw2.smartadserver.com	ced-ns.sascdn.com
9	apps.sascdn.com	ced-ns.sascdn.com
9	ced-ns.sascdn.com	friends.in.ua
8	www8.smartadserver.com	friends.in.ua sholke.com
8	eus.rubiconproject.com	friends.in.ua eus.rubiconproject.com
7	x01.aidata.io	1 redirects friends.in.ua x01.aidata.io
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com friends.in.ua pagead2.googlesyndication.com
6	franecki.net	friends.in.ua franecki.net
5	cdn.adnxs.com	hb.adpone.com
5	mc.yandex.com	2 redirects friends.in.ua
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	token.rubiconproject.com	eus.rubiconproject.com
4	secure-assets.rubiconproject.com	4 redirects
4	securepubads.g.doubleclick.net	sholke.com securepubads.g.doubleclick.net
3	aurabom.ru	friends.in.ua aurabom.ru
2	i.clean.gg	acdn.adnxs-simple.com
2	www.google.com	tpc.googlesyndication.com
2	mc.yandex.ru	1 redirects aurabom.ru
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	friends.in.ua connect.facebook.net
2	www.googletagmanager.com	friends.in.ua aurabom.ru
1	sync.richaudience.com
1	counter.yadro.ru	1 redirects
1	acdn.adnxs-simple.com	hb.adpone.com
1	f273649fde4f53042c4e20b74d050e27.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	shb.richaudience.com	hb.adpone.com
1	mxtads.com	aurabom.ru
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.megastock.ru	friends.in.ua
1	stats.myangular.life	friends.in.ua
1	ajax.googleapis.com	friends.in.ua
1	fonts.googleapis.com	friends.in.ua
1	kodir2.github.io	friends.in.ua
0	mc.yandex.ua Failed	friends.in.ua
0	test.takedwn.ws Failed	kodir2.github.io
774	59

This site contains no links.

Subject Issuer	Validity	Valid
friends.in.ua R3	`2022-10-31` - `2023-01-29`	3 months	crt.sh
*.github.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-04-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
franecki.net R3	`2022-11-26` - `2023-02-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-10` - `2022-12-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
stats.myangular.life Sectigo RSA Domain Validation Secure Server CA	`2022-09-04` - `2023-10-03`	a year	crt.sh
aurabom.ru R3	`2022-11-26` - `2023-02-24`	3 months	crt.sh
megastock.ru R3	`2022-11-08` - `2023-02-06`	3 months	crt.sh
sholke.com Amazon	`2022-11-28` - `2023-12-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
mxtads.com R3	`2022-10-22` - `2023-01-20`	3 months	crt.sh
my.aidata.me Sectigo RSA Domain Validation Secure Server CA	`2022-02-15` - `2023-02-15`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-03-10`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.connextra.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-26` - `2023-05-26`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-08` - `2023-09-11`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2022-12-01` - `2023-03-01`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
mediaintelligence.de R3	`2022-10-22` - `2023-01-20`	3 months	crt.sh
a.gsitrix.com R3	`2022-11-23` - `2023-02-21`	3 months	crt.sh
data.mediaintelligence.de R3	`2022-09-28` - `2022-12-27`	3 months	crt.sh

This page contains 141 frames:

Primary Page: https://friends.in.ua/
Frame ID: CA9CA44137EB4D054B57B46BAF147C38
Requests: 98 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: ED6B2BFCD1CFD26EFD763962A647DFB0
Requests: 1 HTTP requests in this frame

Frame: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3677731669950374465
Frame ID: 657F8FEFB6B510279D3FE46FD606FD7F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1034840951493578&output=html&adk=1812271804&adf=3025194257&lmt=1669950374&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Ffriends.in.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669950374280&bpp=3&bdt=1175&idt=381&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=356820679093&frm=20&pv=2&ga_vid=1554725003.1669950374&ga_sid=1669950375&ga_hid=246870196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44773613%2C44770880%2C21066430&oid=2&pvsid=269038751741260&tmod=1396620792&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=414
Frame ID: BEAC92EC502093EB18C81BA0B283F905
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: D0519446602450A303FA1DA6618D9BF1
Requests: 19 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=sypmjzam&e=1965574524929
Frame ID: 521B21982650B136FEC91FED76D4B048
Requests: 9 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=kuriin&e=1965574524929
Frame ID: 72334BFBA42EE1F328B9F2AB1A0A92B0
Requests: 8 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=zxkwnuxhs&e=1965574524929
Frame ID: FB7FFE7CEAEF7541BF7CD42799BBA65B
Requests: 8 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=betquu&e=1965574524929
Frame ID: 86A1081CA57255691EE7267C6966A315
Requests: 8 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=xrwaiqgo&e=1965574524929
Frame ID: 041E735D3521D7B8BDED53E6B043FDD3
Requests: 8 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=eimtsc&e=1965574524929
Frame ID: C812D5799B649E290A71AA9720E5509D
Requests: 8 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=ylraow&e=1965574524929
Frame ID: C1D7E2B87E7DD36971BBB6DC5C2FD2B2
Requests: 8 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=nnibtkoy&e=1965574524929
Frame ID: 5865F63FFEBCDC6A28AB13845A5E429C
Requests: 8 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=vygrucsc&e=1965574524929
Frame ID: 3B3EFDE9B1700F454C34DC8C649E9665
Requests: 7 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=efvmujmla&e=1965574524929
Frame ID: DA6F2A762CBD45A0C4C6131A19CB450F
Requests: 7 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=mtpwcn&e=1965574524929
Frame ID: 178DC77C1AA72C32E2B2598526855C8A
Requests: 7 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=xlgcilhn&e=1965574524929
Frame ID: EA5769A7532A283DB70A87606A775693
Requests: 7 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=qyeavrze&e=1965574524929
Frame ID: 373086D9948E2FB4DB91F5A2920F077F
Requests: 7 HTTP requests in this frame

Frame: https://sholke.com/r/p.html?f=ehxbikzj&e=1965574524929
Frame ID: 1092A5961D59B43F625C118E036DF8C7
Requests: 7 HTTP requests in this frame

Frame: https://f273649fde4f53042c4e20b74d050e27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 721F5FF33642077AC2AAA6C1F5C396DB
Requests: 1 HTTP requests in this frame

Frame: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_DE_300x600&_cb=1527560491&apnauc=5831884733180408428&bidid=5831884733180408428&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?A_xHpuEcuj8yXdKfCz-rPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP2zyPSREBO9QGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAByPXXQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21fhq_IwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMDlA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjUzMDk=/bn=93154/clickenc=
Frame ID: 0BE86C09A5EF96A7ADD450BFC4DC4E04
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: 4A54B8D36B1E35B0AFF9B32D0CA1D5E3
Requests: 3 HTTP requests in this frame

Frame: https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLdGPQXAV0MAAADANYABQEIqNelnAYQ7OT3ocKIwfdQGJrg8Kii_5P1bio2CQP8R6bhHLo_ETJd0p8LP6s_GQAAACCF68E_IZJClnGgFcE_KY-NQLyuX9A_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXji1wWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCAwKTt1ZigncycsIDI4MDA1OTkwMSwgMCk7dWYoJ3InLCAzOTgxNzg1NDYFVfCLkgL9DiFUNTlPWEFqQTRJSWFFUEx4N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnVW1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQlFqYWtQYUZmMERfQkFVSTJwRDJoWDlBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJPXzJ3UDFBVDNjREQtWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STJfckhKaEFMR0FJdEEBQ9hMb0RDVVpTUVRFNk5UTXdPZUFEOGktQUJLU2oxUW1JQkoybTFRbVFCQUdZQkFHcUJOVUhDUF9fFQIId0VRFQwUX19fQVJqAQcNAQw4QklQDQsBAQh3RW8BBxEBCEFURBELFF9fXzhCTzIsAARGQQEWEQEEQVU2WAAAVTYsAABZESgBAQRBVzZYAABhNiwAAHcBJBEBBEFYNlgACGdBSBEbBZQAaToQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FMAfkNAQg4Qmk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAABGdBLi0CIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBVC38AQEhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FYAfkNASEANhAAAGs6EAAAbToQAJhzZ1FKQ0w3cUVSQzY0YUlOdWdRWkNPMElFYmdlaGV0UnVKNF9HUUGhegUBAEkBLDxjRUV1QjZGNjFHNG5qX0pCBRoJARQyQVFBOFEuMQCQZ0Z2U21RQmZpVFVKZ0ZfYl9GaFFHcEJScUdqNGdwa2U0X3NRVQE9IGdwNGJpUDhFRgENEElLZUc0AVwBSxxNRGVQTzRfMAkoCQEETmsFKAEBwXjwQEJmREhBZkFGczctckNmZ0Y5X0dmQTRJR0ExVlRSSWdHQkpBR0FaZ0dBS0VHbXBtWm1abVo3VC1vQmdTeUJpUUpBAUkJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIWZocV9JdzqBBzRJdXlsUUVnQUNnQU1acQVtWG1lMF9PZ2xHVWtFeE9qVXpNRGxBOGk5FXkIOEQ5HXkAQh15BEJoOW0EOXABfwkBBEJ4CQgBAQxCNEFJLokH8D44LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL_ICEQoGQURWX0lEEgc2ODEzOTQz8gISCgZDUEcBFAgIMTkWmQgBFQgFQ1ABFBQJMjgwMDUOmAg88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEEBzcWIgkA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8PWAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuMzioBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjUzMDnaBAIIAeAEAfAE8vHuvQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjY1NDa4BgDBBgAAAAAAAPA_0AapJdoGFgoQAAABRRkBYBAAGADgBgHyBocBCPiTUBKAAVRSU1hXbG9Ba-BEQUFrQ0JRRUlfOXVKQ0JEZGtPSUNHTy1GblFNZ0J5Z1VRT1BuMUFkSTNJRFlCMUR5TDFpU00zRUEBPQUBDEhnQWciQwoMQUFBSRqDCixKb0JBZ2dBcUFFQXMuIAA8QS4ugAcBiAcAoAcBugcPCAWgACAhTTC6BkAAyAfi1wXSBw0JCcAENEABvgjaBwYJJ2jgBwDqBwIIAPAH7vYDiggCEACVCAAAgD-YCAE.&s=b587211f1f1ce7585ab589dafb8cf017b189fec2&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dsypmjzam%26e%3D1965574524929,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dsypmjzam%26e%3D1965574524929&
Frame ID: FD7FB1A1AD1289AE4E9BF4349499680F
Requests: 5 HTTP requests in this frame

Frame: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_DE_300x600&_cb=276731986&apnauc=2072409584920642530&bidid=2072409584920642530&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?CY9SCZo7zz8-v05TVEvAPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP-JDT5KJrcIcGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA1yKuIwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21fhrFIwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU0NDRA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU0NDQ=/bn=93351/clickenc=
Frame ID: 2685127A86024314B6B3F10E3C40AA82
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: A573D0F40DE1040B7102E3A5719EBAFB
Requests: 3 HTTP requests in this frame

Frame: https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QK9DvQXAT0HAAADANYABQEIqNelnAYQ4oe9kpmxq-EcGJrg8Kii_5P1bio2CQmPUgmaO88_ET6_TlNUS8A_GQAAACCF68E_IZJClnGgFcE_KY-NQLyuX9A_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXin2QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCAwKTt1ZigncycsIDI4MDA1OTkwMSwgMCk7dWYoJ3InLCAzOTgxNzg1NDYFVfCLkgLdBCFsSC1wcmdqQTRJSWFFUEx4N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnVW1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQlFqYWtQYUZmMERfQkFVSTJwRDJoWDlBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJPXzJ3UDFBVDNjREQtWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STJfckhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVFEwTk9BRDhpLUFCS1NqMVFtSUJKMm0xUW1RQkFHWUJBR3lCQWtJdnVvUkVMcmhvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHIaUFYRUtwQUYtSk5RbUFYOXY4V0ZBYWtGR29hUGlDbVI3ai14QlFBQUFDQ25odUlfd1FVATogZ3A0YmlQOGtGAQ0gd040ODdqX1JCASgNAQAyCSgBdMh3UC1BRjhNY0I4QVd6djZzSi1BWDM4WjhEZ2dZRFZWTkVpQVlFa0FZQm1BWUFvUWFhbVoBAjBudFA2Z0dCTElHSkFrAUkJAQBCHc8EQmsJFAEBAEMdGERMZ0dDZy4umgKZASFmaHJGSXc6YQI4SXV5bFFFZ0FDZ0FNWnFaAW9cbWUwX09nbEdVa0V4T2pVME5EUkE4aTlKAVwBAQw4RDlSAQgJAQRCWgkIAQEEQmg5jQQ5cAESCQEEQngJCAEBQa0uaQLwPjgu2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEv8gIRCgZBRFZfSUQSBzY4MTM5NDPyAhIKBkNQRwEUCAgxOWl5ARUIBUNQARRkCTI4MDA1OTkwMfICDQoIQURWX0ZSRVESATAFEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8IQ1BHFQ8QCwoHQ1AVDhAQCgVJTwFhBAc3iQIA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8PWAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuMzioBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjU0NDTaBAIIAeAEAfAE8vHuvQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjU2Nzi4BgDBBgAAAAAAAPA_0AapJdoGFgoQAAABRRkBYBAAGADgBgHyBocBCPiTUBKAAVRoU2hXVm9Ba9hEQUFrQ0JRRUlfOXVKQ0JEZGtPSUNHTy1GblFNZ0J5Z0FRT1BuMUFkSTNJRFlCMUR5TDFpdUxIfT8MSGdBZ7UjDEFBQUmtYyxKb0JBZ2dBcUFFQXMuIAA8QS4ugAcBiAcAoAcBugcPCAWgACAhTTC6BkAAyAen2QXSBw0JCcAENEABvgjaBwYJJ2jgBwDqBwIIAPAH7vYDiggCEACVCAAAgD-YCAE.&s=2621fff746315cf08676339e4ac27bbd11a27745&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dkuriin%26e%3D1965574524929,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dkuriin%26e%3D1965574524929&
Frame ID: C2C531F1909019B4FA6CF6FA50559C00
Requests: 5 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: 2E4781B1E0447078BD763AC13DD51E2F
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 4DE3A562A22D25BDDEAF1D3E5D1E6701
Requests: 3 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: 6791353CAF95D8C817C0E137754F1386
Requests: 2 HTTP requests in this frame

Frame: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_DE_300x600&_cb=1149004572&apnauc=2726967389647139504&bidid=2726967389647139504&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?A_xHpuEcuj8yXdKfCz-rPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP7Dy_Y1kItglGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAcCTV1wAAAAA./bcr=AAAAAAAA8D8=/cnd=%21fRqFIwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1NTBA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjY1NTA=/bn=99138/clickenc=
Frame ID: 63AF63CCF2787C1279433894F6A6A88E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: 6C0F5F085D98814DA5AF049C318105E3
Requests: 3 HTTP requests in this frame

Frame: https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLdGPQXAV0MAAADANYABQEIqNelnAYQsOX378jMiOwlGJrg8Kii_5P1bio2CQP8R6bhHLo_ETJd0p8LP6s_GQAAACCF68E_IZJClnGgFcE_KY-NQLyuX9A_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXjChgaAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCAwKTt1ZigncycsIDI4MDA1OTkwMSwgMCk7dWYoJ3InLCAzOTgxNzg1NDYFVfCLkgL9DiFNWjgzUlFqQTRJSWFFUEx4N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnVW1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQlFqYWtQYUZmMERfQkFVSTJwRDJoWDlBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJPXzJ3UDFBVDNjREQtWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STJfckhKaEFMR0FJdEEBQ9hMb0RDVVpTUVRFNk5qVTFNT0FEOGktQUJLU2oxUW1JQkoybTFRbVFCQUdZQkFHcUJOVUhDUF9fFQIId0VRFQwUX19fQVJqAQcNAQw4QklQDQsBAQh3RW8BBxEBCEFURBELFF9fXzhCTzIsAARGQQEWEQEEQVU2WAAAVTYsAABZESgBAQRBVzZYAABhNiwAAHcBJBEBBEFYNlgACGdBSBEbBZQAaToQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FMAfkNAQg4Qmk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAABGdBLi0CIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBVC38AQEhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FYAfkNASEANhAAAGs6EAAAbToQAJhzZ1FKQ0w3cUVSQzY0YUlOdWdRWkNPMElFYmdlaGV0UnVKNF9HUUGhegUBAEkBLDxjRUV1QjZGNjFHNG5qX0pCBRoJARQyQVFBOFEuMQCQZ0Zsak9RQmZpVFVKZ0ZfYl9GaFFHcEJScUdqNGdwa2U0X3NRVQE9IGdwNGJpUDhFRgENEElLZUc0AVwBSxxNRGVQTzRfMAkoCQEETmsFKAEBwXjwQEJmREhBZkFGczctckNmZ0Y5X0dmQTRJR0ExVlRSSWdHQkpBR0FaZ0dBS0VHbXBtWm1abVo3VC1vQmdTeUJpUUpBAUkJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIWZScUZJdzqBBzRJdXlsUUVnQUNnQU1acQVtWG1lMF9PZ2xHVWtFeE9qWTFOVEJBOGk5FXkIOEQ5HXkAQh15BEJoOW0EOXABfwkBBEJ4CQgBAQxCNEFJLokH8D44LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL_ICEQoGQURWX0lEEgc2ODEzOTQz8gISCgZDUEcBFAgIMTkWmQgBFQgFQ1ABFBQJMjgwMDUOmAg88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEEBzcWIgkA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8PWAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuMzioBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjY1NTDaBAIIAeAEAfAE8vHuvQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjU3Njm4BgDBBgAAAAAAAPA_0AapJdoGFgoQAAABRRkBYBAAGADgBgHyBocBCPiTUBKAAUtoUUVVMW9Ba-BEQUFrQ0JRRUlfOXVKQ0JEZGtPSUNHTy1GblFNZ0J5Z0FRT1BuMUFkSTNJRFlCMUR5TDFpSkxYRUEBPQUBDEhnQWciQwoMQUFBSRqDCixKb0JBZ2dBcUFFQXMuIAA8QS4ugAcBiAcAoAcBugcPCAWgACAhTTC6BkAAyAfChgbSBw0JCcAENEABvgjaBwYJJ2jgBwDqBwIIAPAH7vYDiggCEACVCAAAgD-YCAE.&s=5428f88471dc607fed62575431bf6259723ab326&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Deimtsc%26e%3D1965574524929,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Deimtsc%26e%3D1965574524929&
Frame ID: C85A51F9179167EB2F07EAE9745731D3
Requests: 5 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: AC964AA2A84886C71CB616850A0A1545
Requests: 2 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: 5C9F906B6DC98D6DDD74F7022364F51A
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 075DBCFAF99A273E71C09041A6F567D7
Requests: 3 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: 8653CADB3F0F610C9731FFA5F9A7CBB2
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 571B9F02A3BC5288852E5CB3250EC138
Requests: 3 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: F8AF1DF96B26D40C0F086A686B30949C
Requests: 2 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: B4F19F2A59989B5EC3BD10B51844DD5E
Requests: 2 HTTP requests in this frame

Frame: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_DE_300x600&_cb=1055645968&apnauc=583709661498270404&bidid=583709661498270404&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?broM_0GhxD_iT7T-foa1PwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP8RikTHYwBkIGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPyVRWgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21ehqpIgjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMjNA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjUzMjM=/bn=93179/clickenc=
Frame ID: 3C3C4BBEAB16EFC2E55700E041FD68F0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: 62CF6417B7CC28C392024AEF456743BF
Requests: 3 HTTP requests in this frame

Frame: https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLhGPQXAWEMAAADANYABQEIqNelnAYQxMXFjIOb8IwIGJrg8Kii_5P1bio2CW66DP9BocQ_EeJPtP5-hrU_GQAAACCF68E_IZJClnGgFcE_KY-NQLyuX9A_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXj71wWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCAwKTt1ZigncycsIDI4MDA1OTkwMSwgMCk7dWYoJ3InLCAzOTgxNzg1NDYFVfCLkgKBDyFFYUIyZWdqQTRJSWFFUEx4N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnVW1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQlFqYWtQYUZmMERfQkFVSTJwRDJoWDlBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJPXzJ3UDFBVDNjREQtWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STJfckhKaEFMR0FJdEEBQ-hMb0RDVVpTUVRFNk5UTXlNLUFEOGktQUJLU2oxUW1JQkoybTFRbVFCQUdZQkFHZ0JCU3FCTlVIQ1BfXxUCCHdFURUMFF9fX0FSagEHDQEMOEJJUA0LAQEId0VvAQcRAQhBVEQRCxRfX184Qk8yLAAERkEBFhEBBEFVNlgAAFU2LAAAWREoAQEEQVc2WAAAYTYsAAB3ASQRAQRBWDZYAAhnQUgRGwWUAGk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBTAH5DQEIOEJpOhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAARnQS4tAiEANhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVQt_AEBIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBWAH5DQEhADYQAABrOhAAAG06EACYc2dRSkNMN3FFUkM2NGFJTnVnUVpDTzBJRWJnZWhldFJ1SjRfR1FBoX4FAQBJASw8Y0VFdUI2RjYxRzRual9KQgUaCQEUMkFRQThRLjEAkGdGeXltUUJmaVRVSmdGX2JfRmhRR3BCUnFHajRncGtlNF9zUVUBPSBncDRiaVA4RUYBDRBJS2VHNAFcAUscTURlUE80XzAJKAkBBE5rBSgBAcF88EBCZkRIQWZBRnM3LXJDZmdGOV9HZkE0SUdBMVZUUklnR0JKQUdBWmdHQUtFR21wbVptWm1aN1Qtb0JnU3lCaVFKQQFJCQEAUgkHBQEAWgUGCQEAaAkHAQE8QzRCZ28umgKZASFlaHFwST6FBzRJdXlsUUVnQUNnQU1acQVtWG1lMF9PZ2xHVWtFeE9qVXpNak5BOGk5FXkIOEQ5HXkAQh15BEJoOW0EOXABfwkBBEJ4CQgBAQxCNEFJLo0H8D44LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL_ICEQoGQURWX0lEEgc2ODEzOTQz8gISCgZDUEcBFAgIMTkWnQgBFQgFQ1ABFBQJMjgwMDUOnAg88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEEBzcWJgkA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8PWAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuMzioBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjUzMjPaBAIIAeAEAfAE8vHuvQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjUzMTi4BgDBBgAAAAAAAPA_0AapJdoGFgoQAAABRRkBYBAAGADgBgHyBocBCPiTUBKAAVl4Ul9YVm9Ba-BEQUFrQ0JRRUlfOXVKQ0JEZGtPSUNHTy1GblFNZ0J5Z0FRT1BuMUFkSTNJRFlCMUR5TDFqR0tYRUEBPQUBDEhnQWciRwoMQUFBSRqHCixKb0JBZ2dBcUFFQXMuIAA8QS4ugAcBiAcAoAcBugcPCAWgACAhTTC6BkAAyAf71wXSBw0JCcAENEABvgjaBwYJJ2jgBwDqBwIIAPAH7vYDiggCEACVCAAAgD-YCAE.&s=07e6b77a6b8d58398d3479d60140a8e86a29b892&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Defvmujmla%26e%3D1965574524929,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Defvmujmla%26e%3D1965574524929&
Frame ID: AD58ACC73BCE883BC4852B1FB808B9BC
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: AAB56FA084D4A1640349290F08F661F5
Requests: 6 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: C602A0E9C5B8A8740BB1D7ECB578DC7D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 04D537D30E5BED8F1916E002CA4C0AB6
Requests: 3 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: ADAAD0490478D12AAF1A820B0FEC7A95
Requests: 2 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=5831884733180408428&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FA_xHpuEcuj8yXdKfCz-rPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP2zyPSREBO9QGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAByPXXQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21fhq_IwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMDlA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMDk%3D%2Fbn%3D93154%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=5831884733180408428&_cb=1527560491
Frame ID: 402A0DBBD612E51E7205F1993E689300
Requests: 3 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2072409584920642530&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FCY9SCZo7zz8-v05TVEvAPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP-JDT5KJrcIcGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA1yKuIwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21fhrFIwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU0NDRA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU0NDQ%3D%2Fbn%3D93351%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=2072409584920642530&_cb=276731986
Frame ID: C6335879DF6E25FA1A1DEB7D2C436E68
Requests: 3 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2726967389647139504&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FA_xHpuEcuj8yXdKfCz-rPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP7Dy_Y1kItglGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAcCTV1wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21fRqFIwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1NTBA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY1NTA%3D%2Fbn%3D99138%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=2726967389647139504&_cb=1149004572
Frame ID: CFEEB81182A75A8387D2DD34E1ADBA1E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8A41E1B44A6C2853D2CFC9701B19D8F9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5750CBB5A64DF8E3F9CC7D3BA1C50EE5
Requests: 2 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=583709661498270404&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FbroM_0GhxD_iT7T-foa1PwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP8RikTHYwBkIGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPyVRWgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21ehqpIgjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMjNA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMjM%3D%2Fbn%3D93179%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=583709661498270404&_cb=1055645968
Frame ID: 874EC67274FE083CD38AE1BD17F18D0B
Requests: 3 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22a48295f4-ebca-4b59-9dc6-66741ee21255%22%2c%22adomain%22%3a%22bluemovement.com%22%2c%22page%22%3a%221388206%22%2c%22format%22%3a%2287205%22%2c%22crid%22%3a%2259619775%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2216035%22%2c%22cid%22%3a%222864202%22%2c%22adid%22%3a%2259619775%22%2c%22hash%22%3a%229112482153486109031%22%7d
Frame ID: 0DCC47568877E1D6B3FE4AF3322C3C68
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59619775;rtbwp=Wcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw;rtbdata=GSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2
Frame ID: DFFB5A86F468D4526DDE3B6392D2E18E
Requests: 10 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22efffad94-058f-4631-9e54-c8956765c4e8%22%2c%22adomain%22%3a%22bluemovement.com%22%2c%22page%22%3a%221388206%22%2c%22format%22%3a%2287205%22%2c%22crid%22%3a%2259619775%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2216035%22%2c%22cid%22%3a%222864202%22%2c%22adid%22%3a%2259619775%22%2c%22hash%22%3a%229112482153486109031%22%7d
Frame ID: 647B1A449DF9C403D80B03714BC58762
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59619775;rtbwp=GvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA;rtbdata=_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2
Frame ID: D9C4BC769E493E3605813CF0A141FE8D
Requests: 10 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22a801f5eb-14a8-467d-973d-51f31c79eebb%22%2c%22adomain%22%3a%22bluemovement.com%22%2c%22page%22%3a%221388206%22%2c%22format%22%3a%2287205%22%2c%22crid%22%3a%2259619775%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2216035%22%2c%22cid%22%3a%222864202%22%2c%22adid%22%3a%2259619775%22%2c%22hash%22%3a%229112482153486109031%22%7d
Frame ID: 2F249C4B12880BB50D8258101F961EAF
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59619775;rtbwp=M9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw;rtbdata=KaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2
Frame ID: C811B5DE50C9B2B6CE6D727937E85C68
Requests: 10 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%2203d07b6c-fcfb-4196-b8a5-ed5b055c188d%22%2c%22adomain%22%3a%22bluemovement.com%22%2c%22page%22%3a%221388206%22%2c%22format%22%3a%2287205%22%2c%22crid%22%3a%2259619775%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2216035%22%2c%22cid%22%3a%222864202%22%2c%22adid%22%3a%2259619775%22%2c%22hash%22%3a%229112482153486109031%22%7d
Frame ID: 52B5173A0540E02A38B33E52B11507FA
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59619775;rtbwp=nC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw;rtbdata=MX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2
Frame ID: E77066673F5B73464B63414B4F9C439F
Requests: 10 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%228e19c86f-b8ad-4f87-a7d3-fbae043682b3%22%2c%22adomain%22%3a%22bluemovement.com%22%2c%22page%22%3a%221388206%22%2c%22format%22%3a%2287205%22%2c%22crid%22%3a%2259619775%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2216035%22%2c%22cid%22%3a%222864202%22%2c%22adid%22%3a%2259619775%22%2c%22hash%22%3a%229112482153486109031%22%7d
Frame ID: 5B319F804A9F2B11E3A5996ADD5E3D07
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59619775;rtbwp=x5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w;rtbdata=YaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2
Frame ID: 10702E0056DF3E5C1411738B202E3332
Requests: 11 HTTP requests in this frame

Frame: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_DE_300x600&_cb=1037144864&apnauc=2384857886618493010&bidid=2384857886618493010&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?j41AvK5f0D-SQpZxoBXBPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP1Igr8OctxghGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA3yM3vgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21iBqKJgjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1ODhA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjY1ODg=/bn=99262/clickenc=
Frame ID: C41FD4B4589EB1A214F07DA8D9BCD0AD
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Frame ID: 750761A201204ED740BFB78CE485F2A3
Requests: 3 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%226b7d8b51-7be9-4237-8876-2189d02db876%22%2c%22adomain%22%3a%22bluemovement.com%22%2c%22page%22%3a%221388206%22%2c%22format%22%3a%2287205%22%2c%22crid%22%3a%2259619775%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2216035%22%2c%22cid%22%3a%222864202%22%2c%22adid%22%3a%2259619775%22%2c%22hash%22%3a%229112482153486109031%22%7d
Frame ID: 9C77653C39198EEA8C10AB28E62CED14
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59619775;rtbwp=KPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ;rtbdata=0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2
Frame ID: BCE1D433021B1802F8683B61B0C2C398
Requests: 10 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%221fc5b950-6c80-47af-9cd4-376cab6b47c7%22%2c%22adomain%22%3a%22bluemovement.com%22%2c%22page%22%3a%221388206%22%2c%22format%22%3a%2287205%22%2c%22crid%22%3a%2259619775%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2216035%22%2c%22cid%22%3a%222864202%22%2c%22adid%22%3a%2259619775%22%2c%22hash%22%3a%229112482153486109031%22%7d
Frame ID: 249C9D70D403D5656D8D32AF6987F94D
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59619775;rtbwp=DbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A;rtbdata=sZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2
Frame ID: 2AB9BF9AEDDB9B8C6F0CFA79E9BFBED7
Requests: 10 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%225f4e11d6-cde2-45c2-94d5-f4e81677e859%22%2c%22adomain%22%3a%22bluemovement.com%22%2c%22page%22%3a%221388206%22%2c%22format%22%3a%2287205%22%2c%22crid%22%3a%2259619775%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2216035%22%2c%22cid%22%3a%222864202%22%2c%22adid%22%3a%2259619775%22%2c%22hash%22%3a%229112482153486109031%22%7d
Frame ID: E8FF51277996B6682C5D28904C6243A1
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59619775;rtbwp=_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw;rtbdata=zRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2
Frame ID: F8CB4268180DE3230918739838E9E9CD
Requests: 9 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22c25f301b-e2ef-456b-8988-418a936595ed%22%2c%22adomain%22%3a%22bluemovement.com%22%2c%22page%22%3a%221388206%22%2c%22format%22%3a%2287205%22%2c%22crid%22%3a%2259619775%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2216035%22%2c%22cid%22%3a%222864202%22%2c%22adid%22%3a%2259619775%22%2c%22hash%22%3a%229112482153486109031%22%7d
Frame ID: 0FA905FA8F03AD7560B32F0CE220FA57
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59619775;rtbwp=Es49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA;rtbdata=4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2
Frame ID: A069EC6BDFB87BE46BD70145AA882FC7
Requests: 10 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2384857886618493010&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fj41AvK5f0D-SQpZxoBXBPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP1Igr8OctxghGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA3yM3vgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21iBqKJgjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1ODhA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY1ODg%3D%2Fbn%3D99262%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=2384857886618493010&_cb=1037144864
Frame ID: 7E8D3F57E8D3BCC2A9A98F50BADC5A3F
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 083AD4875CBB3BDB1D0CC10D885788FA
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 78F702544D2E0EB7093669B3FC5B1FAB
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: E0110836713B7B97D17245D397CB8E84
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: E3EA442C256EA50A0659E8544378EB70
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 96688CAB8D9C4E9570E46D8FACC23133
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 7E52816E5EF9236E3BD22E0509194B81
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 182ECD6556BF6E5B30EC1E9B1F216EA2
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: FB160F07F7339C2B17023D7807A1801F
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 30A58EE3577A96C47CEBBB1DA75F56C6
Requests: 1 HTTP requests in this frame

Frame: https://x01.aidata.io/stats?pixel=VIBOOM&v=1669950375400&url=https%3A%2F%2Ffriends.in.ua%2F&is_js_referrer=1&origin_referrer=&pid=VIBOOM&js=1&sid=939567fc4818438ea58e668371c0069a&__upin=ERjBqPFO/Ml2WZymwihJGQ&id=9a55578d4f950aacbea7b1d918835f8a&url=https%3A%2F%2Ffriends.in.ua%2F&payload=%7B%22event%22%3A%22referrer%22%2C%22type%22%3A%22referrer%22%2C%22data%22%3A%7B%22value%22%3A%22%22%7D%7D
Frame ID: 7B450801834B371B79F3079A788D1C5F
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua
Frame ID: 82773E24FF50DF5C949D7D3035A126DC
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=da6c4781dd6acf51214f07a04ee5235e%2F561703368391241008&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379121&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: 758F19BBDCAC83F767D25697E3A59CBF
Requests: 4 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=1be2c977aaa3f58f98c92491b290960a%2F2969712775557992297&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379124&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: 8DC494F58DCAE09C059CAFDFA072DC81
Requests: 4 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=316d8c2c0f9401fb59aec95496b2d31e%2F16028934218110961411&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379128&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: EE2AF6B3D926136F7E20AFF8079A9245
Requests: 4 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=53d74e330441253f0391477857992b7e%2F13913970616444599020&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379130&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: 6E3F611C159A30DA0C091F61989B95A9
Requests: 4 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=db6ebf9c73bcd0130da5edc1224cc801%2F14094637955215982565&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379131&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: F33455F16284223269CCF33286BA3665
Requests: 4 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=663187f0122faacc41e82cc911c1edf2%2F3097570911165648593&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379131&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: 167EC78050D7748C3CA9B10046BA98C2
Requests: 4 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=ccdd13037c8393181b79905ede7f76fc%2F5024791005212309553&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379132&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: BA8245F5CCAC1F6FDC1016D7BFA3D3C7
Requests: 4 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=6ffaf0f53cc69a5ec4d3fd194d6618b4%2F11855803503469576366&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379133&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: 638445762A5931E4DB4B0130533FF072
Requests: 4 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=803424a564a0c8299f5b967855b51963%2F4747129119722439925&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379136&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: BA0399653D87CF518D2FBADC0549018A
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E7B82B6B914E5EC4AB2D4B88243F36E9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 32556D8ABA97B8503DE77212BB2C865F
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EB1FBFC7A90FDFDB1A4259148FEF1039
Requests: 3 HTTP requests in this frame

Frame: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%253Bcrtbdata%253D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Frame ID: 0F1D6BE4F77220059D8FC9B4D02BBDDF
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3156E3F163FC1DA8255212F8199FF03E
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 15C060ED37D5D38EDBBED55E42DC4014
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 671218F53BEDC3A57E6C4DEFEE5EA0CD
Requests: 3 HTTP requests in this frame

Frame: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%253Bcrtbdata%253DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Frame ID: CAB4AD8248117501D77A05B19C452158
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D55B9DB5729D4CA97B5D3E3ADF04A0C7
Requests: 3 HTTP requests in this frame

Frame: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%253Bcrtbdata%253DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Frame ID: CE47F1E43AD2243E98446D1F86864D9C
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 56F955C451B24323FE9D0622B46CF42C
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BBC95C62032DBE5AEB0EED2B66464268
Requests: 3 HTTP requests in this frame

Frame: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%253Bcrtbdata%253DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Frame ID: F8A81D028043476EC7EB53D7B839A859
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AF2A2B76F0539CF37F31C2EF99572FB3
Requests: 3 HTTP requests in this frame

Frame: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%253Bcrtbdata%253DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Frame ID: 3DF66D6C7093AA598143BF0E9C5D127D
Requests: 8 HTTP requests in this frame

Frame: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%253Bcrtbdata%253DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Frame ID: FE4CEEC13AF6CC87DDA57666A4A2D305
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 095378EB8FB549F89C3F479A212BB079
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 587B6C38EC3BB2EC2687920AE60AC023
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 90BA3866FE5BFAE43A8178FBCEA35286
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F603DFF6495012E3D100B384FF1C527F
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4E4493983C7E50FA0C6872BF5F67296B
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EC0B1F30F1CDB3C712F11C3E52B0B1E3
Requests: 3 HTTP requests in this frame

Frame: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
Frame ID: 08373FED84EEF35C956A80BD1F4CBD5E
Requests: 16 HTTP requests in this frame

Frame: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%253Bcrtbdata%253D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Frame ID: 7856D7FA1346447CC60F72886DB15E37
Requests: 8 HTTP requests in this frame

Frame: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Frame ID: 5D045B56264FB842702CFB9690BED9EA
Requests: 16 HTTP requests in this frame

Frame: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Frame ID: 6D53AFF385A8EEECCBC506812E3A582E
Requests: 16 HTTP requests in this frame

Frame: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Frame ID: 0304E446D27C877E3F5C9CEEC549E87A
Requests: 16 HTTP requests in this frame

Frame: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Frame ID: 17D00FCF21E141B53D2E7A8C62C75BD5
Requests: 16 HTTP requests in this frame

Frame: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%253Bcrtbdata%253DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Frame ID: 2EFC522DFF354043E618071B73E5E8C2
Requests: 8 HTTP requests in this frame

Frame: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Frame ID: D52DBA663185D62FA9B8C3F0B0335FCF
Requests: 16 HTTP requests in this frame

Frame: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%253Bcrtbdata%253D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Frame ID: 0B963A4C012F7613115A8FCAFAEB2961
Requests: 8 HTTP requests in this frame

Frame: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Frame ID: 7F8ACB69FC896D61F994D59CFA8DFDA6
Requests: 16 HTTP requests in this frame

Frame: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Frame ID: 4924B933EF380DD33BAFA68360A1B0EF
Requests: 16 HTTP requests in this frame

Frame: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Frame ID: 17CD80303DC8DD6344DE0B1D937C4822
Requests: 16 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua
Frame ID: 46767C6FEC980759C9FD33A195189D56
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua
Frame ID: 462B0D3AD9B7D4D78F42A9A2375B31F6
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua
Frame ID: 5774317F8113EA74033DC37BE22B62B3
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua
Frame ID: 39875FFCAABFF6A47C4A84C9BA360ACC
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua
Frame ID: ABC6C4A61BC9B46F8FEC3B5187E22FDE
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua
Frame ID: 9C0EE09CD62C5EB0FA9DBE64E28A162F
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua
Frame ID: 09A6D12FB97BBDC591BCF13C66B7FCBB
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua
Frame ID: D8132B82D2B2C36131A00B7AB8AC3020
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua
Frame ID: 7D30F1F63F20E4AACB6AF58B3040EC4F
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua
Frame ID: 2DB4D1D20B8C542B00E96381D4C2FED3
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua
Frame ID: 10C20D676441C027A449838EE1CB71D5
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua
Frame ID: 9EAAF02CD572C900C96CAA165090ABF4
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua
Frame ID: E62F7BB5B266A1F610C85AF45863CDA9
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua
Frame ID: 74106A931A460F6763076C194D66E889
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Дивитися культові Серіали та Мультсеріали українською мовою онлайн на сайті FRIENDS

Page URL History Show full URLs

http://friends.in.ua/ HTTP 301
https://friends.in.ua/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

774
Requests

97 %
HTTPS

43 %
IPv6

40
Domains

59
Subdomains

53
IPs

7
Countries

9947 kB
Transfer

20710 kB
Size

36
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://friends.in.ua/ HTTP 301
https://friends.in.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=9a55578d4f950aacbea7b1d918835f8a&v=1669950374734 HTTP 302
https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=9a55578d4f950aacbea7b1d918835f8a&v=1669950374734&pid=VIBOOM&js=1&show_js_referer=1&bounce=1

Request Chain 109

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9839.JNYqRkw0yZdvv8wfGOaOj3SLf3K-YwTfgOknnjoYra57TYueEYkXTSbo_0T0wszQ.gvjypjt8WQpbHsaFMMtvAAB4uqQ%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9839.7ikry0vRFE5rJIa5MWT26PYjy9YGZm_vnvS5smskfJkJSKirrPQBwq6R4ajc_-3qJy22jxG6MzvLMDIxp_EZRdbyldvVYfjsRq9lTVxdhOc%2C.9bgfeftB3fdppcT00XOGTeubTZo%2C

Request Chain 196

https://mc.yandex.com/watch/36124145?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Assb7e99gu042u1d5clb78%3Afp%3A1233%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1437930491072%3Ahid%3A669828487%3Az%3A0%3Ai%3A20221202030615%3Aet%3A1669950375%3Ac%3A1%3Arn%3A604806634%3Arqn%3A1%3Au%3A1669950375958593397%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C116%2C562%2C54%2C147%2C0%2C%2C1139%2C13%2C%2C%2C%2C2019%3Aco%3A0%3Acpf%3A1%3Ans%3A1669950372278%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669950377%3At%3A%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/36124145/1?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Assb7e99gu042u1d5clb78%3Afp%3A1233%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1437930491072%3Ahid%3A669828487%3Az%3A0%3Ai%3A20221202030615%3Aet%3A1669950375%3Ac%3A1%3Arn%3A604806634%3Arqn%3A1%3Au%3A1669950375958593397%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C116%2C562%2C54%2C147%2C0%2C%2C1139%2C13%2C%2C%2C%2C2019%3Aco%3A0%3Acpf%3A1%3Ans%3A1669950372278%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669950377%3At%3A%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 217

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Request Chain 226

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Request Chain 228

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Request Chain 240

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Request Chain 406

https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

Request Chain 451

https://gum.criteo.com/sid/json?origin=publishertag&domain=friends.in.ua&sn=ChromeSyncframe&so=0&topUrl=friends.in.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Sws-Ynw4M2paMXo4ZUVDWXFBSElKYW1QVUlhT1NoeDBlVW9GMEFYSUFnOUJzcm5HaCtOcDRaYlhIQkIxNjRkQ0dUZVhTUnBnMDNjakY4TUtCSnZoMnZWNVRpbFgwSFFxbUJ3MVg0Tm8yTGxBQ0xMVlI0bjI3U0YyZlVaVU5uQ0llVkdVQU9nZjI5NDhPQnVFYmxnaklhT0NIanJtZDNCNWtTT3cyMElIN09BdXY1MnJLdzROSkM2UlBVNVdWSHI3dVVmRHVZUlFYaUdGdkUwK1NxeEw1V0FpZHExaDc5d0Z1WlBGUlJOdGpkU1ZhWjY0dHczQTZzb2w4VXo0VFpEWlV1aWQrTFRGaVNJTkhCb1ZVbXZ4VDN1SVFzdz09fA&cppv=2

Request Chain 732

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=0&topUrl=friends.in.ua&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=rSUrn3w5d0tzWElSR1ZNZmpOSXU5dVI1aUxsd2FpSkFYRFhsK3VqUlBRYXd0b0YzU3JXaXF4cTZPV2s3akF5TVNNRHl1MFhPdVZLd0tDanp1aG9rNjJQYkNLU3BQMHNSQTNHVEd5UzNibC9PUGI4ZVU1RllaMFh3MkhLNUJPQzZ5TDdnSXhHalp3R1NSU29yMFZEVFpGNndGUHRXZS9XVzBNb2pBVWtVdi9EeVpINzBnNXRkc21NU1BZc0NCdjZuSmZucnBSKzRzZFRzQ2dEc0Q3MW1jcHJGK083SFN5MTA4eU8za283c04wMDBZb1ZvQVJpSE5mckIzTHlROGlmcnBjbGtQdlNRVno2VU9UdUhGQ25JYkExNmlOVVoycExzbEhvS2hjT0trcndacTFXYz18&cppv=2

Request Chain 737

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=fu_rrF93NzRQbk5lalVEa0dyNGFUWnJDalFpZlRzeEl4WDlzQVVmMDVKczhGWUZtTE9UOW5OVzlYdlNWYWszd2NFcHBPWnElMkZFcUFoVFBKZEFJRXoxVzByJTJCJTJGS1YyTFhnQ1lBV2pONXV6dkpSemJyNiUyRlF3RFFGRjlaZyUyRmtINFo2a2hhSjdRVGclMkZXS3BqbyUyRlFnbGsxMTJ4YjVFdyUzRCUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=k4S7pXxqQVR2a2hqcGhZNk5QZ3ZNaHFmVWNJYVhkTUxrSW5Kbnk5WkVwTjJmNXoxL0JFcDlRMWZmNkFkN2pqSForRWUwOVNXM3hTdnVKRG1tbmdwTmIvNzY3RDBYNy9yUnpWSWx5MzFKYzdVWDJIWkF5VzVqSHJIY1pFejcvTFZqR3pkUThzMFJTekt2U2ZPUTNvV0hTSTBzODdnWlJEZkQ4SnlRWkwzbnJvNGdpUEJaN1k4dDA2Uk1wcUMzaTFFMER5SU5mYzNCMVhad0hvS29adWFCK3dHTnRrVklmV3FtdXpzNlo4My93QUFpUVRBbUFFbWhSOWcvZ1RvYzVEL2ZLZ2tpdVlQQ3Y3clc4endjcnlhL1JldFRLUFVhWmtsYXJYb1Z1RmVzTjVoV0ttST18&cppv=2

Request Chain 742

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=fu_rrF93NzRQbk5lalVEa0dyNGFUWnJDalFpZlRzeEl4WDlzQVVmMDVKczhGWUZtTE9UOW5OVzlYdlNWYWszd2NFcHBPWnElMkZFcUFoVFBKZEFJRXoxVzByJTJCJTJGS1YyTFhnQ1lBV2pONXV6dkpSemJyNiUyRlF3RFFGRjlaZyUyRmtINFo2a2hhSjdRVGclMkZXS3BqbyUyRlFnbGsxMTJ4YjVFdyUzRCUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=-6vKpnxXanE3UGdCUzJrSHNrVzFwWHIyM0VnNmdtYjN0V0hnUjJKQTAyZzFZd2dDamViYXE5Y0d6c3BQZkw0QzJjaW1LM1pmWk82TTVrcjdjNkFEcG52eVRzMWZMYUR5aEMycE5acy9oeGVIREtXbDRERUdTY2JhNzBrYmp3ZkxLSVVFMWYxbEkrK2JpL3hQbGZnbUxZUFlaMXhJeDhOUE9vMUE2eGo5bDdicTUrMWpXM284Nksza3pnRHBQNWRDckVpbVRZdERsZ1BackJrTGFmWC9hU1R1NktxcktuV24wbFNLUmFJc3pqRHBGVGF6Q3d0K2taaFV5UE5mL2JvT0p2enQ3Mjg5Rk9SODZMbHdpY0lkamFieWlCMjh4Um9DTlFHd25zbUFEVFdFdm1ucz18&cppv=2

Request Chain 745

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=fu_rrF93NzRQbk5lalVEa0dyNGFUWnJDalFpZlRzeEl4WDlzQVVmMDVKczhGWUZtTE9UOW5OVzlYdlNWYWszd2NFcHBPWnElMkZFcUFoVFBKZEFJRXoxVzByJTJCJTJGS1YyTFhnQ1lBV2pONXV6dkpSemJyNiUyRlF3RFFGRjlaZyUyRmtINFo2a2hhSjdRVGclMkZXS3BqbyUyRlFnbGsxMTJ4YjVFdyUzRCUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=K3BUhnxaNDVEaHFjL1Iwc0RtQ2NNWXJXZG9TK3RUeWJYSFNGb1k5dzRxWTBZc2VOTG9SWG9ycS9VOHU4TTNFdDRWNEhtM2VoWVdCRXFJRFBVMmVadDFYVWhZLytjeXpZaDZUSHVnM2NZajR4d1l4Y3RZei81QTIxcVNjVWF2enpHLytwRCtWV2p1NVVBL2xJcjkvcFlGWlBrZDRsK1grYVBYM0ovYXdCRUcyZTZkbGVBblVVVWRoS3RBSlUrUkZVbXc4enhycnJxbU9Sb0RlL1ZDbERNL0J2MWR1M1dmdVd4RTdJMlRFRktpSzFsZmJsaVlwTHptdnlnUmE1WGoyOXdZQUFsU25Nd29mczh6NUV3TjJpNnNIckU3ZDRFbmJrYlRlell1N212MG45dTljUT18&cppv=2

Request Chain 752

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=fu_rrF93NzRQbk5lalVEa0dyNGFUWnJDalFpZlRzeEl4WDlzQVVmMDVKczhGWUZtTE9UOW5OVzlYdlNWYWszd2NFcHBPWnElMkZFcUFoVFBKZEFJRXoxVzByJTJCJTJGS1YyTFhnQ1lBV2pONXV6dkpSemJyNiUyRlF3RFFGRjlaZyUyRmtINFo2a2hhSjdRVGclMkZXS3BqbyUyRlFnbGsxMTJ4YjVFdyUzRCUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=xqlp3XxndzBtcWMwZ2kxVHd1SGgvQjBZOHVxaG1ldHJsUHJ3S3p2ZEdlS3A4azcwN2lFemg0a0FTVUd1aDFnaTlxTWl5Z1NsN0pKU3liV2dROVJEZVluMFA2TDI1eERnZXMvQzQrM2orZkpjcnBNdGZkNkpkOXhTRWZLMGRORCtRSThRWU42ZGQ3R1c1Y292cWlGWm9uR3NhK3ljWFM1dXBVL1VCcU12QmwrNGVYWGl0ZzR5QnNyM3dva1VZN2loSlFNWkJtTktJYkoxK2o0ZXJoMG1JWFN3cTVDNjR2bFJscHJtNEJqY1ZpTFRFMTJkZGoxQklxRFFzNnljeTRic0hLejlvUlRUc2VYZHlsM25BM1NVYW1LUmw2eTdHYzJQY2VLTFpTcCtGZExuRlBIYz18&cppv=2

Request Chain 762

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=0Stu_F93NzRQbk5lalVEa0dyNGFUWnJDalFxVWRJNyUyRmVBb3dvenBVU0FPWEdpMks5dEhMMkJLT0lzNnBEQW5SZ1R0TVdJQk9NRnFXa2VCbFRqVDdsNVYlMkJjd0JtYkk3Y1ZURzR4dHVkUGxNMnR4Z3lzazVBaXlKbUx1a1R5aDFlU3UlMkJsUmViNnkxZnpnZ2tJZkhmRmRldEhTeHclM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=YBESJ3xUWVFmaEJOeW5Za3BiVXlRMEg4TzZEVnlqYUc5Y0ZXWlpGVDgzSkRXdmozZHowZnpVdkc4aHJMb1RaZDVPN3NCMkkwNEU2Z3BzSXdpZEVzaldhem8vc0t6ZnAzRjl3WWUzcDRFRWJzWXZoaDFJMmdiOHZpREEra1JjZDJmRDRrUDRmQlFLeTF3WHVMYS9NUUZyU3ZudEpQcDBBeFlwVUhJZEFBdFhZMnhiUUlQcGM5aUJKMkhoTDlEc1JSbkNRUFl0RlV1d0RzVWFsL2NJMGJlV3h1d3NpbFVVVTdoQk41OE1qcG1KV2dMU3lKZGF3dnBKalR0Z29WUUVIZnNXemVEazkyTlNtM0JQZS9FRU12elBZeDVvaGNKeUpaeWVqd1o3RjlBQVRvRlpCND18&cppv=2

Request Chain 763

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=bXy1vV93NzRQbk5lalVEa0dyNGFUWnJDalFsRklhekxDeFV5TEdWZnlqVGoxQUJWMVc3ZWdTemVlc2k4MFlLJTJCREQzRCUyRjkxYk4zMnFHN1hRUXJZaFdNOXlhcWl1Y3M4WDNQbTBnRDU5cEtGNFZzejd0eFZFQlZsQ0d4NGJtUlVHMDZaUFkyVWZmc01ZSWhDUmw0cEt4VG5YRHZBJTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=VytuNHxxQUVERjUyNmd4ZlR6Q1BvOC9FK3UxR0RhZE95WUF4UGtldFg2ZVZtb3o5QlZuS1pDOFJZeXRIelU1bllpaERydURpdVdINnBwTHFiZEZTcGVGdDBheENaTG9tTFVnaDJUU0hPT0FEekh3OFpNOVJla0VOMHlrTGFoaU81T1J1N1labG54dWorN3RJSitQVmZtZXFFSndrSUFpYXU0R1FXRkovRis0ZWtZeUhxbUFGeHNBTW1hTnYvMmZxQk9SY0VEaFAxL2h2cUpRT2dVM0o3VjU5UEZKUHhOMCtHTS91UVVRQU1EejhKUFdpaVpnb3YyZWg2VDBuUTRzdXR1d0FrU0pGd2Q4QXRVU1F5eVM2U0loWFRSc0w4YkVHN2JNMTFJOW5rcXJKRk5BMD18&cppv=2

Request Chain 766

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=bXy1vV93NzRQbk5lalVEa0dyNGFUWnJDalFsRklhekxDeFV5TEdWZnlqVGoxQUJWMVc3ZWdTemVlc2k4MFlLJTJCREQzRCUyRjkxYk4zMnFHN1hRUXJZaFdNOXlhcWl1Y3M4WDNQbTBnRDU5cEtGNFZzejd0eFZFQlZsQ0d4NGJtUlVHMDZaUFkyVWZmc01ZSWhDUmw0cEt4VG5YRHZBJTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=TFUnwnx2Ti9RYVRNc2ExUlQ4aWFwUitIT0JmbW9RdWVYRVkvR1lNVUwrVGxGSndFdHFMMldiQXdBZTNFeTVsL3RObElWNHR2QVYrbTlIanR0bFZtZzJ5RTNyakFuT25LbE4wam5HMFZ1eGRzMUlSMmRXQWkxQjFUKy8zNzJJQit2NWpza3g5VlVtb1plVzAyR3FXWmhuTndsdjR5ay9SN2o1ajRLSDZ2S0FJaGJBbkdueUp5akRlQzJUYlBZRW1YendPYjZSZC9MdlFuTUtYVW1WUVZDTElWUlQ0OWRrV3ZRb2dBM1kyaDRvMmQ0RENBQ1A5eHI5OTRTS0dpaWtiQkNta1RaVmtZUFBqWU9kdFUzTk4va0MwRGxDVlpnZzhEMCtNdUpSbEt5cmhPOFY5az18&cppv=2

Request Chain 768

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=bXy1vV93NzRQbk5lalVEa0dyNGFUWnJDalFsRklhekxDeFV5TEdWZnlqVGoxQUJWMVc3ZWdTemVlc2k4MFlLJTJCREQzRCUyRjkxYk4zMnFHN1hRUXJZaFdNOXlhcWl1Y3M4WDNQbTBnRDU5cEtGNFZzejd0eFZFQlZsQ0d4NGJtUlVHMDZaUFkyVWZmc01ZSWhDUmw0cEt4VG5YRHZBJTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=zeMlInw0cXVUUTZuOWpPc0h3K2FJdVhMeFdRdUp4dFV1TDQrbER1dFg2YmVHVDVFcm9LNXlJMldqOGhLOEozQ0duOUI3MG1taW9naGJNTXdOcUxhenNMN3UzQTE5NW9WZWVkTm15OFNCRGtrZG0zRlRlRE9xWmZEZjJ5aVZvMDYrMVArVm1MSnQ5MERsVDhXMUdqZUhkcTF4UGw5RDBwSzBmN1NKOTk2QmxGdFZkek1XNGk1WTdqWTBaY01EUlJvMzZTRU9rK21OeEFkaUZqVVBPVTNOM3JvU01SZHZKQTd6blFTQW00ZHhWNUFQbEREMWk5YnovNGRXdUIxckp6MTJvWW9sb2UwQkRXRlZBRTZQZEZiaGtnb0phczlpNlM1RzlvL1M1cldQRjg2aFdqWT18&cppv=2

Request Chain 769

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=bXy1vV93NzRQbk5lalVEa0dyNGFUWnJDalFsRklhekxDeFV5TEdWZnlqVGoxQUJWMVc3ZWdTemVlc2k4MFlLJTJCREQzRCUyRjkxYk4zMnFHN1hRUXJZaFdNOXlhcWl1Y3M4WDNQbTBnRDU5cEtGNFZzejd0eFZFQlZsQ0d4NGJtUlVHMDZaUFkyVWZmc01ZSWhDUmw0cEt4VG5YRHZBJTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=aZnc73x2S1ZFZStWUEM5QVJKQjZuSnVqenZBUlhlaTEyQzZ2bmZMR3Z2UnJ2VG9VeE02ZHNHQm8rdExxZ1JKNWkxMktZV1VWZktHeTF5Nno1NUg2elFkVlV3RHZOM1p4bUhhbXZ2empqUTVpU0x2Ymx5c3dGaS80V2dwZHcxVEhoZHNIbjBFbnZxTE1FVzFzd21NUFVnNkFQL3NROFluK2RHUGFNdEl6cG02VEV6dzUxeTNhL0lyeWVYSnRHT2ozK1dWZVlwOWtQd0gvZkZEU25mVW8zZHVBV1FxVEpDMkxIaG1keHNIRXlEVnYxelNhc2s3QlNmcDh2cXFCUXRIb3lXNU9sZlRrTWlxRTdhek50LysrNVJHd3lySGt6akt4S3k5dnk1Tmh0WGRYWXlIaz18&cppv=2

Request Chain 770

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=bXy1vV93NzRQbk5lalVEa0dyNGFUWnJDalFsRklhekxDeFV5TEdWZnlqVGoxQUJWMVc3ZWdTemVlc2k4MFlLJTJCREQzRCUyRjkxYk4zMnFHN1hRUXJZaFdNOXlhcWl1Y3M4WDNQbTBnRDU5cEtGNFZzejd0eFZFQlZsQ0d4NGJtUlVHMDZaUFkyVWZmc01ZSWhDUmw0cEt4VG5YRHZBJTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=XjAqtHxvZXJweUN3Vlhia1UxSkxhMVcwVDhwTy9lY0VYS08rTCtiODhlRHcvVi95WkNWTGJrSmtYblI0V09oZVNMVkFNZ3dLY04zdDBNTDNnNjl2eHozWWxiaUpnanN6NVJZOGo0ZTZIOUtkVzBmQ1VvWVo5UC9udEtldEN2WE1TWnB6VGZMcGRPSkFVVjRzT01iTFBna2JlVDNsVWgxV1RJb0Z2cDI4alRvVXdoZ0ZZMmdPaHNGd2ZhRGlqbXVnNVZLaXU3UkhrRU4raXVhWHB5dGdkaWdnQUxQNitraExoVGtRYTlBWTNqbkNDRFpyZkJRS1ZYUXlFWkVETGlTZTR3ZEV5bkFNTWNUTTZLZTlvMXRIdnRjakhQanFlVjR1c09WT0FPSzRyS0NFbkVEWT18&cppv=2

Request Chain 771

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=bXy1vV93NzRQbk5lalVEa0dyNGFUWnJDalFsRklhekxDeFV5TEdWZnlqVGoxQUJWMVc3ZWdTemVlc2k4MFlLJTJCREQzRCUyRjkxYk4zMnFHN1hRUXJZaFdNOXlhcWl1Y3M4WDNQbTBnRDU5cEtGNFZzejd0eFZFQlZsQ0d4NGJtUlVHMDZaUFkyVWZmc01ZSWhDUmw0cEt4VG5YRHZBJTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=eB0XAXxwNDIzMUdIL3k4TTZ0d29OZmZaYlk0NTh4MjBXUDFCWjFlYk9rSXBnM3NaUVlkU1QzZGFXeVpJckQ2Qlc1ajZvdCtTeFBxbkcwb0k3dTNOMnMyVll1L1BwUHhJV0toZSt4UkZiNEU2SDBLbXFBWTBxZnBYOWdsVW4rYk1zelhMTktXWmlnbVpXd2dvTXZOdEdWQVY4MkdqOTZBQnJaNnJDck5XRUt5a3NzaE1hUHRYbEFlcFVMRVBrSWVGSTdiTDFWUjZEVTA2ZFY5QzFaeit6WjdYQUlDYkR6cnZUYVVKWE00eWs0MjJqK0FrYW5aZ2todjV1dEN5NTlGL2FEYTFoR3NaS2ZRUWduNnhXZnZQNTQzZ1hqWUhHUUFYSGUrT1BVQ0lYOGN2VEN3UT18&cppv=2

Request Chain 772

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=rrhE6V93NzRQbk5lalVEa0dyNGFUWnJDalFqZ1RhY2NPaiUyQiUyRk9JNW5DRHhURExrR2ZwOGwlMkZHS1h4ZmdRcUVMRGwlMkZ2Tko4S2V5NUh4JTJGMDFwaXBleHhhcVhmclZjRFBmWE1FYVpzcSUyRkVoaGdlbDRyejQ5WmJxdHFXMERseXdwTjRaTW1FeWFzMGlDbEVuU2R3MDEwQ09jNUNoYlElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=QJkISHx1SjZMTVJ3OVgyZkpURVExYnBzR0VHYkJJVmtDUm14OHg2bjhwU01uQ1hWTUZTa21PY1VpTmpZa0h0WUVWRFNydFdiREw2Tjc4cFVXMmtVWW5IbGNrbitUNHc0VEZBRXVINlVrSHlIamp2RGpYSjRlV1hWZjVFTHpzS1JOVnhaMDV3RkRqWjdHNGI1Vld6WHhLOEJWczMrK2ZhWG04K285L09qVFJFSDZEV1RIZ1pDcFlJM0RoUWlkMVhTcllXd3JvNzFpUXd2eGVGcUs1cTM5djBFcENUTEZZNW8wcjl4Wk1RUUJxd3NKUGU2MCtiRXZOUHF6Smk3eXQraFVodzhpejVxbjhoRkxxVGZqU1U0VkFPS0grZ25YM1lNcVBtNm91NUpGVFJYV3Myaz18&cppv=2

Request Chain 773

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=rrhE6V93NzRQbk5lalVEa0dyNGFUWnJDalFqZ1RhY2NPaiUyQiUyRk9JNW5DRHhURExrR2ZwOGwlMkZHS1h4ZmdRcUVMRGwlMkZ2Tko4S2V5NUh4JTJGMDFwaXBleHhhcVhmclZjRFBmWE1FYVpzcSUyRkVoaGdlbDRyejQ5WmJxdHFXMERseXdwTjRaTW1FeWFzMGlDbEVuU2R3MDEwQ09jNUNoYlElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=J8_RqXxTV3ZndzFwcjFWcHZRVmlVeFo2OXdZZlhJbjB2UmZack5XZUtxYThSanVBWlBwcEppYkhKbGduR2VvQjFLNmpza250QUdNb3Z4ZExEczRUaHFYVkxqMFRIbkoxbmF0N09YQmtPN0N6NUZOUCtvZmNHeDkyNDFQTVZZSkQwNnZwdHFlL3BpaVdnSkxaekd6SGdBaDNMc1h0bi9xaFl1Q3d1bXRockpyR1dleUlmUCt3Rzc1TjNwQ2VqRm9xSFhKdzNQVmhiazJCMjJ1cUNNTlEvSEQybCtpTjZxdWp5eHNPMi9WdWllb09LeTBZZk5jekRnYVFWUm1UbkZ3ZEZuK2lmSmJ3dFJFa3NxSFpEdmlKYURaSlZCYWF5RVo0Tit4ZU1mN3AvLy9lU0grTT18&cppv=2

774 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
friends.in.ua/
Redirect Chain

http://friends.in.ua/
https://friends.in.ua/

35 KB
12 KB

678ms
561ms

Document
text/html

91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 / PHP/5.6.40

Resource Hash

3148b2bff9ff38f61cd17324a0b2401d8ebaff539f4cd5d2f044da868acbb42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 02 Dec 2022 03:06:13 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.16.1
strict-transport-security: max-age=31536000;
x-powered-by: PHP/5.6.40

Redirect headers

Connection: keep-alive
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:12 GMT
Location: https://friends.in.ua:443/
Server: nginx/1.16.1
Transfer-Encoding: chunked

GET
H2 200 actualize.js Show response
kodir2.github.io/ 3 KB
2 KB 638ms
199ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kodir2.github.io/actualize.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

0bb75f6e07ec4d6d4e3ae2039822690b7d71e52c0208b63e5f34529d975db744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-fastly-request-id: 293237c7b5b7e0114bd302da12be4e5e19c3e0b5
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Fri, 02 Dec 2022 03:06:13 GMT
age: 41
x-cache: HIT
x-cache-hits: 1067
x-proxy-cache: MISS
content-length: 1531
x-served-by: cache-bog2260033-BOG
last-modified: Thu, 13 Oct 2022 10:51:59 GMT
server: GitHub.com
x-github-request-id: 64EE:53DF:D3B2CE:11A55E7:637F70ED
x-timer: S1669950374.640155,VS0,VE0
etag: W/"6347edcf-c36"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Thu, 24 Nov 2022 13:36:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 188ms
66ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-60815340-5

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b64809d2582058d4a3c20246175017702c19cc81f133991440291cb5012d309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43654
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Dec 2022 03:06:13 GMT

GET
H2 200 index.php Show response
friends.in.ua/engine/classes/min/ 205 KB
61 KB 163ms
156ms Script
application/x-javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/engine/classes/min/index.php?charset=utf-8&g=general&21

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 / PHP/5.6.40

Resource Hash

4f8c566f2cc5e60ddec29774fddf017646b0d814eb25c6132d89c5c7cebd4cc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000;
last-modified: Sun, 18 Jun 2017 13:31:36 GMT
server: nginx/1.16.1
x-powered-by: PHP/5.6.40
etag: "pub1497792696;gz"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=31536000
content-length: 62137
expires: Sat, 02 Dec 2023 03:06:13 GMT

GET
H2 200 grid.css
friends.in.ua/templates/StopFilm/css/ 17 KB
18 KB 61ms
55ms Stylesheet
text/css 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/css/grid.css

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

a472ce20c2c4ab1907fedde9d44b4f0d09e295d22603d26bc392233ba4a4448a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 11 Mar 2019 19:53:00 GMT
server: nginx/1.16.1
etag: "5c86bc9c-4559"
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
content-length: 17753
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 style.css
friends.in.ua/templates/StopFilm/css/ 11 KB
11 KB 117ms
110ms Stylesheet
text/css 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/css/style.css?v=1.1.3

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

19a504af35c5c86859ecc31d7c9851dfc96dfe7828484998fdfd544d45fe6add

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 08 Jul 2019 13:20:42 GMT
server: nginx/1.16.1
etag: "5d23432a-2a87"
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
content-length: 10887
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 engine.css
friends.in.ua/templates/StopFilm/css/ 59 KB
59 KB 117ms
111ms Stylesheet
text/css 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/css/engine.css

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

46967c5357950663d5b99cea4a1646982f8cc90467f8d2fcd5d7c5e38d0f96dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Sun, 18 Jun 2017 13:36:12 GMT
server: nginx/1.16.1
etag: "594681cc-eab1"
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
content-length: 60081
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 style.css
friends.in.ua/templates/StopFilm/stylesheets/ 31 KB
31 KB 160ms
153ms Stylesheet
text/css 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/stylesheets/style.css?v=1.0.5

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

02a58acbc441082afffc279ae739aa8359c1e3b39ec18621647611b1e93809a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Wed, 20 Nov 2019 22:48:43 GMT
server: nginx/1.16.1
etag: "5dd5c2cb-7af4"
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
content-length: 31476
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 font-awesome.css
friends.in.ua/templates/StopFilm/css/ 27 KB
27 KB 160ms
154ms Stylesheet
text/css 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/css/font-awesome.css

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

b27dac1362a907e10e84987c6e2ba5f5fbb716f095bd646f85de1d1927750b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Sun, 02 Jun 2019 00:17:35 GMT
server: nginx/1.16.1
etag: "5cf3159f-6cff"
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
content-length: 27903
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 responsive.css
friends.in.ua/templates/StopFilm/css/ 7 KB
8 KB 160ms
154ms Stylesheet
text/css 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/css/responsive.css

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

f0890052c64e6ebeb30ce1522f4b4255ec1e28acd020f57ed371134d4cf06801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Thu, 16 May 2019 20:34:47 GMT
server: nginx/1.16.1
etag: "5cddc967-1d2d"
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
content-length: 7469
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 pushy.css
friends.in.ua/templates/StopFilm/css/ 4 KB
4 KB 160ms
154ms Stylesheet
text/css 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/css/pushy.css

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

ec7c7704dff96cefde09d463320858879f5d02567828c3e3c1480527cd23f012

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Sun, 18 Jun 2017 13:36:12 GMT
server: nginx/1.16.1
etag: "594681cc-f08"
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
content-length: 3848
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 buttons.css
friends.in.ua/templates/StopFilm/css/ 18 KB
19 KB 160ms
155ms Stylesheet
text/css 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/css/buttons.css?v=1.0.2

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

486cf8923081a57175e52763b3ecaf24fa6c3c2338770f3ae07064e5161865d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Sat, 21 Apr 2018 21:44:52 GMT
server: nginx/1.16.1
etag: "5adbb0d4-4994"
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
content-length: 18836
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 slick.css
friends.in.ua/templates/StopFilm/css/ 2 KB
2 KB 160ms
155ms Stylesheet
text/css 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/css/slick.css

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 08 Mar 2019 22:46:03 GMT
server: nginx/1.16.1
etag: "5c82f0ab-6f0"
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
content-length: 1776
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 slick-theme.css
friends.in.ua/templates/StopFilm/css/ 2 KB
2 KB 161ms
155ms Stylesheet
text/css 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/css/slick-theme.css?v=1.0.7

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

833bf0ec37d8a8c48ee876d0eb3d4c140fa7436d272d693097f005606f288e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 08 Mar 2019 22:46:03 GMT
server: nginx/1.16.1
etag: "5c82f0ab-617"
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
content-length: 1559
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 new_header.css
friends.in.ua/templates/StopFilm/css/ 9 KB
9 KB 161ms
156ms Stylesheet
text/css 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/css/new_header.css?v=1.0.1

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

9a210f208afe7d94673898071f42e05c6040ae0d98aff80c0dd2770a18da62d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 03 Nov 2020 15:31:45 GMT
server: nginx/1.16.1
etag: "5fa177e1-23c1"
content-type: text/css
cache-control: max-age=864000
accept-ranges: bytes
content-length: 9153
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 195ms
68ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600|Oswald:700&subset=cyrillic

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a49365a0972e0978e6bb697a7f2f6916fcc47c6482b994b69e16122589964f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Dec 2022 03:06:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 03:06:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Dec 2022 03:06:13 GMT

GET
H2 200 scripts.js Show response
friends.in.ua/templates/StopFilm/js/ 36 KB
36 KB 161ms
156ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/js/scripts.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

ca706f7070b55f04ad7e61bcd28ddf780ca341464cd42a329400101f0b01e423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Sun, 18 Jun 2017 13:36:13 GMT
server: nginx/1.16.1
etag: "594681cd-8e69"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 36457
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 modernizr.js Show response
friends.in.ua/templates/StopFilm/js/ 10 KB
10 KB 161ms
156ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/js/modernizr.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

d83c8c684c71b22436e90b2de30f4346a6691d1a40e93a19285864ee5725108a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Sun, 18 Jun 2017 13:36:13 GMT
server: nginx/1.16.1
etag: "594681cd-2663"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 9827
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 ads.js Show response
friends.in.ua/templates/StopFilm/js/ 17 B
235 B 161ms
157ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/js/ads.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

ab8b6924619317a40378b8e6300d982eed7212151048bc43bd2f3706ca428621

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 10 Apr 2018 22:38:13 GMT
server: nginx/1.16.1
etag: "5acd3cd5-11"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 17
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 libs.js Show response
friends.in.ua/templates/StopFilm/js/ 3 KB
3 KB 162ms
157ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/js/libs.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

371bd1007ecc50fdb3474537fd2a65516483e547bd0a552e0c51770c5c4e5952

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Thu, 16 May 2019 18:04:24 GMT
server: nginx/1.16.1
etag: "5cdda628-b99"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 2969
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 share42.js Show response
friends.in.ua/photos/share/ 3 KB
3 KB 163ms
158ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/photos/share/share42.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

e25b1807f6285a992305a2a993e7894c56c8864b20d7627f8956c454a8a84824

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Sat, 28 Jul 2018 11:46:07 GMT
server: nginx/1.16.1
etag: "5b5c577f-b4c"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 2892
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
95 KB 174ms
54ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:03:38 GMT
x-content-type-options: nosniff
age: 155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96381
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 03:03:38 GMT

GET
H2 200 slick.min.js Show response
friends.in.ua/templates/StopFilm/js/ 42 KB
42 KB 163ms
159ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/js/slick.min.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Sat, 22 Dec 2018 17:00:11 GMT
server: nginx/1.16.1
etag: "5c1e6d9b-a76f"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 42863
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 header.js Show response
friends.in.ua/templates/StopFilm/js/ 2 KB
2 KB 163ms
159ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/js/header.js?v=1.0.2

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

f800e06dd0a06d26695ce311bdd13904916ae3e280481842cb5ffec4ddccc9a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 09 Aug 2019 17:29:30 GMT
server: nginx/1.16.1
etag: "5d4dad7a-7f5"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 2037
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 video_switches.js Show response
friends.in.ua/templates/StopFilm/js/ 1 KB
1 KB 163ms
160ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/js/video_switches.js?v=1.0.6

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

f4d6fa15792bf2316634e30547b58982f70779af811f4f4612d78d4af4525a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Thu, 18 Apr 2019 23:47:53 GMT
server: nginx/1.16.1
etag: "5cb90ca9-4b3"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 1203
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 jquery.video.js Show response
friends.in.ua/js/ 925 B
1 KB 164ms
160ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/js/jquery.video.js?v=2.0.7

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

39980b315eb62a1631c5f4016ab4b3e6cf632996def0434b91cec6077ec9bb64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 10 Apr 2018 22:42:44 GMT
server: nginx/1.16.1
etag: "5acd3de4-39d"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 925
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 logo1.png
friends.in.ua/templates/StopFilm/images/ 10 KB
11 KB 101ms
92ms Image
image/png 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/templates/StopFilm/images/logo1.png

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

c24bbcb3112da75415103f764163f3d510440abe4f3916e601ae6c1fa894eb4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Sun, 07 Jul 2019 14:02:55 GMT
server: nginx/1.16.1
etag: "5d21fb8f-299c"
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
content-length: 10652
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H/1.1 200
OK lib.js Show response
franecki.net/js/ 37 KB
12 KB 271ms
56ms Script
text/javascript 89.149.200.234
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://franecki.net/js/lib.js?no_dmp=1

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

openresty /

Resource Hash

ed4a6bfc2ee3e531be78b7330cbdbf23b564fa5144975bca472d60c3b03212b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/javascript
Connection: close
Expires: 0

GET
H/1.1 200
OK lib.js Show response
franecki.net/js/ 38 KB
12 KB 271ms
57ms Script
text/javascript 89.149.200.234
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://franecki.net/js/lib.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

openresty /

Resource Hash

be7fc75536eff1afeafe89c471e191c21cf4520180a0602be2255d95fec1d79e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/javascript
Connection: close
Expires: 0

GET
H2 200 serial-druzi.jpg
friends.in.ua/photos/films/ 77 KB
78 KB 103ms
95ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/photos/films/serial-druzi.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

1e7e6b59a5b05255178c9b9acfc303fe2c35a16534e61076c8bfe37a16ec8e51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 15 Apr 2019 22:33:58 GMT
server: nginx/1.16.1
etag: "5cb506d6-13533"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 79155
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 charmed.jpg
friends.in.ua/posters/ 26 KB
27 KB 105ms
97ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/charmed.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

8fbef915c39b670da441a27a7ac28cfbd480a921ee6ec1ec0d325aec3d074914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Sat, 18 May 2019 16:00:51 GMT
server: nginx/1.16.1
etag: "5ce02c33-69d1"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 27089
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 domogospodarky.jpg
friends.in.ua/posters/ 28 KB
28 KB 108ms
100ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/domogospodarky.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

c2899b0932bdf27ca8d24ffefabe2892045f7dd8bcb3d45ba2c81f683578f308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Thu, 16 May 2019 21:40:32 GMT
server: nginx/1.16.1
etag: "5cddd8d0-70da"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 28890
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 pokoyivky.jpg
friends.in.ua/photos/pokoyivky/ 141 KB
141 KB 112ms
104ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/photos/pokoyivky/pokoyivky.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

b9132ab54c6e1bc9d6c1fd6b66b93c77894cda13b87cc8fdb3fabb1d4222ee0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Wed, 09 Feb 2022 09:50:32 GMT
server: nginx/1.16.1
etag: "62038e68-23273"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 143987
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 seks-i-misto.jpg
friends.in.ua/posters/ 49 KB
49 KB 154ms
146ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/seks-i-misto.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

57747d0c58d8a960164c63f821b3132b813318f97d34fe74ed61ff679158ede4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Thu, 13 Jun 2019 20:59:48 GMT
server: nginx/1.16.1
etag: "5d02b944-c438"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 50232
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 roksolana.jpg
friends.in.ua/posters/ 64 KB
65 KB 158ms
151ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/roksolana.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

f83aba329a813f09369e5835393cf80f17235983b5933dcd51b8a8f3d95aac73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Wed, 07 Aug 2019 11:23:02 GMT
server: nginx/1.16.1
etag: "5d4ab496-1019b"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 65947
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 ErkenciKus.jpg
friends.in.ua/photos/ErkenciKus/ 57 KB
57 KB 158ms
151ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/photos/ErkenciKus/ErkenciKus.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

8078f97416dbfbb2b24d6a2ae82d6130ace453db0199a80746dfac32ac1040b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Sat, 29 Jan 2022 20:59:25 GMT
server: nginx/1.16.1
etag: "61f5aaad-e276"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 57974
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 IstanbulluGelin.jpg
friends.in.ua/photos/IstanbulluGelin/ 55 KB
56 KB 159ms
152ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/photos/IstanbulluGelin/IstanbulluGelin.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

825190bc39f5380a2a05980aa17f0503dceaa0704081a20b97f43afb180ca5ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 26 Nov 2021 09:34:08 GMT
server: nginx/1.16.1
etag: "61a0aa10-dd71"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 56689
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 vandavizhen.jpg
friends.in.ua/posters/ 82 KB
83 KB 160ms
153ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/vandavizhen.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

ae667f9c3a748739ea15139d817849bca484b29d00bdbdb3c5c6c318a87951b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Sat, 27 Feb 2021 13:15:04 GMT
server: nginx/1.16.1
etag: "603a45d8-149c4"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 84420
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 mandalorec.jpg
friends.in.ua/posters/ 71 KB
71 KB 179ms
172ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/mandalorec.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

0c24d5868a3003ccf924ab3d528967219e03d6c93d46da648dc7e15b7d0b005d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 06 Nov 2020 19:17:18 GMT
server: nginx/1.16.1
etag: "5fa5a13e-11ca9"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 72873
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 office.jpg
friends.in.ua/posters/ 64 KB
64 KB 183ms
176ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/office.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

01f460e02afed4fa122618a31212b246ecb7004961851dce17a42500dc4e0442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 22 Jun 2020 13:53:11 GMT
server: nginx/1.16.1
etag: "5ef0b7c7-fe2a"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 65066
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 la-casa-de-papel.jpg
friends.in.ua/posters/ 84 KB
84 KB 189ms
183ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/la-casa-de-papel.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

855cf138941573cf3dd1daf6ea12a15122e115c9145d809c8e3556f73668e254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 06 Sep 2021 19:29:55 GMT
server: nginx/1.16.1
etag: "61366c33-14e6a"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 85610
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 vidmak.jpg
friends.in.ua/posters/ 68 KB
68 KB 190ms
184ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/vidmak.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

164331299d8714c825f8579119570c0281762fd67567e32cfa7e95cfa0516a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 27 Dec 2019 02:18:08 GMT
server: nginx/1.16.1
etag: "5e0569e0-10e4a"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 69194
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 baffi.jpg
friends.in.ua/posters/ 61 KB
61 KB 191ms
185ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/baffi.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

ba6ad3d5f2e4f812f189159634422ef4595e1efecc67ac79f5bd484fba3e3a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 09 Mar 2020 14:44:01 GMT
server: nginx/1.16.1
etag: "5e665631-f28f"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 62095
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 big-bang.jpg
friends.in.ua/posters/ 69 KB
70 KB 194ms
188ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/big-bang.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

0462c90aa69c24ecb90cfb59024b71fb99c89c911432d5ad21c7cbf18ef7ea6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 23 Jul 2019 15:21:03 GMT
server: nginx/1.16.1
etag: "5d3725df-11543"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 70979
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 sheldon.jpg
friends.in.ua/posters/ 45 KB
45 KB 200ms
194ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/sheldon.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

0914444836fae2f430d7c42f27b07a536508197a35aa9e4c8294bc5f7978d08b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 06 Aug 2019 14:10:15 GMT
server: nginx/1.16.1
etag: "5d498a47-b347"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 45895
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 novobranec.jpg
friends.in.ua/posters/ 47 KB
47 KB 201ms
195ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/novobranec.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

0312e1f30bf4a79a90bead6d2cd681c2049e8a51d9e4a55249f21b2300da09c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Wed, 20 Nov 2019 20:16:55 GMT
server: nginx/1.16.1
etag: "5dd59f37-bc29"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 48169
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 met-mother.jpg
friends.in.ua/posters/ 56 KB
56 KB 201ms
196ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/met-mother.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

94d7aa346974c2fb89458181777b05db520c81fefd53220dd124f064b08e6866

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 06 Aug 2019 19:03:02 GMT
server: nginx/1.16.1
etag: "5d49cee6-e08a"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 57482
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 alf.jpg
friends.in.ua/posters/alf/ 58 KB
59 KB 202ms
196ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/alf/alf.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

19bcad5c32c05a87eeecac5ae6a3398dc2b3d2a0409a32f32c4824b4a0ca9459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 16 Sep 2019 21:48:34 GMT
server: nginx/1.16.1
etag: "5d800332-e9cb"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 59851
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 joey.jpg
friends.in.ua/posters/ 47 KB
47 KB 202ms
197ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/joey.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

d9f7eb7abd8c938bdd86975d382911f93580a1a4622b2b816fb920f93e9a66ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Sun, 11 Aug 2019 15:35:16 GMT
server: nginx/1.16.1
etag: "5d5035b4-bb7c"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 47996
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 ncis.jpg
friends.in.ua/posters/ 68 KB
68 KB 202ms
197ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/ncis.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

00ac6ba4c7cd386ce2f692f45e7718b866bb00af4a14be2efab8e49a90b3df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Wed, 14 Aug 2019 22:12:20 GMT
server: nginx/1.16.1
etag: "5d548744-10fae"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 69550
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 dyvni-dyva.jpg
friends.in.ua/posters/ 53 KB
54 KB 202ms
198ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/dyvni-dyva.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

c6002842e5f7cd5d7898ccd55452049240e2014e283191fb63770bfe3ec49973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Sat, 06 Jul 2019 22:49:34 GMT
server: nginx/1.16.1
etag: "5d21257e-d53b"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 54587
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 doktor-haus.jpg
friends.in.ua/posters/ 52 KB
52 KB 203ms
199ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/doktor-haus.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

f60dae7119e9a426e1d780c4975d6bcc5a86ee60638a8bd0588324ed29905438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Mon, 17 Jun 2019 15:06:56 GMT
server: nginx/1.16.1
etag: "5d07ac90-d009"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 53257
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 rozcharuvannya.jpg
friends.in.ua/posters/ 41 KB
42 KB 204ms
200ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/rozcharuvannya.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

425d14466d34dbb0acaa9cac644d5508c96124e36c0f233b365dff87a6e37874

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Thu, 16 May 2019 21:43:08 GMT
server: nginx/1.16.1
etag: "5cddd96c-a50d"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 42253
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 policiya-paradayz.jpg
friends.in.ua/posters/ 34 KB
35 KB 207ms
203ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/posters/policiya-paradayz.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

5ce0bbe89a521f471b2e1dcac3dfde2fa5532200acc9d5d3c8a450f363a2c54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Sun, 19 May 2019 19:05:17 GMT
server: nginx/1.16.1
etag: "5ce1a8ed-8991"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 35217
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 jquery.cookie.js Show response
friends.in.ua/js/ 3 KB
3 KB 57ms
56ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/js/jquery.cookie.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Fri, 11 Aug 2017 11:22:09 GMT
server: nginx/1.16.1
etag: "598d9361-c31"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 3121
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 share.js Show response
friends.in.ua/templates/StopFilm/js/ 3 KB
3 KB 63ms
55ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/js/share.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

77b923d6fd76d50e9728f2786c10de9ab04d7853b863244de8f4f9ab612f8bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Sun, 18 Jun 2017 13:36:13 GMT
server: nginx/1.16.1
etag: "594681cd-c98"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 3224
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 311ms
95ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a35d3d9cee3477f8fd80add926065d2141d82dcc4a8155bbb55970023c21ce50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48938
x-xss-protection: 0
server: cafe
etag: 11192186526541975340
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 02 Dec 2022 03:06:13 GMT

GET
H2 200 pushy.min.js Show response
friends.in.ua/templates/StopFilm/js/ 2 KB
2 KB 78ms
69ms Script
application/javascript 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/js/pushy.min.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

5f1a3a89f85d7d8fea248137111c5030e521d9efa3da80f95eaa2bf8ac3b6836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Sun, 18 Jun 2017 13:36:13 GMT
server: nginx/1.16.1
etag: "594681cd-7d2"
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 2002
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 thesimpsons.jpg
friends.in.ua/templates/StopFilm/images/ 30 KB
30 KB 57ms
56ms Image
image/jpeg 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/templates/StopFilm/images/thesimpsons.jpg

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/templates/StopFilm/css/style.css?v=1.1.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

480e671f35917348ea232ffe01e2d759469f630f3b4045689e60d2edf69b63e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/templates/StopFilm/css/style.css?v=1.1.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:13 GMT
strict-transport-security: max-age=31536000;
last-modified: Wed, 21 Jun 2017 10:09:06 GMT
server: nginx/1.16.1
etag: "594a45c2-78aa"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 30890
expires: Mon, 12 Dec 2022 03:06:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 270ms
59ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-60815340-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 01:24:43 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6090
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 02 Dec 2022 03:24:43 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 271ms
60ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

701c28ef325fdff27112c37449bc456998da9ea1b1020cf980872bac5b5ff6dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 03:06:13 GMT
content-md5: MZ//T8J7daRcfsybI2CpZw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: WjiAxWK3MdWq9JcJwE3KbAJBe+/hjovmZLjxjvgxH7lsLXf0Hz56ttfP0mK5WlWZ5fcBkYwRbGhZiE1n9CDomA==
x-fb-trip-id: 917726464
x-fb-content-md5: e00c78a7c2ad8afc9162c5417a9dea97
cross-origin-opener-policy: same-origin-allow-popups
etag: "331121c8e8b4c3e5a30a0a568a1964fc"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 02 Dec 2022 03:07:22 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUJiZTaR.woff2
fonts.gstatic.com/s/oswald/v49/ 6 KB
6 KB 264ms
64ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUJiZTaR.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600|Oswald:700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c298c7796b872b6caa387178a0089923ed809b663bc5584601ec7c2182eb2bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://friends.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 17:19:35 GMT
x-content-type-options: nosniff
age: 553598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5856
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:16:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 17:19:35 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 10 KB
10 KB 267ms
71ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600|Oswald:700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://friends.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 21:10:00 GMT
x-content-type-options: nosniff
age: 280573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10172
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 21:10:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/ru_RU/ 301 KB
85 KB 119ms
58ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=fd7399375eee7f6019d7115553185ec0

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ae00a39afaf598a6448c8ace5d2fe1a55ba6ee259dd103ce7f95992b0bc0db8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://friends.in.ua/
Origin: https://friends.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 03:06:14 GMT
content-md5: zYCaCAF0iPJUpQhfooSEiQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87130
x-fb-rlafr: 0
x-fb-debug: uSW3NEpPWvYChB6caObf0JY2h59dhXHelP9lO/jNuw7S2kLIkFryOvA+xxjX6yXsa7rlNfS4BevPDwoNU9GY3Q==
x-fb-content-md5: 3d2751b366ee533a1979e4dc389ae88e
cross-origin-opener-policy: same-origin-allow-popups
etag: "5218977c891dbe6ec5026055d03563f2"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 01 Dec 2023 22:03:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 64ms
64ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=246870196&t=pageview&_s=1&dl=https%3A%2F%2Ffriends.in.ua%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=2118763760&gjid=691657395&cid=1554725003.1669950374&tid=UA-60815340-5&_gid=134330287.1669950374&_r=1&gtm=2oubu0&z=971231618

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://friends.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://friends.in.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 64ms
63ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=246870196&t=pageview&_s=1&dl=https%3A%2F%2Ffriends.in.ua%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1646521047&gjid=707397294&cid=1554725003.1669950374&tid=UA-60815340-5&_gid=134330287.1669950374&_r=1&_slc=1&z=1144210367

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://friends.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://friends.in.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame ED6B 10 KB
5 KB 173ms
53ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 36309
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 17:01:05 GMT
etag: 10353107486223812946
expires: Thu, 15 Dec 2022 17:01:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/webp

HEAD ping
test.takedwn.ws/ 0
0

GET
H/1.1 200
OK player
stats.myangular.life/ 0
187 B 200ms
61ms Image
text/plain 138.201.204.111
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.myangular.life/player?hit=script&sub=actualize&host=friends.in.ua
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.204.111 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.111.204.201.138.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 02 Dec 2022 03:06:14 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 354 KB
116 KB 229ms
112ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1034840951493578&plah=friends.in.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3096b857e86eab973eddc159c3f9233154423c62eee6470df746d66b93a7a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119174
x-xss-protection: 0
server: cafe
etag: 3264732809814186503
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 02 Dec 2022 03:06:14 GMT

GET
H/1.1 200
OK / Show response
aurabom.ru/player/ 126 KB
39 KB 374ms
118ms Script
text/javascript 212.224.112.249
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://aurabom.ru/player/
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.224.112.249 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS: dsde377-2.fornex.org
Software: nginx /
Resource Hash: 0ab672e8803f3066115faa22fd7df03f0f235e0276d7e0d220c71516170de8fe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:14 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"1f73f-+MEEd69w2xzbUMhzer21KA"
Vary: Accept-Encoding
Transfer-Encoding: chunked
X-Hostname: dsde382.rotator.viboom.com
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK humanitarian-five.js Show response
franecki.net/js/ 43 KB
13 KB 147ms
50ms Script
application/javascript 89.149.200.234
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://franecki.net/js/humanitarian-five.js?no_dmp=1
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: openresty /
Resource Hash: 6b5f93fcba0cae2cf7d63478302e219b922d252bca9925061e733d5494da52ac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:14 GMT
Content-Encoding: gzip
Last-Modified: Sun, 02 Oct 2022 10:49:31 GMT
Server: openresty
ETag: W/"63396cbb-ad30"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: close

GET
H/1.1 200
OK 0cebdb31bcc8cbf9d7da8a95e22b5982.js Show response
franecki.net/assets/pack/ 0
606 B 164ms
65ms Script
text/plain 89.149.200.234
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://franecki.net/assets/pack/0cebdb31bcc8cbf9d7da8a95e22b5982.js?1&ct=na&webp=1&sw=1600&sh=1200&ww=1600&wh=1200&fp=42a0872bef3364e3484ecd91a6996b1e&libjs=1&dc_rid=

Requested by

Host: franecki.net
URL: https://franecki.net/js/lib.js?no_dmp=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:14 GMT
Strict-Transport-Security: max-age=86400; includeSubDomains; preload
Content-Encoding: gzip
x-render-time: 4.66
Server: openresty
Transfer-Encoding: chunked
x-adwsegments: {"r:100842:iprange:1":1}
access-control-allow-credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK b884872a195939d21d07f1384cc7928d.js Show response
franecki.net/assets/pack/ 0
676 B 163ms
64ms Script
text/plain 89.149.200.234
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://franecki.net/assets/pack/b884872a195939d21d07f1384cc7928d.js?1&ct=na&webp=1&sw=1600&sh=1200&ww=1600&wh=1200&fp=42a0872bef3364e3484ecd91a6996b1e&libjs=1&dc_rid=

Requested by

Host: franecki.net
URL: https://franecki.net/js/lib.js?no_dmp=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:14 GMT
Strict-Transport-Security: max-age=86400; includeSubDomains; preload
Content-Encoding: gzip
x-render-time: 2.25
Server: openresty
Transfer-Encoding: chunked
x-adwsegments: {"r:100842:iprange:1":1}
access-control-allow-credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 67b798e50a15eca78568eeb621e83c3f.js Show response
franecki.net/assets/pack/ 2 KB
2 KB 164ms
66ms Script
application/x-javascript 89.149.200.234
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://franecki.net/assets/pack/67b798e50a15eca78568eeb621e83c3f.js?1&ct=na&webp=1&sw=1600&sh=1200&ww=1600&wh=1200&fp=42a0872bef3364e3484ecd91a6996b1e&libjs=1&dc_rid=

Requested by

Host: franecki.net
URL: https://franecki.net/js/lib.js?no_dmp=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

89.149.200.234 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

openresty /

Resource Hash

a57acc7776143c4260462075f7ee06df650c3ea5969900f63f1246b0fb76cff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:14 GMT
Strict-Transport-Security: max-age=86400; includeSubDomains; preload
Content-Encoding: gzip
x-render-time: 9.01
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
x-adwsegments: {"r:100842:iprange:1":1}
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
Connection: close
Access-Control-Allow-Headers: *
x-cid: 33246
Expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 test-ad.php Show response
friends.in.ua/ 4 B
131 B 60ms
59ms XHR
text/html 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/test-ad.php?adsize=981&adnet=120x600&adspace=adslot

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 / PHP/5.6.40

Resource Hash

5db1fee4b5703808c48078a76768b155b421b210c0761cd6a5d223f4d99f1eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept: */*
Referer: https://friends.in.ua/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:14 GMT
strict-transport-security: max-age=31536000;
server: nginx/1.16.1
x-powered-by: PHP/5.6.40
content-type: text/html; charset=UTF-8

GET
H2 200 adv.png
friends.in.ua/ 544 B
754 B 57ms
57ms Image
image/png 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://friends.in.ua/adv.png?adsize=981&adnet=120x600&adspace=adslot

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

e9d04b52142cb63af955d167a62bc412e280b01a17648994aa4b838e0c979c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:14 GMT
strict-transport-security: max-age=31536000;
last-modified: Tue, 10 Apr 2018 22:08:58 GMT
server: nginx/1.16.1
etag: "5acd35fa-220"
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
content-length: 544
expires: Mon, 12 Dec 2022 03:06:14 GMT

GET
H/1.1 200
OK azure_rus.gif
www.megastock.ru/doc/88x31_user/ 2 KB
2 KB 470ms
95ms Image
image/gif 91.227.52.186
ASCOM4S

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.megastock.ru/doc/88x31_user/azure_rus.gif

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.227.52.186 , Russian Federation, ASN56806 (ASCOM4S, RU),

Reverse DNS

Software

openresty / ASP.NET

Resource Hash

1cdfec4471965cdc07a0a4fff3c5d65c624d201dd2d30772d1fa40adff2d9e4e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:14 GMT
Last-Modified: Thu, 07 Nov 2013 09:45:35 GMT
Server: openresty
ETag: "1d4ce71b9edbce1:0"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2183

GET
H2 200 fontawesome-webfont.woff
friends.in.ua/templates/StopFilm/fonts/ 64 KB
64 KB 58ms
57ms Font
application/font-woff 91.240.20.7
WIBO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://friends.in.ua/templates/StopFilm/fonts/fontawesome-webfont.woff?v=4.2.0

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/templates/StopFilm/css/font-awesome.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.240.20.7 , Lithuania, ASN59939 (WIBO-AS, LT),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://friends.in.ua/templates/StopFilm/css/font-awesome.css
Origin: https://friends.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:14 GMT
strict-transport-security: max-age=31536000;
last-modified: Sun, 18 Jun 2017 13:36:13 GMT
server: nginx/1.16.1
etag: "ffac-5523c1a1a4d40"
content-type: application/font-woff
accept-ranges: bytes
content-length: 65452

GET
H2 200 t.js Show response
sholke.com/ Frame 657F 54 KB
15 KB 206ms
66ms Script
application/javascript 108.138.17.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3677731669950374465
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-83.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: _w3ae0RYCGBlDTPjQPIQB8LKoj64xOVc
content-encoding: gzip
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
date: Thu, 01 Dec 2022 16:28:54 GMT
last-modified: Fri, 11 Nov 2022 10:14:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 38241
etag: W/"57c945f3c1feba973398debac47b1341"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: G-XV4kkOGCc9fLURk_8bKZX0fsNHImrn46xN298Me4Vv4JBMZMPo5g==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
468 B 77ms
62ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=friends.in.ua&callback=_gfp_s_&client=ca-pub-1034840951493578&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1034840951493578&plah=friends.in.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fa11e5637a791ad848dc897de7de1bb1304446fd3c1514003fa0e9819119117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 198ms
63ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=friends.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 206ms
67ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=friends.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BEAC 603 B
68 B 197ms
79ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1034840951493578&output=html&adk=1812271804&adf=3025194257&lmt=1669950374&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Ffriends.in.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669950374280&bpp=3&bdt=1175&idt=381&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=356820679093&frm=20&pv=2&ga_vid=1554725003.1669950374&ga_sid=1669950375&ga_hid=246870196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44773613%2C44770880%2C21066430&oid=2&pvsid=269038751741260&tmod=1396620792&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=414

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:14 GMT
expires: Fri, 02 Dec 2022 03:06:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 t6vjtkugvap61lmhzkwwc.json Show response
sholke.com/c/ Frame 657F 1 KB
2 KB 177ms
59ms Fetch
application/octet-stream 108.138.17.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/c/t6vjtkugvap61lmhzkwwc.json
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3677731669950374465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-83.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b297024f28bf7c02f796c5c55280dd53fd0047fa2e52c9d8c315c6128edb295

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: pVkEGPVSKVwkyogRewqUk3pqmAvdsx25
date: Thu, 01 Dec 2022 16:40:11 GMT
via: 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 37564
x-cache: Hit from cloudfront
content-length: 1358
last-modified: Thu, 10 Nov 2022 10:46:38 GMT
server: AmazonS3
etag: "9a54f2d2288abe8c26895e080138964a"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
accept-ranges: bytes
x-amz-cf-id: 3r93LyTbjxUlsRiUEPXFEg0lTZJRi_sCVmiwpw01pckysglqyNA07w==

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 160 KB
57 KB 408ms
193ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: aurabom.ru
URL: https://aurabom.ru/player/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b9b55eda4118e5fda9876af796e33d19cbb2661da9e0594f2d7837039f0e0ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
etag: "6388ac0c-e14c"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 57676
expires: Fri, 02 Dec 2022 04:06:14 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 195ms
75ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-57015589-1&l=viboomGa

Requested by

Host: aurabom.ru
URL: https://aurabom.ru/player/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c871245ef87d9515da7c1ee988827607b7f38acfeddc6af0a6f7799ee187eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43666
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Dec 2022 03:06:14 GMT

GET
H/1.1 200
OK video.css
aurabom.ru/ 26 KB
6 KB 62ms
61ms Stylesheet
text/css 212.224.112.249
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://aurabom.ru/video.css
Requested by: Host: aurabom.ru
URL: https://aurabom.ru/player/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.224.112.249 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS: dsde377-2.fornex.org
Software: nginx /
Resource Hash: 892cb57a1eeb3e07a75462120d3b8429f2cf28d1f57aba1d7933395a9043bb7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:14 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"688f-KJGOmg0i5xsU4jAsDLZ+fw"
Vary: Accept-Encoding
Transfer-Encoding: chunked
X-Hostname: dsde382.rotator.viboom.com
Content-Type: text/css; charset=utf-8
Connection: keep-alive

GET
H2

200

pixel.js Show response
x01.aidata.io/
Redirect Chain

https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=9a55578d4f950aacbea7b1d918835f8a&v=1669950374734
https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=9a55578d4f950aacbea7b1d918835f8a&v=1669950374734&pid=VIBOOM&js=1&show_js_referer=1&bounce=1

1 KB
1 KB

96ms
92ms

Script
application/javascript

89.108.120.76
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=9a55578d4f950aacbea7b1d918835f8a&v=1669950374734&pid=VIBOOM&js=1&show_js_referer=1&bounce=1
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: H2
Server: 89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51804.reg.regrucolo.ru
Software: nginx /
Resource Hash: fbf57c32e5ca6f599320b99c079cbf1a33a5d0eecccb14be414e46d7f8792df8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:15 GMT
content-encoding: gzip
last-modified: Fri, 02 Dec 2022 03:06:14 GMT
server: nginx
access-control-allow-methods: GET, POST
content-type: application/javascript
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Fri, 02 Dec 2022 03:06:14 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:14 GMT
last-modified: Fri, 02 Dec 2022 03:06:13 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=9a55578d4f950aacbea7b1d918835f8a&v=1669950374734&pid=VIBOOM&js=1&show_js_referer=1&bounce=1
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Fri, 02 Dec 2022 03:06:13 GMT

GET
H/1.1 200
OK / Show response
aurabom.ru/video/get/ 202 B
715 B 202ms
140ms Script
text/javascript 212.224.112.249
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://aurabom.ru/video/get/?platformId=101909&format=3&overrollType=embeded&sig=31aeb6078a58f6d2&data=%7B%22shown%22%3A%5B%5D%2C%22errors%22%3A%5B%5D%2C%22dimentions%22%3A%7B%7D%2C%22referer%22%3A%22https%3A%2F%2Ffriends.in.ua%2F%22%2C%22origReferer%22%3A%22https%3A%2F%2Ffriends.in.ua%2F%22%2C%22location%22%3A%22https%3A%2F%2Ffriends.in.ua%2F%22%2C%22n%22%3A0%2C%22lang%22%3A%22en-US%22%2C%22title%22%3A%22%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS%22%7D&vbmuid=9a55578d4f950aacbea7b1d918835f8a
Requested by: Host: aurabom.ru
URL: https://aurabom.ru/player/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.224.112.249 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS: dsde377-2.fornex.org
Software: nginx /
Resource Hash: 8d4b9d561703235b44c824408370d4405e2c2c7ba7da310af7f40fc094da283e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:14 GMT
Server: nginx
ETag: W/"ca-2ZN5lu9UKj1bfipcdO3KEw"
Rotator-message: video: no campaignAccess, code: -11, msg: undefined, format: 3, platformId: 101909, rtrCampaignId: false
X-Hostname: dsde382.rotator.viboom.com
Content-Type: text/javascript; charset=utf-8
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 202

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame D051 80 KB
27 KB 260ms
78ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3677731669950374465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1eb7cf0cd5ad4c0546c148673cae8fd4a1bbb2c210893a975cf43e387d33867

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27419
x-xss-protection: 0
server: sffe
etag: "1409 / 9 of 1000 / last-modified: 1669935944"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 02 Dec 2022 03:06:15 GMT

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame D051 424 KB
122 KB 192ms
60ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3677731669950374465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9MZY5MEME9HQ03TB
age: 5709
x-amz-id-2: 7UaKPEOtaaWlvvNTv60CvTty3ogvPNx17K6si9DVANy0nVLYxhE/ONPivjmbG6n78LtZ4+elowc=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIV1PYAfMoZG6e2DG8dzxFEzJOFE4uHXD1ODG9aHmS3Ei8BWD7X009Dx%2Fo6etE5Qhe%2Blb3CEJt6JhrRJ%2Bt8GJh2kYiJrDo8j6SwAFBd85IblUHxbkRqrCCtKsZDfeOFk4cZyHRpGJXoLHYU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7730d87469b37437-LHR

GET
H2 200 p.html Show response
sholke.com/r/ Frame 521B 10 KB
2 KB 63ms
58ms Document
text/html 108.138.17.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=sypmjzam&e=1965574524929
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3677731669950374465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-83.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 38244
content-encoding: br
content-type: text/html
date: Thu, 01 Dec 2022 16:28:51 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-id: RCa7Bcowx_vsvQGxBhEETKAuSo-gY95X5UHzyb_5EnbcGWNYjkVXdA==
x-amz-cf-pop: FRA56-P7
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame 7233 10 KB
2 KB 59ms
58ms Document
text/html 108.138.17.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=kuriin&e=1965574524929
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3677731669950374465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-83.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 38244
content-encoding: br
content-type: text/html
date: Thu, 01 Dec 2022 16:28:51 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-id: NucuhMm4GzzC51PFLHyRtIx56BBy_hfB9cWXErvLCg0OoRxecrCQkg==
x-amz-cf-pop: FRA56-P7
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame FB7F 10 KB
2 KB 57ms
57ms Document
text/html 108.138.17.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=zxkwnuxhs&e=1965574524929
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3677731669950374465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-83.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 38245
content-encoding: br
content-type: text/html
date: Thu, 01 Dec 2022 16:28:51 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-id: 3nkvEkKS653GRaDGVzuZmeKV_5qtXhNWMPF-kPNQ5yDHwI14ILDSqQ==
x-amz-cf-pop: FRA56-P7
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame 86A1 10 KB
2 KB 58ms
57ms Document
text/html 108.138.17.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=betquu&e=1965574524929
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3677731669950374465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-83.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 38245
content-encoding: br
content-type: text/html
date: Thu, 01 Dec 2022 16:28:51 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-id: Uql8amm1019TK97o_8IsleIEpAP265hEZfVAB5SkCCwfeHEqxrlEAg==
x-amz-cf-pop: FRA56-P7
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame 041E 10 KB
2 KB 58ms
58ms Document
text/html 108.138.17.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=xrwaiqgo&e=1965574524929
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3677731669950374465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-83.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 38245
content-encoding: br
content-type: text/html
date: Thu, 01 Dec 2022 16:28:51 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-id: ZMXDt1dPx-AL3JbW2FcriSKdtEkm-o_cQbdQQae2NmGFck5qqL8_yA==
x-amz-cf-pop: FRA56-P7
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame C812 10 KB
2 KB 59ms
58ms Document
text/html 108.138.17.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=eimtsc&e=1965574524929
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3677731669950374465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-83.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 38245
content-encoding: br
content-type: text/html
date: Thu, 01 Dec 2022 16:28:51 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-id: gWkUGpikopSACj6s2ca5AJOMdZZewXlDaLVpT-mXJWviLucq_VTm4A==
x-amz-cf-pop: FRA56-P7
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame C1D7 10 KB
2 KB 63ms
62ms Document
text/html 108.138.17.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=ylraow&e=1965574524929
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3677731669950374465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-83.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 38245
content-encoding: br
content-type: text/html
date: Thu, 01 Dec 2022 16:28:51 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-id: IxaQbC-YAvlBmeKtBbA3CH4-_ri8qkPhJdxo2q609kZwK-xix7MMpQ==
x-amz-cf-pop: FRA56-P7
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame 5865 10 KB
2 KB 60ms
60ms Document
text/html 108.138.17.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=nnibtkoy&e=1965574524929
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3677731669950374465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-83.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 38245
content-encoding: br
content-type: text/html
date: Thu, 01 Dec 2022 16:28:51 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-id: Y9t31D1-ghF0tCHXXOlETYP76S84xwu_ksHLl9HLvT_9HZXyqJ5jcQ==
x-amz-cf-pop: FRA56-P7
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame 3B3E 10 KB
2 KB 65ms
65ms Document
text/html 108.138.17.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=vygrucsc&e=1965574524929
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3677731669950374465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-83.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 38245
content-encoding: br
content-type: text/html
date: Thu, 01 Dec 2022 16:28:51 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-id: UOBihs2O7w-tX_sMkEupS9gzSvLtBnFrmpeIoD2sPJ7JHkp4ZdXjMw==
x-amz-cf-pop: FRA56-P7
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame DA6F 10 KB
2 KB 60ms
59ms Document
text/html 108.138.17.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=efvmujmla&e=1965574524929
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3677731669950374465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-83.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 38245
content-encoding: br
content-type: text/html
date: Thu, 01 Dec 2022 16:28:51 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-id: PwFtkUoQA8z76ujwjts9wZtYe-NsR4yoW9FiDsrUAQa0mUHrUYrVbA==
x-amz-cf-pop: FRA56-P7
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame 178D 10 KB
2 KB 61ms
57ms Document
text/html 108.138.17.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=mtpwcn&e=1965574524929
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3677731669950374465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-83.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 38245
content-encoding: br
content-type: text/html
date: Thu, 01 Dec 2022 16:28:51 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-id: l1BnEm9kO6ruqk9GVLGNEW42Hw0kGmGIlJVnd66MrRwhUPfohsIuDg==
x-amz-cf-pop: FRA56-P7
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame EA57 10 KB
2 KB 63ms
62ms Document
text/html 108.138.17.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=xlgcilhn&e=1965574524929
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3677731669950374465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-83.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 38245
content-encoding: br
content-type: text/html
date: Thu, 01 Dec 2022 16:28:51 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-id: aVPBAk_nLTgiiiyngsmUxG1JsTI6li17GSvhPZ0rW-LR2TkVnMDeHg==
x-amz-cf-pop: FRA56-P7
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame 3730 10 KB
2 KB 66ms
65ms Document
text/html 108.138.17.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=qyeavrze&e=1965574524929
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3677731669950374465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-83.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 38245
content-encoding: br
content-type: text/html
date: Thu, 01 Dec 2022 16:28:51 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-id: r0Uj9DFHWksNdxiOOrYa8pd1xyJEh0s4NkV52ZEaEoOQYl0W24gxwg==
x-amz-cf-pop: FRA56-P7
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
sholke.com/r/ Frame 1092 10 KB
2 KB 64ms
60ms Document
text/html 108.138.17.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sholke.com/r/p.html?f=ehxbikzj&e=1965574524929
Requested by: Host: sholke.com
URL: https://sholke.com/t.js?i=t6vjtkugvap61lmhzkwwc&cb=3677731669950374465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-83.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 38245
content-encoding: br
content-type: text/html
date: Thu, 01 Dec 2022 16:28:51 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-id: 1Tq5qE3Emso_cjN3ggiFACOgcF14XfBXs_zGnvTR_bEUCjcgEWKrKw==
x-amz-cf-pop: FRA56-P7
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK b Show response
mxtads.com/6238012052/ 23 KB
6 KB 184ms
63ms Script
application/javascript 213.196.39.165
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://mxtads.com/6238012052/b
Requested by: Host: aurabom.ru
URL: https://aurabom.ru/player/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.196.39.165 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9f98178c172ee2c1b0a3f4c38d2b1e2bd51ea772fcdaf16c23bf5556183fd030

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: private
Date: Fri, 02 Dec 2022 03:06:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Dec 2022 03:06:15 GMT
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=0
Connection: close
Expires: Fri, 02 Dec 2022 03:06:15 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 65ms
64ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=246870196&t=pageview&_s=1&dl=https%3A%2F%2Ffriends.in.ua%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1409395793&gjid=293176825&cid=1554725003.1669950374&tid=UA-57015589-1&_gid=134330287.1669950374&_r=1&gtm=2oubu0&z=421757094

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://friends.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://friends.in.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-57015589-1&l=viboomGa

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 01:24:43 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6092
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 02 Dec 2022 03:24:43 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9839.JNYqRkw0yZdvv8wfGOaOj3SLf3K-YwTfgOknnjoYra57TYueEYkXTSbo_0T0wszQ.gvjypjt8WQpbHsaFMMtvAAB4uqQ%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9839.7ikry0vRFE5rJIa5MWT26PYjy9YGZm_vnvS5smskfJkJSKirrPQBwq6R4ajc_-3qJy22jxG6MzvLMDIxp_EZRdbyldvVYfjsRq9lTVxdhOc%2C.9bgfeftB3fdppcT00XOGTeubTZo%2C

75 B
75 B

114ms
113ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9839.7ikry0vRFE5rJIa5MWT26PYjy9YGZm_vnvS5smskfJkJSKirrPQBwq6R4ajc_-3qJy22jxG6MzvLMDIxp_EZRdbyldvVYfjsRq9lTVxdhOc%2C.9bgfeftB3fdppcT00XOGTeubTZo%2C

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9839.7ikry0vRFE5rJIa5MWT26PYjy9YGZm_vnvS5smskfJkJSKirrPQBwq6R4ajc_-3qJy22jxG6MzvLMDIxp_EZRdbyldvVYfjsRq9lTVxdhOc%2C.9bgfeftB3fdppcT00XOGTeubTZo%2C
date: Fri, 02 Dec 2022 03:06:15 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET sync_cookie_image_check
mc.yandex.ua/ 0
0

GET
H2 200 pixel.js Show response
x01.aidata.io/ 21 KB
5 KB 92ms
92ms Script
application/javascript 89.108.120.76
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=9a55578d4f950aacbea7b1d918835f8a&v=1669950375400&url=https%3A%2F%2Ffriends.in.ua%2F&is_js_referrer=1&origin_referrer=
Requested by: Host: x01.aidata.io
URL: https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=9a55578d4f950aacbea7b1d918835f8a&v=1669950374734
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51804.reg.regrucolo.ru
Software: nginx /
Resource Hash: 99fa1a22eb84b8ab59977b633e35e1b88a5655b4085a92101b7c437a86106631

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:15 GMT
content-encoding: gzip
last-modified: Fri, 02 Dec 2022 03:06:14 GMT
server: nginx
access-control-allow-methods: GET, POST
content-type: application/javascript
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Fri, 02 Dec 2022 03:06:14 GMT

GET
H3 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D051 381 KB
129 KB 173ms
53ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 02 Dec 2023 03:01:27 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame D051 73 B
83 B 183ms
64ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=friends.in.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cee490fdb12f5a7b47e3c3cb6c07082dbb80d36bac565762799456fde264424d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59
x-xss-protection: 0
expires: Fri, 02 Dec 2022 03:06:15 GMT

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 521B 424 KB
122 KB 58ms
57ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=sypmjzam&e=1965574524929
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9MZY5MEME9HQ03TB
age: 5709
x-amz-id-2: 7UaKPEOtaaWlvvNTv60CvTty3ogvPNx17K6si9DVANy0nVLYxhE/ONPivjmbG6n78LtZ4+elowc=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkxHJ1nhP%2BO3Kjw7zg%2FpUKyf7W9X71mwpxTdHY4M4Rz6h%2BTY2za8g3M8DDbHHJllDyIEmLAm5M6ei7a28bxaEXWL1rvmNg1mVphlogx1yeBZBfvy%2BGqBwaMNoNKIJbZK8SiIFAS9mPGqwu8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7730d8768b467437-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 7233 424 KB
122 KB 62ms
61ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=kuriin&e=1965574524929
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9MZY5MEME9HQ03TB
age: 5709
x-amz-id-2: 7UaKPEOtaaWlvvNTv60CvTty3ogvPNx17K6si9DVANy0nVLYxhE/ONPivjmbG6n78LtZ4+elowc=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxSy8pq41nCJFRAgoI%2BBjHIF%2BbobvWnzWDdciqfYQN%2BFbQJkWJIDaU8wEG%2BGQnyvveytHfBjGcht4Qho%2F2U8N2lb%2FW%2B%2BSvwJYTrW5KL%2FraxTvYKJ9fqEJIc%2FebC1Q7DgYq046CBT4AA2GX8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7730d876cb777437-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame FB7F 424 KB
122 KB 73ms
73ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=zxkwnuxhs&e=1965574524929
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9MZY5MEME9HQ03TB
age: 5709
x-amz-id-2: 7UaKPEOtaaWlvvNTv60CvTty3ogvPNx17K6si9DVANy0nVLYxhE/ONPivjmbG6n78LtZ4+elowc=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UkVN5wV%2FULhQ64XatfQRwdTpzCvZ09KIf%2B8ud3YNWObaIeKRvP1dMaLZGwfGIyVZnsMoTHZBlKWZugE6A1cfkRH2Vg8BqnAthYiQc8xZkF5kVEo1e8dmEL%2BzIu%2FX%2BLRPa8U%2F7UcrbolH%2Fok%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7730d876eb8a7437-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 86A1 424 KB
122 KB 77ms
74ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=betquu&e=1965574524929
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9MZY5MEME9HQ03TB
age: 5709
x-amz-id-2: 7UaKPEOtaaWlvvNTv60CvTty3ogvPNx17K6si9DVANy0nVLYxhE/ONPivjmbG6n78LtZ4+elowc=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uiuTxGpetIXlj6tqWijodVdMHTgfpbHLIJU02PU%2BJabHBagVpc9RYsaRX%2FLhXStB6NNLLpCNz9VfMVHTrWoG58vONYtySgoO4hhx8QCqPm6JB7OO8sdwCeik44YMFcAzioT9umlsulpz%2F4c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7730d8770ba37437-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 041E 424 KB
122 KB 71ms
71ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=xrwaiqgo&e=1965574524929
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9MZY5MEME9HQ03TB
age: 5709
x-amz-id-2: 7UaKPEOtaaWlvvNTv60CvTty3ogvPNx17K6si9DVANy0nVLYxhE/ONPivjmbG6n78LtZ4+elowc=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnxYxObLtvoocwngSh2lYQSuFlDJMOfiPUS84eW1ptFLUG9oEGJfNptkRGmj3%2FiUBh5OSrbg4nfNrahr4NooAKRfNhAIG3m0PKcXqswySXj64PFN%2F99W3E6au1Chaz7LOR%2FahW4QqBfiI4E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7730d8770bac7437-LHR

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 99ms
98ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
etag: "6388ac0c-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 02 Dec 2022 04:06:15 GMT

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame C812 424 KB
122 KB 70ms
70ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=eimtsc&e=1965574524929
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9MZY5MEME9HQ03TB
age: 5709
x-amz-id-2: 7UaKPEOtaaWlvvNTv60CvTty3ogvPNx17K6si9DVANy0nVLYxhE/ONPivjmbG6n78LtZ4+elowc=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QDISObDsBGlvtaVx%2FWdiaT%2Bq85m5giDrovgN3lyVIVtNdY210vwfALQdSD1evaHdqmEfRIDJUffww1lf2ut2eEeH833PvHAbtrrEk49Ujm3oBqLVCIq7YV%2FZVTr%2FIsZQOLIW84c8ye7Wd4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7730d8772bbf7437-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame C1D7 424 KB
122 KB 76ms
75ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=ylraow&e=1965574524929
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9MZY5MEME9HQ03TB
age: 5709
x-amz-id-2: 7UaKPEOtaaWlvvNTv60CvTty3ogvPNx17K6si9DVANy0nVLYxhE/ONPivjmbG6n78LtZ4+elowc=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OnBC77BAQ87ivFI3e%2B9mb%2FWamd7v9n0RDW4W8DGtAYfwprqAd5HM4aMPlpHvsksL8d0UQ%2BUHuS%2FlNBufjuLAWAfkH99ThhjapbQU4HlHcU%2BZoxFdoenXoaWMu5UQ216AbH9Jiw4%2BAUMh8PI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7730d8774bd77437-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 5865 424 KB
122 KB 69ms
68ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=nnibtkoy&e=1965574524929
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9MZY5MEME9HQ03TB
age: 5709
x-amz-id-2: 7UaKPEOtaaWlvvNTv60CvTty3ogvPNx17K6si9DVANy0nVLYxhE/ONPivjmbG6n78LtZ4+elowc=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5MazmgVJSw4CxNlGCBHfujsX6qzL%2FzuoMj50CHv8T%2FUPLjJp0E9vUD56GlTDe9pOpyx1YWVE9WHrKtMbJTlV47cL9LSewCmI%2F%2F13QvQDeZh23smGslVHB23eBSWjQTG8e1VuFFyHIJsJR8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7730d8775be07437-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 3B3E 424 KB
122 KB 67ms
66ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=vygrucsc&e=1965574524929
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9MZY5MEME9HQ03TB
age: 5709
x-amz-id-2: 7UaKPEOtaaWlvvNTv60CvTty3ogvPNx17K6si9DVANy0nVLYxhE/ONPivjmbG6n78LtZ4+elowc=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hp9CoygrAZxC%2FCLQi8CELq1GL8cMmTmqX3RxY7wMEaeD7zxjYNfPJOh4ggP7rPyNymEB2B6iBN0UTcyYInpnfHoRgfxVyeTCz5emYabsRHdGgOgmJ%2FhHH%2BLaDqJ8txJoqyqynDQkN03qp6U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7730d8776bf17437-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame DA6F 424 KB
122 KB 68ms
67ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=efvmujmla&e=1965574524929
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9MZY5MEME9HQ03TB
age: 5709
x-amz-id-2: 7UaKPEOtaaWlvvNTv60CvTty3ogvPNx17K6si9DVANy0nVLYxhE/ONPivjmbG6n78LtZ4+elowc=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ik94mlwGttUOVNn2LLd2NLSZf%2BYTSZV0PZBup1ry0zcJoe6ljS%2FApq8UdHac%2BQKnoqwvFyqwDZYhLbANp1POtn%2BlSOGghvjhhMvJzOEyuOlzwkT4LsIRW9q%2BGlIYd87KRJiBdW0jTz9RyMg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7730d8777bfd7437-LHR

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame D051 171 B
555 B 293ms
126ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://friends.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://friends.in.ua
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame D051 144 B
1 KB 274ms
111ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a9f6b15742c22af02f9aa660127b7c551aa7b00682c2e1464ef60c64e8771d5d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://friends.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:15 GMT
AN-X-Request-Uuid: b0aa00db-0ac1-4163-bd80-0ddb0a79177b
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://friends.in.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 / Show response
shb.richaudience.com/hb/ Frame D051 0
230 B 231ms
69ms XHR
text/html 157.90.0.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.13.0.90.157.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://friends.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
content-encoding: gzip
server: nginx/1.14.2
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://friends.in.ua
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame D051 0
215 B 194ms
38ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=68649586851&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://friends.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://friends.in.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame D051 171 B
555 B 277ms
122ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://friends.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:14 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://friends.in.ua
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame D051 0
176 B 184ms
51ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://friends.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://friends.in.ua
date: Fri, 02 Dec 2022 03:06:15 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 178D 424 KB
122 KB 61ms
58ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=mtpwcn&e=1965574524929
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9MZY5MEME9HQ03TB
age: 5709
x-amz-id-2: 7UaKPEOtaaWlvvNTv60CvTty3ogvPNx17K6si9DVANy0nVLYxhE/ONPivjmbG6n78LtZ4+elowc=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrQ3S%2BsfIzI0LLIusZ2ZPKePqdaBvjKoFQHM05m1uKijomgBfrlx43pvaxO6%2B3nIZb1inducuQV3z8qbWfrIjJI6I72LB1oPzMiQhAwXE5C4o1S0zf2yAc9DNJdtXLQdvoex8ZP0rtXORWM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7730d877cc357437-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame EA57 424 KB
122 KB 62ms
61ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=xlgcilhn&e=1965574524929
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9MZY5MEME9HQ03TB
age: 5709
x-amz-id-2: 7UaKPEOtaaWlvvNTv60CvTty3ogvPNx17K6si9DVANy0nVLYxhE/ONPivjmbG6n78LtZ4+elowc=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jC5MbDonmTDxIniim6mbgSpDseFe02%2BGFYFyA7GMvoKpecKBZ3pfjYPP6E47B22r9MNhuBhueSMqUoiW9qAGCvqdA9pftgBdiO2gGKtcBV4JuIy5cUglf50f3M%2Fffzp8Nk4L%2FNb4FEPHtaU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7730d877ec457437-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 3730 424 KB
122 KB 58ms
57ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=qyeavrze&e=1965574524929
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9MZY5MEME9HQ03TB
age: 5709
x-amz-id-2: 7UaKPEOtaaWlvvNTv60CvTty3ogvPNx17K6si9DVANy0nVLYxhE/ONPivjmbG6n78LtZ4+elowc=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEqosQfiuEmbMBUXIG2PIris3FvfBOxKEEQee6X0jqAXyM2Xdxds1FhwroMYuEdN8u9d5WkJ7WFvEP1uqnc6jXHYVcgdc1n%2BMoW7Ptmy6Kx602v%2BLA0FvHMuSfOaFHCvDkuxt4ys7CCvZkM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7730d877fc547437-LHR

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 1092 424 KB
122 KB 72ms
72ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=ehxbikzj&e=1965574524929
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9MZY5MEME9HQ03TB
age: 5709
x-amz-id-2: 7UaKPEOtaaWlvvNTv60CvTty3ogvPNx17K6si9DVANy0nVLYxhE/ONPivjmbG6n78LtZ4+elowc=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBZQe%2BYt2heovVXdAmyC1tn6GEKwQl05QDZ%2BIGcNiG%2BUriE%2FCgQDY1XcGQJVaxNpr7soqYUBIYniA3D8H1JAGwdWw1alGro%2F0liA2Aheshlv%2BEPZfDAm24k%2B07yrkiIxe0erMi48XlKUSOM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7730d8781c627437-LHR

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 521B 171 B
552 B 128ms
128ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 521B 0
172 B 51ms
50ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Fri, 02 Dec 2022 03:06:16 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 521B 0
211 B 57ms
56ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=13776643385&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 521B 19 KB
5 KB 139ms
139ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: f252dbd82ab06b1186225d8814613c9d34c7d2d22c435034c35a0b9b5f274e40

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 521B 16 KB
7 KB 131ms
126ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

2971bae205271275280c9a2a71dcd2cb604459ed6a9104b5df9bf400da564533

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Dec 2022 03:06:16 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2bb90cdb-7246-49c0-b0f1-bb7ca8d8360d
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame D051 107 B
122 B 179ms
69ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=friends.in.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame D051 107 B
122 B 206ms
74ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=friends.in.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D051 587 B
345 B 98ms
97ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3477844337653359&correlator=1035097793550991&eid=31069126%2C31068366&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=21671350435%3A22643588514%2C300x600-friends.in.ua&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=651839845&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D83058ef49f46dcc0-22fd419257b400aa%3AT%3D1669950374%3ART%3D1669950374%3AS%3DALNI_MZ6siQP5FEwI5JeE1PZ5Z2_7MZOTA&gpic=UID%3D00000b8b5ac5fb55%3AT%3D1669950374%3ART%3D1669950374%3AS%3DALNI_MbxJSZ3jy7MqHMtT8EM71NmDmLQig&abxe=1&dt=1669950376252&lmt=1669950376&dlt=1669950374944&idt=996&adxs=1115&adys=100&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=siww149xyhrl&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Ffriends.in.ua%2F&ref=https%3A%2F%2Ffriends.in.ua%2F&top=https%3A%2F%2Ffriends.in.ua%2F&frm=23&vis=1&psz=300x600&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1554725003.1669950374&ga_sid=1669950376&ga_hid=2138546646&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fa0a971b176457437c61793137feed7b69111a113edb6fdbd48f27426c59a36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://friends.in.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D051 14 KB
11 KB 223ms
71ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec2647bc2820df7d8d20d1b41c2e28654947a92bf62d1d747284a0ad315b6580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11115
x-xss-protection: 0

GET
H2 200 container.html Show response
f273649fde4f53042c4e20b74d050e27.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 721F 6 KB
3 KB 232ms
62ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f273649fde4f53042c4e20b74d050e27.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:16 GMT
expires: Sat, 02 Dec 2023 03:06:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 7233 0
211 B 66ms
65ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=67607342726&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:06:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 7233 0
172 B 60ms
60ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Fri, 02 Dec 2022 03:06:16 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 7233 21 KB
6 KB 139ms
139ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: b1cfd3919b372790a78351ed88e8df02e241d2b8028f70ff7db4419f7dfad30f

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 7233 171 B
552 B 120ms
119ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7233 14 KB
6 KB 132ms
132ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

af38edd2b55598c29544e9fb87533f8e7881f1a1c3a6645564941689a97dcb09

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Dec 2022 03:06:16 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 52987e10-550b-48d0-92e9-4708e51e3967
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 86A1 14 KB
7 KB 222ms
151ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

1bd63a8052943e4648444083f347b8fa9454ed2cb907ff0f530b6c4b5de429df

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Dec 2022 03:06:16 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 772297f3-993c-4852-9dd0-19003273eede
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 86A1 0
211 B 65ms
57ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=41544003879&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 86A1 19 KB
5 KB 163ms
139ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: c0b815b24999b9247906f92aab02a04b01e4b75fe75440c6466442a2db6f20e7

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 86A1 19 KB
5 KB 185ms
129ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: bab5ce7c7073c85f122783a4ea77abacb08645a251381852f584f39d17e172a7

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 86A1 0
172 B 52ms
50ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Fri, 02 Dec 2022 03:06:16 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 041E 0
172 B 52ms
50ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Fri, 02 Dec 2022 03:06:16 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 041E 21 KB
6 KB 236ms
133ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: 6a31512c422cac068ecfe6d4d00ff74b777f47a3aafa62d5e2a1873033b33d0f

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 041E 21 KB
5 KB 233ms
131ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: 7299c1b4670f68075ab7f2ecd08613a203bfc6f09791fa04788978e0b4e91077

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 041E 14 KB
6 KB 205ms
116ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4838d99caca263728bafafda941a3217c3a346ab04d316c64f40c8e2a5acdb8c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Dec 2022 03:06:16 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c9727035-c0e3-4085-8ec7-6131e6cd9a4e
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 041E 0
211 B 57ms
56ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=75563189414&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:06:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame FB7F 0
211 B 72ms
68ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=99890040992&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame FB7F 14 KB
7 KB 316ms
241ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

64d746754c5ba6667be8c7032aefad188f3020e04ae2d860633939e6681228be

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Dec 2022 03:06:16 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d5694be5-e983-4afb-8692-7e3d6bd013b9
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame FB7F 19 KB
5 KB 219ms
145ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: cf7831c6f7020ad1fe08bcd7ebc754fce36b9d583df02795c71f3b0d28040dbf

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame FB7F 0
172 B 69ms
68ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Fri, 02 Dec 2022 03:06:16 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame FB7F 19 KB
5 KB 216ms
144ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: f51da656e75209593e6e829ac4939ff91d105abf0bae88be7fc8fad921342bfe

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:16 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame C812 171 B
552 B 127ms
126ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame C812 0
172 B 57ms
56ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Fri, 02 Dec 2022 03:06:16 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame C812 21 KB
5 KB 133ms
132ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: 7b5391d445d99ff7cd6916b249736f15cbd748c861afe04854008a43e69fff5b

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C812 16 KB
7 KB 144ms
120ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

234f3d9ead3cd9d229f47bbc7829aec54325e0d32f0ac4845dc2caafdce2dafb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Dec 2022 03:06:16 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1c6b7c44-63f8-438b-9faa-8b16ef787c10
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame C812 0
211 B 77ms
56ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=42727830243&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:06:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 3B3E 19 KB
5 KB 180ms
140ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: c26b8a70f92035adae17882779c83869226d7ab70ad3c55eaf366c165c744fc5

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:16 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 3B3E 0
172 B 54ms
50ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Fri, 02 Dec 2022 03:06:16 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 3B3E 0
211 B 59ms
57ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=82346143287&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:06:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3B3E 14 KB
7 KB 142ms
128ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c56e7a5a0d46c97aad190fb2b2b8e1fbcd19a24ca7bf87fa7bc1a173f3c48617

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Dec 2022 03:06:16 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 70c36408-7f97-4dca-8385-da25955ec6c6
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame C1D7 0
172 B 57ms
50ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Fri, 02 Dec 2022 03:06:16 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame C1D7 171 B
552 B 151ms
120ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame C1D7 21 KB
6 KB 211ms
119ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: c4a69f5f1de2dcf7fc9834dbc5d95701623e89ca25702dd981af33ebd7a3ef97

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C1D7 16 KB
7 KB 138ms
134ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

09fd4b3ee4c7076bbbda64f207e83829876b33b7fbb4a0638d102a0d6c1f3ba9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Dec 2022 03:06:16 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: bc420fcd-35b3-4424-bcf6-214c8cd02433
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame C1D7 0
211 B 58ms
55ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=8464485202&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:06:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 5865 21 KB
6 KB 219ms
130ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: 961ffeb4261664d4b8fb9cbdd65afa9290174e1045f1cdc8f193a3a3c31336ef

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:16 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 5865 0
172 B 51ms
51ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Fri, 02 Dec 2022 03:06:16 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 5865 0
211 B 59ms
57ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=14676062014&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:06:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 5865 171 B
552 B 208ms
123ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:16 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5865 14 KB
7 KB 203ms
120ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

1f497d7bd08c7267512137e490ef6d5e5bd7f722211df2b26d4e53779102cc2c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Dec 2022 03:06:16 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a130f23b-10da-441f-9efe-b17053ef3b5b
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 178D 0
172 B 51ms
50ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Fri, 02 Dec 2022 03:06:16 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 178D 0
211 B 62ms
62ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=71094403597&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:06:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 178D 19 KB
5 KB 244ms
153ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: 85c94e325af24b4fbc965162e86e9a959215c97c6bf6e989e5484838b8f8dac0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 178D 14 KB
7 KB 214ms
118ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4fbdc876e2ca2d8a15da14df894f7e3beb94ad3f032e76e87ca4d9cf67d45e22

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Dec 2022 03:06:16 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c3af41ba-b597-4686-9ab6-620958cfbee7
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame DA6F 0
211 B 73ms
72ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=94547549432&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:06:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame DA6F 21 KB
6 KB 285ms
161ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: 29d5b5ce2e9dc4ac1b5a1c0b0a59171ca6f6a489766cf04f1709172b7db4dea9

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame DA6F 0
172 B 63ms
62ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Fri, 02 Dec 2022 03:06:16 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame DA6F 16 KB
7 KB 204ms
115ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

9a320a9d03f0e5da1cba1723aa068858b57577592e75fa1d3d452cd20f9b112d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Dec 2022 03:06:16 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 10e1ebbe-91f8-4ffb-803f-8658d5e97260
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame EA57 21 KB
6 KB 272ms
148ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: b4ad7371dfc345075752b74a0e82afcccf2b2d7df83dd9bdb911599c1a5b8f59

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame EA57 0
211 B 62ms
55ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=2334646444&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame EA57 0
172 B 78ms
72ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Fri, 02 Dec 2022 03:06:16 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame EA57 14 KB
7 KB 314ms
228ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d61211db4c5b6571434938770721be10d58117857a195414b23d401bdd403ece

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Dec 2022 03:06:16 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a63b9941-866b-46bd-ae16-e957cd4f9e59
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/36124145/
Redirect Chain

https://mc.yandex.com/watch/36124145?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Assb7e99gu042u1d5clb78%3Afp%3A1233%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3A...
https://mc.yandex.com/watch/36124145/1?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Assb7e99gu042u1d5clb78%3Afp%3A1233%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%...

447 B
529 B

111ms
109ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/36124145/1?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Assb7e99gu042u1d5clb78%3Afp%3A1233%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1437930491072%3Ahid%3A669828487%3Az%3A0%3Ai%3A20221202030615%3Aet%3A1669950375%3Ac%3A1%3Arn%3A604806634%3Arqn%3A1%3Au%3A1669950375958593397%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C116%2C562%2C54%2C147%2C0%2C%2C1139%2C13%2C%2C%2C%2C2019%3Aco%3A0%3Acpf%3A1%3Ans%3A1669950372278%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669950377%3At%3A%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ab508518c3900bd62b4db9267cba1c87b581fc79cf8344baccbe6c960543ee1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 02-Dec-2022 03:06:16 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://friends.in.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 03:06:16 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:16 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 02-Dec-2022 03:06:16 GMT
location: /watch/36124145/1?wmode=7&page-url=https%3A%2F%2Ffriends.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Assb7e99gu042u1d5clb78%3Afp%3A1233%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1437930491072%3Ahid%3A669828487%3Az%3A0%3Ai%3A20221202030615%3Aet%3A1669950375%3Ac%3A1%3Arn%3A604806634%3Arqn%3A1%3Au%3A1669950375958593397%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C116%2C562%2C54%2C147%2C0%2C%2C1139%2C13%2C%2C%2C%2C2019%3Aco%3A0%3Acpf%3A1%3Ans%3A1669950372278%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669950377%3At%3A%D0%94%D0%B8%D0%B2%D0%B8%D1%82%D0%B8%D1%81%D1%8F%20%D0%BA%D1%83%D0%BB%D1%8C%D1%82%D0%BE%D0%B2%D1%96%20%D0%A1%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%82%D0%B0%20%D0%9C%D1%83%D0%BB%D1%8C%D1%82%D1%81%D0%B5%D1%80%D1%96%D0%B0%D0%BB%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%BE%D1%8E%20%D0%BC%D0%BE%D0%B2%D0%BE%D1%8E%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D1%96%20FRIENDS&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://friends.in.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 02-Dec-2022 03:06:16 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3730 14 KB
7 KB 178ms
123ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0caf2f9b5a4368c80a761076c051fe3d88ea575d140069f538643487bb6b42a5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Dec 2022 03:06:16 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2093d1bd-1f25-4576-9bec-00d5d0d00c32
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 3730 0
211 B 57ms
57ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=28263634082&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:06:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 3730 0
172 B 53ms
53ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Fri, 02 Dec 2022 03:06:16 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 3730 21 KB
6 KB 269ms
138ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: 82bfe3602a4316b1840cccabb274a15d6950519634165d6b4f550d43dc6b915e

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:16 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1092 14 KB
6 KB 215ms
121ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b6fa50ad4dd55c55cd90a64441a81c427cea26135af2327fcd89fbc06638b937

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Dec 2022 03:06:16 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f7daf825-d53a-4741-8c30-988324ddd6f4
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 1092 0
172 B 51ms
49ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://sholke.com
date: Fri, 02 Dec 2022 03:06:16 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 1092 0
211 B 58ms
57ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=69983013913&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 02 Dec 2022 03:06:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 1092 19 KB
5 KB 267ms
145ms XHR
application/json 178.32.210.227
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS: ip227.ip-178-32-210.eu
Software: /
Resource Hash: 101967ae20b4ae6668c9417ecd33752510bbf2c7d3f50619f83b8a23c862262e

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:16 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sholke.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 client Show response
ssl.connextra.com/FIFA/selector/ Frame 0BE8 1002 B
1 KB 274ms
98ms Document
text/html 23.79.149.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_DE_300x600&_cb=1527560491&apnauc=5831884733180408428&bidid=5831884733180408428&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?A_xHpuEcuj8yXdKfCz-rPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP2zyPSREBO9QGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAByPXXQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21fhq_IwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMDlA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjUzMDk=/bn=93154/clickenc=
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.149.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-149-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 407ab6cda49213e3f563632338251c4b87d9b79571dc2058bb0f2c845325532f

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 688
content-type: text/html;charset=utf-8
date: Fri, 02 Dec 2022 03:06:16 GMT
expires: Fri, 02 Dec 2022 03:06:16 GMT
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
pragma: no-cache
vary: * Accept-Encoding
x-served-by: vlp-cxtadsrv05.connextra.net

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4A54 52 KB
17 KB 262ms
73ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:16 GMT
ETag: "623de86a-cf34"
Expires: Sat, 03 Dec 2022 03:06:18 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame FD7F 0
815 B 192ms
57ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLdGPQXAV0MAAADANYABQEIqNelnAYQ7OT3ocKIwfdQGJrg8Kii_5P1bio2CQP8R6bhHLo_ETJd0p8LP6s_GQAAACCF68E_IZJClnGgFcE_KY-NQLyuX9A_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXji1wWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCAwKTt1ZigncycsIDI4MDA1OTkwMSwgMCk7dWYoJ3InLCAzOTgxNzg1NDYFVfCLkgL9DiFUNTlPWEFqQTRJSWFFUEx4N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnVW1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQlFqYWtQYUZmMERfQkFVSTJwRDJoWDlBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJPXzJ3UDFBVDNjREQtWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STJfckhKaEFMR0FJdEEBQ9hMb0RDVVpTUVRFNk5UTXdPZUFEOGktQUJLU2oxUW1JQkoybTFRbVFCQUdZQkFHcUJOVUhDUF9fFQIId0VRFQwUX19fQVJqAQcNAQw4QklQDQsBAQh3RW8BBxEBCEFURBELFF9fXzhCTzIsAARGQQEWEQEEQVU2WAAAVTYsAABZESgBAQRBVzZYAABhNiwAAHcBJBEBBEFYNlgACGdBSBEbBZQAaToQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FMAfkNAQg4Qmk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAABGdBLi0CIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBVC38AQEhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FYAfkNASEANhAAAGs6EAAAbToQAJhzZ1FKQ0w3cUVSQzY0YUlOdWdRWkNPMElFYmdlaGV0UnVKNF9HUUGhegUBAEkBLDxjRUV1QjZGNjFHNG5qX0pCBRoJARQyQVFBOFEuMQCQZ0Z2U21RQmZpVFVKZ0ZfYl9GaFFHcEJScUdqNGdwa2U0X3NRVQE9IGdwNGJpUDhFRgENEElLZUc0AVwBSxxNRGVQTzRfMAkoCQEETmsFKAEBwXjwQEJmREhBZkFGczctckNmZ0Y5X0dmQTRJR0ExVlRSSWdHQkpBR0FaZ0dBS0VHbXBtWm1abVo3VC1vQmdTeUJpUUpBAUkJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIWZocV9JdzqBBzRJdXlsUUVnQUNnQU1acQVtWG1lMF9PZ2xHVWtFeE9qVXpNRGxBOGk5FXkIOEQ5HXkAQh15BEJoOW0EOXABfwkBBEJ4CQgBAQxCNEFJLokH8D44LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL_ICEQoGQURWX0lEEgc2ODEzOTQz8gISCgZDUEcBFAgIMTkWmQgBFQgFQ1ABFBQJMjgwMDUOmAg88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEEBzcWIgkA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8PWAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuMzioBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjUzMDnaBAIIAeAEAfAE8vHuvQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjY1NDa4BgDBBgAAAAAAAPA_0AapJdoGFgoQAAABRRkBYBAAGADgBgHyBocBCPiTUBKAAVRSU1hXbG9Ba-BEQUFrQ0JRRUlfOXVKQ0JEZGtPSUNHTy1GblFNZ0J5Z1VRT1BuMUFkSTNJRFlCMUR5TDFpU00zRUEBPQUBDEhnQWciQwoMQUFBSRqDCixKb0JBZ2dBcUFFQXMuIAA8QS4ugAcBiAcAoAcBugcPCAWgACAhTTC6BkAAyAfi1wXSBw0JCcAENEABvgjaBwYJJ2jgBwDqBwIIAPAH7vYDiggCEACVCAAAgD-YCAE.&s=b587211f1f1ce7585ab589dafb8cf017b189fec2&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dsypmjzam%26e%3D1965574524929,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dsypmjzam%26e%3D1965574524929&

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:16 GMT
AN-X-Request-Uuid: da3eee5b-8d9e-408b-a34f-9e68fd112703
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/231/ Frame FD7F 80 KB
27 KB 218ms
53ms Script
application/x-javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/231/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires: Thu, 30 Nov 2023 10:07:30 GMT
Date: Fri, 02 Dec 2022 03:06:16 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 147526
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27455
X-Served-By: cache-lga13620-LGA, cache-hhn4021-HHN
Last-Modified: Wed, 30 Nov 2022 10:07:25 GMT
Server: AkamaiNetStorage
X-Timer: S1669950377.962435,VS0,VE0
ETag: "48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 608336

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame FD7F 0
815 B 229ms
57ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QLGFvQXAUYLAAADANYABQEIqNelnAYQ7OT3ocKIwfdQGJrg8Kii_5P1bio2CQP8R6bhHLo_ETJd0p8LP6s_GQAAACCF68E_IZJClnGgFcE_KY-NQLyuX9A_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXji1wWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCAwKTt1ZigncycsIDI4MDA1OTkwMSwgMCk7dWYoJ3InLCAzOTgxNzg1NDYFVfCLkgL9DiFUNTlPWEFqQTRJSWFFUEx4N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnVW1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQlFqYWtQYUZmMERfQkFVSTJwRDJoWDlBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJPXzJ3UDFBVDNjREQtWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STJfckhKaEFMR0FJdEEBQ9hMb0RDVVpTUVRFNk5UTXdPZUFEOGktQUJLU2oxUW1JQkoybTFRbVFCQUdZQkFHcUJOVUhDUF9fFQIId0VRFQwUX19fQVJqAQcNAQw4QklQDQsBAQh3RW8BBxEBCEFURBELFF9fXzhCTzIsAARGQQEWEQEEQVU2WAAAVTYsAABZESgBAQRBVzZYAABhNiwAAHcBJBEBBEFYNlgACGdBSBEbBZQAaToQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FMAfkNAQg4Qmk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAABGdBLi0CIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBVC38AQEhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FYAfkNASEANhAAAGs6EAAAbToQAJhzZ1FKQ0w3cUVSQzY0YUlOdWdRWkNPMElFYmdlaGV0UnVKNF9HUUGhegUBAEkBLDxjRUV1QjZGNjFHNG5qX0pCBRoJARQyQVFBOFEuMQCQZ0Z2U21RQmZpVFVKZ0ZfYl9GaFFHcEJScUdqNGdwa2U0X3NRVQE9IGdwNGJpUDhFRgENEElLZUc0AVwBSxxNRGVQTzRfMAkoCQEETmsFKAEBwXjwQEJmREhBZkFGczctckNmZ0Y5X0dmQTRJR0ExVlRSSWdHQkpBR0FaZ0dBS0VHbXBtWm1abVo3VC1vQmdTeUJpUUpBAUkJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIWZocV9JdzqBBzRJdXlsUUVnQUNnQU1acQVtWG1lMF9PZ2xHVWtFeE9qVXpNRGxBOGk5FXkIOEQ5HXkAQh15BEJoOW0EOXABfwkBBEJ4CQgBAQxCNEFJLokH9AUBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuMzioBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjUzMDnaBAIIAeAEAfAE8vHuvQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjY1NDa4BgDBBgk1KPA_0AapJdoGFgoQCREZAWAQABgA4AYB8gaHAQj4k1ASgAFUUlNYV2xvIVTgREFBa0NCUUVJXzl1SkNCRGRrT0lDR08tRm5RTWdCeWdVUU9QbjFBZEkzSURZQjFEeUwxaVNNM0VBAT0FAQxIZ0FnIiwJDEFBQUkabAksSm9CQWdnQXFBRUFzLiAAPEEuLoAHAYgHAKAHAboHDwgFoEQgADAAOLoGQADIB-LXBdIHDQkJwAQ0QAG-CNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=f0b69b46e842f011b14a7a623ef5b07c5bc1e145

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:16 GMT
AN-X-Request-Uuid: 6ee17009-a39b-4fc5-9a63-baf807623924
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D051 17 KB
7 KB 188ms
66ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:06:16 GMT

GET
H2 200 client Show response
ssl.connextra.com/FIFA/selector/ Frame 2685 1001 B
1 KB 240ms
121ms Document
text/html 23.79.149.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_DE_300x600&_cb=276731986&apnauc=2072409584920642530&bidid=2072409584920642530&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?CY9SCZo7zz8-v05TVEvAPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP-JDT5KJrcIcGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA1yKuIwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21fhrFIwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU0NDRA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU0NDQ=/bn=93351/clickenc=
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.149.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-149-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: defd1ddb5e6e34159db098e3821f303578bb67764367d9477f2b1dc58906e944

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 689
content-type: text/html;charset=utf-8
date: Fri, 02 Dec 2022 03:06:17 GMT
expires: Fri, 02 Dec 2022 03:06:17 GMT
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
pragma: no-cache
vary: * Accept-Encoding
x-served-by: vlp-cxtadsrv11.connextra.net

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A573 52 KB
17 KB 229ms
63ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:17 GMT
ETag: "623de86a-cf34"
Expires: Sat, 03 Dec 2022 03:06:19 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame C2C5 0
815 B 141ms
57ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QK9DvQXAT0HAAADANYABQEIqNelnAYQ4oe9kpmxq-EcGJrg8Kii_5P1bio2CQmPUgmaO88_ET6_TlNUS8A_GQAAACCF68E_IZJClnGgFcE_KY-NQLyuX9A_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXin2QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCAwKTt1ZigncycsIDI4MDA1OTkwMSwgMCk7dWYoJ3InLCAzOTgxNzg1NDYFVfCLkgLdBCFsSC1wcmdqQTRJSWFFUEx4N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnVW1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQlFqYWtQYUZmMERfQkFVSTJwRDJoWDlBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJPXzJ3UDFBVDNjREQtWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STJfckhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVFEwTk9BRDhpLUFCS1NqMVFtSUJKMm0xUW1RQkFHWUJBR3lCQWtJdnVvUkVMcmhvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHIaUFYRUtwQUYtSk5RbUFYOXY4V0ZBYWtGR29hUGlDbVI3ai14QlFBQUFDQ25odUlfd1FVATogZ3A0YmlQOGtGAQ0gd040ODdqX1JCASgNAQAyCSgBdMh3UC1BRjhNY0I4QVd6djZzSi1BWDM4WjhEZ2dZRFZWTkVpQVlFa0FZQm1BWUFvUWFhbVoBAjBudFA2Z0dCTElHSkFrAUkJAQBCHc8EQmsJFAEBAEMdGERMZ0dDZy4umgKZASFmaHJGSXc6YQI4SXV5bFFFZ0FDZ0FNWnFaAW9cbWUwX09nbEdVa0V4T2pVME5EUkE4aTlKAVwBAQw4RDlSAQgJAQRCWgkIAQEEQmg5jQQ5cAESCQEEQngJCAEBQa0uaQLwPjgu2AIA4AKbhU7qAhZodHRwczovL2ZyaWVuZHMuaW4udWEv8gIRCgZBRFZfSUQSBzY4MTM5NDPyAhIKBkNQRwEUCAgxOWl5ARUIBUNQARRkCTI4MDA1OTkwMfICDQoIQURWX0ZSRVESATAFEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8IQ1BHFQ8QCwoHQ1AVDhAQCgVJTwFhBAc3iQIA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8PWAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuMzioBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjU0NDTaBAIIAeAEAfAE8vHuvQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjU2Nzi4BgDBBgAAAAAAAPA_0AapJdoGFgoQAAABRRkBYBAAGADgBgHyBocBCPiTUBKAAVRoU2hXVm9Ba9hEQUFrQ0JRRUlfOXVKQ0JEZGtPSUNHTy1GblFNZ0J5Z0FRT1BuMUFkSTNJRFlCMUR5TDFpdUxIfT8MSGdBZ7UjDEFBQUmtYyxKb0JBZ2dBcUFFQXMuIAA8QS4ugAcBiAcAoAcBugcPCAWgACAhTTC6BkAAyAen2QXSBw0JCcAENEABvgjaBwYJJ2jgBwDqBwIIAPAH7vYDiggCEACVCAAAgD-YCAE.&s=2621fff746315cf08676339e4ac27bbd11a27745&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dkuriin%26e%3D1965574524929,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dkuriin%26e%3D1965574524929&

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:16 GMT
AN-X-Request-Uuid: c486bed3-ed94-4ca0-8d7f-cec5148a9f04
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/231/ Frame C2C5 80 KB
27 KB 169ms
55ms Script
application/x-javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/231/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires: Thu, 30 Nov 2023 10:07:30 GMT
Date: Fri, 02 Dec 2022 03:06:16 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 147526
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27455
X-Served-By: cache-lga13620-LGA, cache-hhn4061-HHN
Last-Modified: Wed, 30 Nov 2022 10:07:25 GMT
Server: AkamaiNetStorage
X-Timer: S1669950377.967530,VS0,VE0
ETag: "48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 607608

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame C2C5 0
815 B 219ms
84ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QKmDPQXASYGAAADANYABQEIqNelnAYQ4oe9kpmxq-EcGJrg8Kii_5P1bio2CQmPUgmaO88_ET6_TlNUS8A_GQAAACCF68E_IZJClnGgFcE_KY-NQLyuX9A_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXin2QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCAwKTt1ZigncycsIDI4MDA1OTkwMSwgMCk7dWYoJ3InLCAzOTgxNzg1NDYFVfCLkgLdBCFsSC1wcmdqQTRJSWFFUEx4N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnVW1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQlFqYWtQYUZmMERfQkFVSTJwRDJoWDlBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJPXzJ3UDFBVDNjREQtWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STJfckhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVFEwTk9BRDhpLUFCS1NqMVFtSUJKMm0xUW1RQkFHWUJBR3lCQWtJdnVvUkVMcmhvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHIaUFYRUtwQUYtSk5RbUFYOXY4V0ZBYWtGR29hUGlDbVI3ai14QlFBQUFDQ25odUlfd1FVATogZ3A0YmlQOGtGAQ0gd040ODdqX1JCASgNAQAyCSgBdMh3UC1BRjhNY0I4QVd6djZzSi1BWDM4WjhEZ2dZRFZWTkVpQVlFa0FZQm1BWUFvUWFhbVoBAjBudFA2Z0dCTElHSkFrAUkJAQBCHc8EQmsJFAEBAEMdGERMZ0dDZy4umgKZASFmaHJGSXc6YQI4SXV5bFFFZ0FDZ0FNWnFaAW9cbWUwX09nbEdVa0V4T2pVME5EUkE4aTlKAVwBAQw4RDlSAQgJAQRCWgkIAQEEQmg5jQQ5cAESCQEEQngJCAEBQa0uaQL0BQE4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNODIuMTk5LjEzMC4zOKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI0ZSQTE6NTQ0NNoEAggB4AQB8ATy8e69AYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbYi-gUECAAQAJAGAJgGAKIGDzEwMjY0I0ZSQTE6NTY3OLgGAMEGCTUo8D_QBqkl2gYWChAJERkBYBAAGADgBgHyBocBCPiTUBKAAVRoU2hXVm8hVNhEQUFrQ0JRRUlfOXVKQ0JEZGtPSUNHTy1GblFNZ0J5Z0FRT1BuMUFkSTNJRFlCMUR5TDFpdUxIXSgMSGdBZ5UMDEFBQUmNTCxKb0JBZ2dBcUFFQXMuIAA8QS4ugAcBiAcAoAcBugcPCAWgRCAAMAA4ugZAAMgHp9kF0gcNCQnABDRAAb4I2gcGCSdo4AcA6gcCCADwB-72A4oIAhAAlQgAAIA_mAgB&s=808da0bce40c35ee8d56a17ccfd4770bbdf344e0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:16 GMT
AN-X-Request-Uuid: 005cf934-9b4c-4a7e-a017-cb5c4787774f
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 2E47 34 KB
11 KB 290ms
63ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
ETag: "afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11137

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 4DE3
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

281 B
554 B

227ms
61ms

Document
text/html

23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Dec 2022 03:06:17 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 02 Dec 2022 03:06:17 GMT
location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server: AkamaiGHost

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 6791 34 KB
11 KB 275ms
66ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
ETag: "afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11137

GET
H2 200 client Show response
ssl.connextra.com/FIFA/selector/ Frame 63AF 1002 B
1 KB 185ms
137ms Document
text/html 23.79.149.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_DE_300x600&_cb=1149004572&apnauc=2726967389647139504&bidid=2726967389647139504&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?A_xHpuEcuj8yXdKfCz-rPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP7Dy_Y1kItglGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAcCTV1wAAAAA./bcr=AAAAAAAA8D8=/cnd=%21fRqFIwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1NTBA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjY1NTA=/bn=99138/clickenc=
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.149.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-149-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0a38062a76227e5634cd6420c2b870edc5d9e1f09a80f051127e830348c97e64

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 688
content-type: text/html;charset=utf-8
date: Fri, 02 Dec 2022 03:06:17 GMT
expires: Fri, 02 Dec 2022 03:06:17 GMT
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
pragma: no-cache
vary: * Accept-Encoding
x-served-by: vlp-cxtadsrv01.connextra.net

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6C0F 52 KB
17 KB 223ms
71ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:17 GMT
ETag: "623de86a-cf34"
Expires: Sat, 03 Dec 2022 03:06:19 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame C85A 0
815 B 123ms
99ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLdGPQXAV0MAAADANYABQEIqNelnAYQsOX378jMiOwlGJrg8Kii_5P1bio2CQP8R6bhHLo_ETJd0p8LP6s_GQAAACCF68E_IZJClnGgFcE_KY-NQLyuX9A_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXjChgaAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCAwKTt1ZigncycsIDI4MDA1OTkwMSwgMCk7dWYoJ3InLCAzOTgxNzg1NDYFVfCLkgL9DiFNWjgzUlFqQTRJSWFFUEx4N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnVW1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQlFqYWtQYUZmMERfQkFVSTJwRDJoWDlBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJPXzJ3UDFBVDNjREQtWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STJfckhKaEFMR0FJdEEBQ9hMb0RDVVpTUVRFNk5qVTFNT0FEOGktQUJLU2oxUW1JQkoybTFRbVFCQUdZQkFHcUJOVUhDUF9fFQIId0VRFQwUX19fQVJqAQcNAQw4QklQDQsBAQh3RW8BBxEBCEFURBELFF9fXzhCTzIsAARGQQEWEQEEQVU2WAAAVTYsAABZESgBAQRBVzZYAABhNiwAAHcBJBEBBEFYNlgACGdBSBEbBZQAaToQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FMAfkNAQg4Qmk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAABGdBLi0CIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBVC38AQEhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FYAfkNASEANhAAAGs6EAAAbToQAJhzZ1FKQ0w3cUVSQzY0YUlOdWdRWkNPMElFYmdlaGV0UnVKNF9HUUGhegUBAEkBLDxjRUV1QjZGNjFHNG5qX0pCBRoJARQyQVFBOFEuMQCQZ0Zsak9RQmZpVFVKZ0ZfYl9GaFFHcEJScUdqNGdwa2U0X3NRVQE9IGdwNGJpUDhFRgENEElLZUc0AVwBSxxNRGVQTzRfMAkoCQEETmsFKAEBwXjwQEJmREhBZkFGczctckNmZ0Y5X0dmQTRJR0ExVlRSSWdHQkpBR0FaZ0dBS0VHbXBtWm1abVo3VC1vQmdTeUJpUUpBAUkJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIWZScUZJdzqBBzRJdXlsUUVnQUNnQU1acQVtWG1lMF9PZ2xHVWtFeE9qWTFOVEJBOGk5FXkIOEQ5HXkAQh15BEJoOW0EOXABfwkBBEJ4CQgBAQxCNEFJLokH8D44LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL_ICEQoGQURWX0lEEgc2ODEzOTQz8gISCgZDUEcBFAgIMTkWmQgBFQgFQ1ABFBQJMjgwMDUOmAg88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEEBzcWIgkA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8PWAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuMzioBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjY1NTDaBAIIAeAEAfAE8vHuvQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjU3Njm4BgDBBgAAAAAAAPA_0AapJdoGFgoQAAABRRkBYBAAGADgBgHyBocBCPiTUBKAAUtoUUVVMW9Ba-BEQUFrQ0JRRUlfOXVKQ0JEZGtPSUNHTy1GblFNZ0J5Z0FRT1BuMUFkSTNJRFlCMUR5TDFpSkxYRUEBPQUBDEhnQWciQwoMQUFBSRqDCixKb0JBZ2dBcUFFQXMuIAA8QS4ugAcBiAcAoAcBugcPCAWgACAhTTC6BkAAyAfChgbSBw0JCcAENEABvgjaBwYJJ2jgBwDqBwIIAPAH7vYDiggCEACVCAAAgD-YCAE.&s=5428f88471dc607fed62575431bf6259723ab326&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Deimtsc%26e%3D1965574524929,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Deimtsc%26e%3D1965574524929&

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:16 GMT
AN-X-Request-Uuid: c50f2bab-ebda-45ed-8aa4-e180abbe0670
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/231/ Frame C85A 80 KB
27 KB 194ms
55ms Script
application/x-javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/231/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires: Thu, 30 Nov 2023 10:07:30 GMT
Date: Fri, 02 Dec 2022 03:06:17 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 147526
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27455
X-Served-By: cache-lga13620-LGA, cache-hhn4061-HHN
Last-Modified: Wed, 30 Nov 2022 10:07:25 GMT
Server: AkamaiNetStorage
X-Timer: S1669950377.088144,VS0,VE0
ETag: "48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 607609

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame C85A 0
815 B 125ms
80ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QLGFvQXAUYLAAADANYABQEIqNelnAYQsOX378jMiOwlGJrg8Kii_5P1bio2CQP8R6bhHLo_ETJd0p8LP6s_GQAAACCF68E_IZJClnGgFcE_KY-NQLyuX9A_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXjChgaAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCAwKTt1ZigncycsIDI4MDA1OTkwMSwgMCk7dWYoJ3InLCAzOTgxNzg1NDYFVfCLkgL9DiFNWjgzUlFqQTRJSWFFUEx4N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnVW1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQlFqYWtQYUZmMERfQkFVSTJwRDJoWDlBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJPXzJ3UDFBVDNjREQtWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STJfckhKaEFMR0FJdEEBQ9hMb0RDVVpTUVRFNk5qVTFNT0FEOGktQUJLU2oxUW1JQkoybTFRbVFCQUdZQkFHcUJOVUhDUF9fFQIId0VRFQwUX19fQVJqAQcNAQw4QklQDQsBAQh3RW8BBxEBCEFURBELFF9fXzhCTzIsAARGQQEWEQEEQVU2WAAAVTYsAABZESgBAQRBVzZYAABhNiwAAHcBJBEBBEFYNlgACGdBSBEbBZQAaToQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FMAfkNAQg4Qmk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAABGdBLi0CIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBVC38AQEhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FYAfkNASEANhAAAGs6EAAAbToQAJhzZ1FKQ0w3cUVSQzY0YUlOdWdRWkNPMElFYmdlaGV0UnVKNF9HUUGhegUBAEkBLDxjRUV1QjZGNjFHNG5qX0pCBRoJARQyQVFBOFEuMQCQZ0Zsak9RQmZpVFVKZ0ZfYl9GaFFHcEJScUdqNGdwa2U0X3NRVQE9IGdwNGJpUDhFRgENEElLZUc0AVwBSxxNRGVQTzRfMAkoCQEETmsFKAEBwXjwQEJmREhBZkFGczctckNmZ0Y5X0dmQTRJR0ExVlRSSWdHQkpBR0FaZ0dBS0VHbXBtWm1abVo3VC1vQmdTeUJpUUpBAUkJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIWZScUZJdzqBBzRJdXlsUUVnQUNnQU1acQVtWG1lMF9PZ2xHVWtFeE9qWTFOVEJBOGk5FXkIOEQ5HXkAQh15BEJoOW0EOXABfwkBBEJ4CQgBAQxCNEFJLokH9AUBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuMzioBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjY1NTDaBAIIAeAEAfAE8vHuvQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjU3Njm4BgDBBgk1KPA_0AapJdoGFgoQCREZAWAQABgA4AYB8gaHAQj4k1ASgAFLaFFFVTFvIVTgREFBa0NCUUVJXzl1SkNCRGRrT0lDR08tRm5RTWdCeWdBUU9QbjFBZEkzSURZQjFEeUwxaUpMWEVBAT0FAQxIZ0FnIiwJDEFBQUkabAksSm9CQWdnQXFBRUFzLiAAPEEuLoAHAYgHAKAHAboHDwgFoEQgADAAOLoGQADIB8KGBtIHDQkJwAQ0QAG-CNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=8a2466be5a0aea7363d05e7b28a76cb3c4700bf0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:16 GMT
AN-X-Request-Uuid: 423e394d-213a-45ee-a567-35384f06d627
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame AC96 34 KB
11 KB 215ms
59ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
ETag: "afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11137

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 5C9F 34 KB
11 KB 208ms
61ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
ETag: "afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11137

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 075D
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

281 B
554 B

228ms
62ms

Document
text/html

23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Dec 2022 03:06:17 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 02 Dec 2022 03:06:17 GMT
location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server: AkamaiGHost

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 8653 34 KB
11 KB 207ms
61ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
ETag: "afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11137

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 571B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

281 B
554 B

217ms
63ms

Document
text/html

23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Dec 2022 03:06:17 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 02 Dec 2022 03:06:17 GMT
location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server: AkamaiGHost

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame F8AF 34 KB
11 KB 183ms
59ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
ETag: "afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11137

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame B4F1 34 KB
11 KB 206ms
60ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
ETag: "afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11137

GET
H2 200 client Show response
ssl.connextra.com/FIFA/selector/ Frame 3C3C 1000 B
1 KB 108ms
83ms Document
text/html 23.79.149.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_DE_300x600&_cb=1055645968&apnauc=583709661498270404&bidid=583709661498270404&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?broM_0GhxD_iT7T-foa1PwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP8RikTHYwBkIGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPyVRWgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21ehqpIgjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMjNA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjUzMjM=/bn=93179/clickenc=
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.149.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-149-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 969206035dc158b1d13f2629e3eda2130c5ba6b58731171da22aa1faa489632e

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 689
content-type: text/html;charset=utf-8
date: Fri, 02 Dec 2022 03:06:17 GMT
expires: Fri, 02 Dec 2022 03:06:17 GMT
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
pragma: no-cache
vary: * Accept-Encoding
x-served-by: vlp-cxtadsrv01.connextra.net

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 62CF 52 KB
17 KB 99ms
79ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:17 GMT
ETag: "623de86a-cf34"
Expires: Sat, 03 Dec 2022 03:06:19 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame AD58 0
815 B 81ms
57ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLhGPQXAWEMAAADANYABQEIqNelnAYQxMXFjIOb8IwIGJrg8Kii_5P1bio2CW66DP9BocQ_EeJPtP5-hrU_GQAAACCF68E_IZJClnGgFcE_KY-NQLyuX9A_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXj71wWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCAwKTt1ZigncycsIDI4MDA1OTkwMSwgMCk7dWYoJ3InLCAzOTgxNzg1NDYFVfCLkgKBDyFFYUIyZWdqQTRJSWFFUEx4N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnVW1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQlFqYWtQYUZmMERfQkFVSTJwRDJoWDlBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJPXzJ3UDFBVDNjREQtWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STJfckhKaEFMR0FJdEEBQ-hMb0RDVVpTUVRFNk5UTXlNLUFEOGktQUJLU2oxUW1JQkoybTFRbVFCQUdZQkFHZ0JCU3FCTlVIQ1BfXxUCCHdFURUMFF9fX0FSagEHDQEMOEJJUA0LAQEId0VvAQcRAQhBVEQRCxRfX184Qk8yLAAERkEBFhEBBEFVNlgAAFU2LAAAWREoAQEEQVc2WAAAYTYsAAB3ASQRAQRBWDZYAAhnQUgRGwWUAGk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBTAH5DQEIOEJpOhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAARnQS4tAiEANhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVQt_AEBIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBWAH5DQEhADYQAABrOhAAAG06EACYc2dRSkNMN3FFUkM2NGFJTnVnUVpDTzBJRWJnZWhldFJ1SjRfR1FBoX4FAQBJASw8Y0VFdUI2RjYxRzRual9KQgUaCQEUMkFRQThRLjEAkGdGeXltUUJmaVRVSmdGX2JfRmhRR3BCUnFHajRncGtlNF9zUVUBPSBncDRiaVA4RUYBDRBJS2VHNAFcAUscTURlUE80XzAJKAkBBE5rBSgBAcF88EBCZkRIQWZBRnM3LXJDZmdGOV9HZkE0SUdBMVZUUklnR0JKQUdBWmdHQUtFR21wbVptWm1aN1Qtb0JnU3lCaVFKQQFJCQEAUgkHBQEAWgUGCQEAaAkHAQE8QzRCZ28umgKZASFlaHFwST6FBzRJdXlsUUVnQUNnQU1acQVtWG1lMF9PZ2xHVWtFeE9qVXpNak5BOGk5FXkIOEQ5HXkAQh15BEJoOW0EOXABfwkBBEJ4CQgBAQxCNEFJLo0H8D44LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL_ICEQoGQURWX0lEEgc2ODEzOTQz8gISCgZDUEcBFAgIMTkWnQgBFQgFQ1ABFBQJMjgwMDUOnAg88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEEBzcWJgkA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8PWAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuMzioBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjUzMjPaBAIIAeAEAfAE8vHuvQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjUzMTi4BgDBBgAAAAAAAPA_0AapJdoGFgoQAAABRRkBYBAAGADgBgHyBocBCPiTUBKAAVl4Ul9YVm9Ba-BEQUFrQ0JRRUlfOXVKQ0JEZGtPSUNHTy1GblFNZ0J5Z0FRT1BuMUFkSTNJRFlCMUR5TDFqR0tYRUEBPQUBDEhnQWciRwoMQUFBSRqHCixKb0JBZ2dBcUFFQXMuIAA8QS4ugAcBiAcAoAcBugcPCAWgACAhTTC6BkAAyAf71wXSBw0JCcAENEABvgjaBwYJJ2jgBwDqBwIIAPAH7vYDiggCEACVCAAAgD-YCAE.&s=07e6b77a6b8d58398d3479d60140a8e86a29b892&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Defvmujmla%26e%3D1965574524929,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Defvmujmla%26e%3D1965574524929&

Requested by

Host: friends.in.ua
URL: https://friends.in.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:17 GMT
AN-X-Request-Uuid: 04336d16-231d-43ec-a56d-aa4c98941ba8
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/231/ Frame AD58 80 KB
27 KB 70ms
53ms Script
application/x-javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/231/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires: Thu, 30 Nov 2023 10:07:30 GMT
Date: Fri, 02 Dec 2022 03:06:17 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 147526
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27455
X-Served-By: cache-lga13620-LGA, cache-hhn4021-HHN
Last-Modified: Wed, 30 Nov 2022 10:07:25 GMT
Server: AkamaiNetStorage
X-Timer: S1669950377.096578,VS0,VE0
ETag: "48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 608337

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame AD58 0
815 B 74ms
58ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QLKFvQXAUoLAAADANYABQEIqNelnAYQxMXFjIOb8IwIGJrg8Kii_5P1bio2CW66DP9BocQ_EeJPtP5-hrU_GQAAACCF68E_IZJClnGgFcE_KY-NQLyuX9A_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXj71wWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCAwKTt1ZigncycsIDI4MDA1OTkwMSwgMCk7dWYoJ3InLCAzOTgxNzg1NDYFVfCLkgKBDyFFYUIyZWdqQTRJSWFFUEx4N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnVW1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQlFqYWtQYUZmMERfQkFVSTJwRDJoWDlBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJPXzJ3UDFBVDNjREQtWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STJfckhKaEFMR0FJdEEBQ-hMb0RDVVpTUVRFNk5UTXlNLUFEOGktQUJLU2oxUW1JQkoybTFRbVFCQUdZQkFHZ0JCU3FCTlVIQ1BfXxUCCHdFURUMFF9fX0FSagEHDQEMOEJJUA0LAQEId0VvAQcRAQhBVEQRCxRfX184Qk8yLAAERkEBFhEBBEFVNlgAAFU2LAAAWREoAQEEQVc2WAAAYTYsAAB3ASQRAQRBWDZYAAhnQUgRGwWUAGk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBTAH5DQEIOEJpOhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAARnQS4tAiEANhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVQt_AEBIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBWAH5DQEhADYQAABrOhAAAG06EACYc2dRSkNMN3FFUkM2NGFJTnVnUVpDTzBJRWJnZWhldFJ1SjRfR1FBoX4FAQBJASw8Y0VFdUI2RjYxRzRual9KQgUaCQEUMkFRQThRLjEAkGdGeXltUUJmaVRVSmdGX2JfRmhRR3BCUnFHajRncGtlNF9zUVUBPSBncDRiaVA4RUYBDRBJS2VHNAFcAUscTURlUE80XzAJKAkBBE5rBSgBAcF88EBCZkRIQWZBRnM3LXJDZmdGOV9HZkE0SUdBMVZUUklnR0JKQUdBWmdHQUtFR21wbVptWm1aN1Qtb0JnU3lCaVFKQQFJCQEAUgkHBQEAWgUGCQEAaAkHAQE8QzRCZ28umgKZASFlaHFwST6FBzRJdXlsUUVnQUNnQU1acQVtWG1lMF9PZ2xHVWtFeE9qVXpNak5BOGk5FXkIOEQ5HXkAQh15BEJoOW0EOXABfwkBBEJ4CQgBAQxCNEFJLo0H9AUBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuMzioBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjUzMjPaBAIIAeAEAfAE8vHuvQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjUzMTi4BgDBBgk1KPA_0AapJdoGFgoQCREZAWAQABgA4AYB8gaHAQj4k1ASgAFZeFJfWFZvIVTgREFBa0NCUUVJXzl1SkNCRGRrT0lDR08tRm5RTWdCeWdBUU9QbjFBZEkzSURZQjFEeUwxakdLWEVBAT0FAQxIZ0FnIjAJDEFBQUkacAksSm9CQWdnQXFBRUFzLiAAPEEuLoAHAYgHAKAHAboHDwgFoEQgADAAOLoGQADIB_vXBdIHDQkJwAQ0QAG-CNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=d5f4580c9fedee9af6fd86b20c5ebe3970daec7c

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:17 GMT
AN-X-Request-Uuid: fe062fcc-ff13-4184-917c-4bbed7d0cb3b
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK script.js Show response
acdn.adnxs-simple.com/strikeforce/ Frame AAB5 120 KB
43 KB 205ms
55ms Script
application/javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3ef4992026593e0ea951ba520ff9eca88a7ea12712aca5daba6c181031ac6ab4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires: Tue, 01 Nov 2022 05:37:33 GMT
Date: Fri, 02 Dec 2022 03:06:17 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 79955
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 42990
X-Served-By: cache-lga13622-LGA, cache-hhn4032-HHN
Last-Modified: Wed, 12 Oct 2022 13:08:12 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1669950377.249633,VS0,VE0
ETag: W/"6346bc3c-1e1bd"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 21, 76886

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/231/ Frame AAB5 80 KB
27 KB 65ms
63ms Script
application/x-javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/231/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Expires: Thu, 30 Nov 2023 10:07:30 GMT
Date: Fri, 02 Dec 2022 03:06:17 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 147526
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27455
X-Served-By: cache-lga13620-LGA, cache-hhn4041-HHN
Last-Modified: Wed, 30 Nov 2022 10:07:25 GMT
Server: AkamaiNetStorage
X-Timer: S1669950377.101282,VS0,VE0
ETag: "48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 613065

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame AAB5 0
815 B 78ms
77ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ffriends.in.ua%252F&e=wqT_3QKmDPBMJgYAAAMA1gAFAQio16WcBhDSwLydzPOtjCEYmuDwqKL_k_VuKjYJj41AvK5f0D8RkkKWcaAVwT8ZAAAAIIXrwT8hkkKWcaAVwT8pj40JJPCaMQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXi-hwaAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCANKThzJywgMjgwMDU5OTAxLCANFjByJywgMzk4MTc4NTQ2BRbwi5IC3QQhbjM5b3VRakE0SUlhRVBMeDdyMEJHQUFnaTdLVkFUQUNPQUJBQUVpWU9WQ0sySzhLV0FCZ1VtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJDcWdCQ3JBQkFMa0JRamFrUGFGZjBEX0JBVUkycEQyaFg5QV95UUVBQUFBQUFBRHdQOWtCQUFBBQ50OERfZ0FiT18yd1AxQVQzY0RELVlBZ0NnQWdHMUFnASMEQzkJCNhEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NEkyX3JISmhBTEdBSXRBAUPwUkxvRENVWlNRVEU2TmpVNE9PQUQ4aS1BQktTajFRbUlCSjJtMVFtUUJBR1lCQUd5QkFrSXZ1b1JFTHJob2cyNkJCa0k3UWdSdUI2RjYxRzRuajhaAVcNAQBnASw8d1FTNEhvWHJVYmllUDhrRQ0cJEFBQURZQkFEeEIBCw0ByGlBVzhNNUFGLUpOUW1BWDl2OFdGQWFrRkdvYVBpQ21SN2oteEJRQUFBQ0NuaHVJX3dRVQE6IGdwNGJpUDhrRgENIHdONDg3al9SQgEoDQEAMgkoAXTId1AtQUY4TWNCOEFXenY2c0otQVgzOFo4RGdnWURWVk5FaUFZRWtBWUJtQVlBb1FhYW1aAQIwbnRQNmdHQkxJR0pBawFJCQEAQh3PBEJrCRQBAQBDHRhETGdHQ2cuLpoCmQEhaUJxS0pnOmECOEl1eWxRRWdBQ2dBTVpxWgFvXG1lMF9PZ2xHVWtFeE9qWTFPRGhBOGk5SgFcAQEMOEQ5UgEICQEEQloJCAEBBEJoOY0EOXABEgkBBEJ4CQgBAUGtLmkC9AUBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuMzioBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjY1ODjaBAIIAeAEAfAE8vHuvQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjY1NTS4BgDBBgk1KPA_0AapJdoGFgoQCREZAWAQABgA4AYB8gaHAQj4k1ASgAFRUlEzVjFvIVTYREFBa0NCUUVJXzl1SkNCRGRrT0lDR08tRm5RTWdCeWdBUU9QbjFBZEkzSURZQjFEeUwxaWFNM10oDEhnQWeVDAxBQUFJjUwsSm9CQWdnQXFBRUFzLiAAPEEuLoAHAYgHAKAHAboHDwgFoEQgADAAOLoGQADIB76HBtIHDQkJwAQ0QAG-CNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=00ea031d245df80bbb813db6cbb898810b99106b

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:17 GMT
AN-X-Request-Uuid: a9885919-2171-443a-a21e-db8feb479a0c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame C602 34 KB
11 KB 149ms
62ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
ETag: "afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11137

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 04D5
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

281 B
554 B

187ms
65ms

Document
text/html

23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Dec 2022 03:06:17 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 02 Dec 2022 03:06:17 GMT
location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server: AkamaiGHost

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame ADAA 34 KB
11 KB 130ms
63ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
ETag: "afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11137

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4A54 0
744 B 68ms
68ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:17 GMT
AN-X-Request-Uuid: 8fdc0a70-56b9-43d7-b4ab-c2fd286afdeb
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 controller Show response
ssl.connextra.com/servlet/ Frame 402A 1 KB
843 B 78ms
55ms Document
text/html 23.79.149.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=5831884733180408428&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FA_xHpuEcuj8yXdKfCz-rPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP2zyPSREBO9QGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAByPXXQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21fhq_IwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMDlA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMDk%3D%2Fbn%3D93154%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=5831884733180408428&_cb=1527560491
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_DE_300x600&_cb=1527560491&apnauc=5831884733180408428&bidid=5831884733180408428&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?A_xHpuEcuj8yXdKfCz-rPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP2zyPSREBO9QGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAByPXXQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21fhq_IwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMDlA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjUzMDk=/bn=93154/clickenc=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.149.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-149-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ada010ff26dcf50d70711d8d9d35a597d1f7dbeec8d7972cd7c198f5f6176fc9

Request headers

Referer: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_DE_300x600&_cb=1527560491&apnauc=5831884733180408428&bidid=5831884733180408428&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?A_xHpuEcuj8yXdKfCz-rPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP2zyPSREBO9QGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAByPXXQAAAAA./bcr=AAAAAAAA8D8=/cnd=%21fhq_IwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMDlA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjUzMDk=/bn=93154/clickenc=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-length: 684
content-type: text/html;charset=UTF-8
date: Fri, 02 Dec 2022 03:06:17 GMT
expires: Fri, 02 Dec 2022 03:14:49 GMT
vary: Accept-Encoding
x-served-by: vlp-cxtadsrv11.connextra.net

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A573 0
744 B 58ms
57ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:17 GMT
AN-X-Request-Uuid: fad364c3-b84b-482e-a8d5-985841af4eb9
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 controller Show response
ssl.connextra.com/servlet/ Frame C633 1 KB
843 B 58ms
57ms Document
text/html 23.79.149.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2072409584920642530&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FCY9SCZo7zz8-v05TVEvAPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP-JDT5KJrcIcGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA1yKuIwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21fhrFIwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU0NDRA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU0NDQ%3D%2Fbn%3D93351%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=2072409584920642530&_cb=276731986
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_DE_300x600&_cb=276731986&apnauc=2072409584920642530&bidid=2072409584920642530&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?CY9SCZo7zz8-v05TVEvAPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP-JDT5KJrcIcGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA1yKuIwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21fhrFIwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU0NDRA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU0NDQ=/bn=93351/clickenc=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.149.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-149-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ada010ff26dcf50d70711d8d9d35a597d1f7dbeec8d7972cd7c198f5f6176fc9

Request headers

Referer: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_DE_300x600&_cb=276731986&apnauc=2072409584920642530&bidid=2072409584920642530&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?CY9SCZo7zz8-v05TVEvAPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP-JDT5KJrcIcGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA1yKuIwAAAAA./bcr=AAAAAAAA8D8=/cnd=%21fhrFIwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU0NDRA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjU0NDQ=/bn=93351/clickenc=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-length: 684
content-type: text/html;charset=UTF-8
date: Fri, 02 Dec 2022 03:06:17 GMT
expires: Fri, 02 Dec 2022 03:14:49 GMT
vary: Accept-Encoding
x-served-by: vlp-cxtadsrv11.connextra.net

GET
H2 200 controller Show response
ssl.connextra.com/servlet/ Frame CFEE 1 KB
843 B 57ms
57ms Document
text/html 23.79.149.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2726967389647139504&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FA_xHpuEcuj8yXdKfCz-rPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP7Dy_Y1kItglGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAcCTV1wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21fRqFIwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1NTBA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY1NTA%3D%2Fbn%3D99138%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=2726967389647139504&_cb=1149004572
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_DE_300x600&_cb=1149004572&apnauc=2726967389647139504&bidid=2726967389647139504&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?A_xHpuEcuj8yXdKfCz-rPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP7Dy_Y1kItglGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAcCTV1wAAAAA./bcr=AAAAAAAA8D8=/cnd=%21fRqFIwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1NTBA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjY1NTA=/bn=99138/clickenc=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.149.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-149-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ada010ff26dcf50d70711d8d9d35a597d1f7dbeec8d7972cd7c198f5f6176fc9

Request headers

Referer: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_DE_300x600&_cb=1149004572&apnauc=2726967389647139504&bidid=2726967389647139504&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?A_xHpuEcuj8yXdKfCz-rPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP7Dy_Y1kItglGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAcCTV1wAAAAA./bcr=AAAAAAAA8D8=/cnd=%21fRqFIwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1NTBA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjY1NTA=/bn=99138/clickenc=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-length: 684
content-type: text/html;charset=UTF-8
date: Fri, 02 Dec 2022 03:06:17 GMT
expires: Fri, 02 Dec 2022 03:14:49 GMT
vary: Accept-Encoding
x-served-by: vlp-cxtadsrv11.connextra.net

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8A41 13 KB
5 KB 177ms
57ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 24406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 20:19:31 GMT
expires: Fri, 01 Dec 2023 20:19:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5750 783 B
1 KB 191ms
63ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

887639a83275571d5df6e4e7024c7e69f86fbb47800f5e219f28ff96df9606ef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zxEYDOxhMdvuVBgALcxHqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-zxEYDOxhMdvuVBgALcxHqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:17 GMT
expires: Fri, 02 Dec 2022 03:06:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame C2C5 0
832 B 63ms
62ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QKmDPQXASYGAAADANYABQEIqNelnAYQ4oe9kpmxq-EcGJrg8Kii_5P1bio2CQmPUgmaO88_ET6_TlNUS8A_GQAAACCF68E_IZJClnGgFcE_KY-NQLyuX9A_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXin2QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCAwKTt1ZigncycsIDI4MDA1OTkwMSwgMCk7dWYoJ3InLCAzOTgxNzg1NDYFVfCLkgLdBCFsSC1wcmdqQTRJSWFFUEx4N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnVW1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQlFqYWtQYUZmMERfQkFVSTJwRDJoWDlBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJPXzJ3UDFBVDNjREQtWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STJfckhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVFEwTk9BRDhpLUFCS1NqMVFtSUJKMm0xUW1RQkFHWUJBR3lCQWtJdnVvUkVMcmhvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHIaUFYRUtwQUYtSk5RbUFYOXY4V0ZBYWtGR29hUGlDbVI3ai14QlFBQUFDQ25odUlfd1FVATogZ3A0YmlQOGtGAQ0gd040ODdqX1JCASgNAQAyCSgBdMh3UC1BRjhNY0I4QVd6djZzSi1BWDM4WjhEZ2dZRFZWTkVpQVlFa0FZQm1BWUFvUWFhbVoBAjBudFA2Z0dCTElHSkFrAUkJAQBCHc8EQmsJFAEBAEMdGERMZ0dDZy4umgKZASFmaHJGSXc6YQI4SXV5bFFFZ0FDZ0FNWnFaAW9cbWUwX09nbEdVa0V4T2pVME5EUkE4aTlKAVwBAQw4RDlSAQgJAQRCWgkIAQEEQmg5jQQ5cAESCQEEQngJCAEBQa0uaQL0BQE4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNODIuMTk5LjEzMC4zOKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI0ZSQTE6NTQ0NNoEAggB4AQB8ATy8e69AYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbYi-gUECAAQAJAGAJgGAKIGDzEwMjY0I0ZSQTE6NTY3OLgGAMEGCTUo8D_QBqkl2gYWChAJERkBYBAAGADgBgHyBocBCPiTUBKAAVRoU2hXVm8hVNhEQUFrQ0JRRUlfOXVKQ0JEZGtPSUNHTy1GblFNZ0J5Z0FRT1BuMUFkSTNJRFlCMUR5TDFpdUxIXSgMSGdBZ5UMDEFBQUmNTCxKb0JBZ2dBcUFFQXMuIAA8QS4ugAcBiAcAoAcBugcPCAWgRCAAMAA4ugZAAMgHp9kF0gcNCQnABDRAAb4I2gcGCSdo4AcA6gcCCADwB-72A4oIAhAAlQgAAIA_mAgB&s=808da0bce40c35ee8d56a17ccfd4770bbdf344e0&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=4873359461673888085&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:17 GMT
AN-X-Request-Uuid: a227dd1d-6f28-48ca-8f88-8b40e7920384
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame FD7F 0
832 B 63ms
62ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLGFvQXAUYLAAADANYABQEIqNelnAYQ7OT3ocKIwfdQGJrg8Kii_5P1bio2CQP8R6bhHLo_ETJd0p8LP6s_GQAAACCF68E_IZJClnGgFcE_KY-NQLyuX9A_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXji1wWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCAwKTt1ZigncycsIDI4MDA1OTkwMSwgMCk7dWYoJ3InLCAzOTgxNzg1NDYFVfCLkgL9DiFUNTlPWEFqQTRJSWFFUEx4N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnVW1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQlFqYWtQYUZmMERfQkFVSTJwRDJoWDlBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJPXzJ3UDFBVDNjREQtWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STJfckhKaEFMR0FJdEEBQ9hMb0RDVVpTUVRFNk5UTXdPZUFEOGktQUJLU2oxUW1JQkoybTFRbVFCQUdZQkFHcUJOVUhDUF9fFQIId0VRFQwUX19fQVJqAQcNAQw4QklQDQsBAQh3RW8BBxEBCEFURBELFF9fXzhCTzIsAARGQQEWEQEEQVU2WAAAVTYsAABZESgBAQRBVzZYAABhNiwAAHcBJBEBBEFYNlgACGdBSBEbBZQAaToQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FMAfkNAQg4Qmk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAABGdBLi0CIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBVC38AQEhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FYAfkNASEANhAAAGs6EAAAbToQAJhzZ1FKQ0w3cUVSQzY0YUlOdWdRWkNPMElFYmdlaGV0UnVKNF9HUUGhegUBAEkBLDxjRUV1QjZGNjFHNG5qX0pCBRoJARQyQVFBOFEuMQCQZ0Z2U21RQmZpVFVKZ0ZfYl9GaFFHcEJScUdqNGdwa2U0X3NRVQE9IGdwNGJpUDhFRgENEElLZUc0AVwBSxxNRGVQTzRfMAkoCQEETmsFKAEBwXjwQEJmREhBZkFGczctckNmZ0Y5X0dmQTRJR0ExVlRSSWdHQkpBR0FaZ0dBS0VHbXBtWm1abVo3VC1vQmdTeUJpUUpBAUkJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIWZocV9JdzqBBzRJdXlsUUVnQUNnQU1acQVtWG1lMF9PZ2xHVWtFeE9qVXpNRGxBOGk5FXkIOEQ5HXkAQh15BEJoOW0EOXABfwkBBEJ4CQgBAQxCNEFJLokH9AUBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuMzioBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjUzMDnaBAIIAeAEAfAE8vHuvQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjY1NDa4BgDBBgk1KPA_0AapJdoGFgoQCREZAWAQABgA4AYB8gaHAQj4k1ASgAFUUlNYV2xvIVTgREFBa0NCUUVJXzl1SkNCRGRrT0lDR08tRm5RTWdCeWdVUU9QbjFBZEkzSURZQjFEeUwxaVNNM0VBAT0FAQxIZ0FnIiwJDEFBQUkabAksSm9CQWdnQXFBRUFzLiAAPEEuLoAHAYgHAKAHAboHDwgFoEQgADAAOLoGQADIB-LXBdIHDQkJwAQ0QAG-CNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=f0b69b46e842f011b14a7a623ef5b07c5bc1e145&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=4873359461673888085&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:17 GMT
AN-X-Request-Uuid: d7bb7528-fa80-4380-bd01-644f6a6aae78
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6C0F 0
744 B 66ms
64ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:17 GMT
AN-X-Request-Uuid: 57af94eb-69c3-4e1d-aa46-86062a165c9c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 62CF 0
744 B 63ms
62ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:17 GMT
AN-X-Request-Uuid: 4a5eb90a-011c-4e39-9670-b2e609cae090
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 controller Show response
ssl.connextra.com/servlet/ Frame 874E 1 KB
843 B 59ms
58ms Document
text/html 23.79.149.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=583709661498270404&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FbroM_0GhxD_iT7T-foa1PwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP8RikTHYwBkIGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPyVRWgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21ehqpIgjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMjNA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMjM%3D%2Fbn%3D93179%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=583709661498270404&_cb=1055645968
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_DE_300x600&_cb=1055645968&apnauc=583709661498270404&bidid=583709661498270404&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?broM_0GhxD_iT7T-foa1PwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP8RikTHYwBkIGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPyVRWgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21ehqpIgjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMjNA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjUzMjM=/bn=93179/clickenc=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.149.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-149-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ada010ff26dcf50d70711d8d9d35a597d1f7dbeec8d7972cd7c198f5f6176fc9

Request headers

Referer: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_DE_300x600&_cb=1055645968&apnauc=583709661498270404&bidid=583709661498270404&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?broM_0GhxD_iT7T-foa1PwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP8RikTHYwBkIGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPyVRWgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21ehqpIgjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMjNA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjUzMjM=/bn=93179/clickenc=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-length: 684
content-type: text/html;charset=UTF-8
date: Fri, 02 Dec 2022 03:06:17 GMT
expires: Fri, 02 Dec 2022 03:14:49 GMT
vary: Accept-Encoding
x-served-by: vlp-cxtadsrv11.connextra.net

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4DE3 34 KB
10 KB 66ms
58ms Script
text/html 23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1dd030e2797f617856d7eddb0af5a43b2de17251b4b5480305ea96078f8999bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Dec 2022 20:10:05 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=61397
Connection: keep-alive
Content-Length: 10067
Expires: Fri, 02 Dec 2022 20:09:34 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 075D 34 KB
10 KB 59ms
58ms Script
text/html 23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1dd030e2797f617856d7eddb0af5a43b2de17251b4b5480305ea96078f8999bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Dec 2022 20:10:05 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=61397
Connection: keep-alive
Content-Length: 10067
Expires: Fri, 02 Dec 2022 20:09:34 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 571B 34 KB
10 KB 58ms
56ms Script
text/html 23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1dd030e2797f617856d7eddb0af5a43b2de17251b4b5480305ea96078f8999bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Dec 2022 20:10:05 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=61397
Connection: keep-alive
Content-Length: 10067
Expires: Fri, 02 Dec 2022 20:09:34 GMT

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame 0DCC 531 B
881 B 291ms
54ms Document
text/html 2a02:26f0:3500:12::1730:17ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22a48295f4-ebca-4b59-9dc6-66741ee21255%22%2c%22adomain%22%3a%22bluemovement.com%22%2c%22page%22%3a%221388206%22%2c%22format%22%3a%2287205%22%2c%22crid%22%3a%2259619775%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2216035%22%2c%22cid%22%3a%222864202%22%2c%22adid%22%3a%2259619775%22%2c%22hash%22%3a%229112482153486109031%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17ba Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 531
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:17 GMT
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires: Sat, 03 Dec 2022 03:06:17 GMT
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame DFFB 1 KB
2 KB 254ms
74ms Script
text/javascript 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=59619775;rtbwp=Wcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw;rtbdata=GSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

54ca6f74ffc244e6f6e9463db93c5fcb60cf249e8e5520b30205b1354da9ce3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1279
expires: -1

GET
H/1.1 200
OK aip
euw2.smartadserver.com/h/ Frame DFFB 43 B
270 B 185ms
61ms Image
image/gif 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euw2.smartadserver.com/h/aip?uii=2371324378411450296&tmstp=5558876490&ckid=3448915866441022182&systgt=%24qc%3d1313617845%3b%24ql%3dMedium%3b%24qpc%3de1w%3b%24qt%3d78_2531_71929t%3b%24dma%3d0%3b%24b%3d16990%3b%24o%3d11100%3b%24wpc%3d5679%3b%24wpc%3d5753%3b%24wpc%3d5755%3b%24wpc%3d5813%3b%24wpc%3d5917%3b%24wpc%3d5918%3b%24wpc%3d5977%3b%24wpc%3d5978%3b%24wpc%3d5980%3b%24wpc%3d5982%3b%24wpc%3d5890%3b%24wpc%3d5892%3b%24wpc%3d5893%3b%24wpc%3d5839%3b%24wpc%3d5841%3b%24wpc%3d5844%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5786%3b%24wpc%3d5788%3b%24wpc%3d5791%3b%24wpc%3d5757%3b%24wpc%3d5759%3b%24wpc%3d5762%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d5775%3b%24wpc%3d5739%3b%24wpc%3d5741%3b%24wpc%3d5744%3b%24wpc%3d6052%3b%24wpc%3d6054%3b%24wpc%3d6055%3b%24wpc%3d6057%3b%24wpc%3d6059%3b%24wpc%3d6060%3b%24wpc%3d6001%3b%24wpc%3d6002%3b%24wpc%3d6005%3b%24wpc%3d6006%3b%24wpc%3d6007%3b%24wpc%3d6011%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5973%3b%24wpc%3d5947%3b%24wpc%3d5948%3b%24wpc%3d5951%3b%24wpc%3d5953%3b%24wpc%3d5955%3b%24wpc%3d5956%3b%24wpc%3d5920%3b%24wpc%3d5921%3b%24wpc%3d5924%3b%24wpc%3d5925%3b%24wpc%3d5928%3b%24wpc%3d5929%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5937%3b%24wpc%3d5939%3b%24wpc%3d5941%3b%24wpc%3d5943%3b%24wpc%3d5904%3b%24wpc%3d5906%3b%24wpc%3d5907%3b%24wpc%3d5910%3b%24wpc%3d5912%3b%24wpc%3d5914&acd=1669950376476&envtype=0&opid=5912f9f8-e3fc-4730-83e2-9d6d8115e327&opdt=1669950376477&siteid=413975&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=18&imptype=0&intgtype=3&pgDomain=https%3a%2f%2ffriends.in.ua%2f&cappid=3448915866441022182&capp=0&mcrdbt=0&insid=9361164&imgid=0&pgid=1388206&fmtid=87205&isLazy=0&rtb=1&rtbnid=1743&rtbbid=6857784089187623367&rtbh=1ca6129b45b2c8663dd858f52f7691b515964719&rtblt=638055471764960251&rtbet=0&rtbptnid=22&cftgid=a86618ae58d6
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 03:06:16 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame C85A 0
832 B 57ms
56ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLGFvQXAUYLAAADANYABQEIqNelnAYQsOX378jMiOwlGJrg8Kii_5P1bio2CQP8R6bhHLo_ETJd0p8LP6s_GQAAACCF68E_IZJClnGgFcE_KY-NQLyuX9A_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXjChgaAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCAwKTt1ZigncycsIDI4MDA1OTkwMSwgMCk7dWYoJ3InLCAzOTgxNzg1NDYFVfCLkgL9DiFNWjgzUlFqQTRJSWFFUEx4N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnVW1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQlFqYWtQYUZmMERfQkFVSTJwRDJoWDlBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJPXzJ3UDFBVDNjREQtWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STJfckhKaEFMR0FJdEEBQ9hMb0RDVVpTUVRFNk5qVTFNT0FEOGktQUJLU2oxUW1JQkoybTFRbVFCQUdZQkFHcUJOVUhDUF9fFQIId0VRFQwUX19fQVJqAQcNAQw4QklQDQsBAQh3RW8BBxEBCEFURBELFF9fXzhCTzIsAARGQQEWEQEEQVU2WAAAVTYsAABZESgBAQRBVzZYAABhNiwAAHcBJBEBBEFYNlgACGdBSBEbBZQAaToQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FMAfkNAQg4Qmk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAABGdBLi0CIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBVC38AQEhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FYAfkNASEANhAAAGs6EAAAbToQAJhzZ1FKQ0w3cUVSQzY0YUlOdWdRWkNPMElFYmdlaGV0UnVKNF9HUUGhegUBAEkBLDxjRUV1QjZGNjFHNG5qX0pCBRoJARQyQVFBOFEuMQCQZ0Zsak9RQmZpVFVKZ0ZfYl9GaFFHcEJScUdqNGdwa2U0X3NRVQE9IGdwNGJpUDhFRgENEElLZUc0AVwBSxxNRGVQTzRfMAkoCQEETmsFKAEBwXjwQEJmREhBZkFGczctckNmZ0Y5X0dmQTRJR0ExVlRSSWdHQkpBR0FaZ0dBS0VHbXBtWm1abVo3VC1vQmdTeUJpUUpBAUkJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIWZScUZJdzqBBzRJdXlsUUVnQUNnQU1acQVtWG1lMF9PZ2xHVWtFeE9qWTFOVEJBOGk5FXkIOEQ5HXkAQh15BEJoOW0EOXABfwkBBEJ4CQgBAQxCNEFJLokH9AUBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuMzioBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjY1NTDaBAIIAeAEAfAE8vHuvQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjU3Njm4BgDBBgk1KPA_0AapJdoGFgoQCREZAWAQABgA4AYB8gaHAQj4k1ASgAFLaFFFVTFvIVTgREFBa0NCUUVJXzl1SkNCRGRrT0lDR08tRm5RTWdCeWdBUU9QbjFBZEkzSURZQjFEeUwxaUpMWEVBAT0FAQxIZ0FnIiwJDEFBQUkabAksSm9CQWdnQXFBRUFzLiAAPEEuLoAHAYgHAKAHAboHDwgFoEQgADAAOLoGQADIB8KGBtIHDQkJwAQ0QAG-CNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=8a2466be5a0aea7363d05e7b28a76cb3c4700bf0&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=4873359461673888085&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:17 GMT
AN-X-Request-Uuid: 7fc0d60d-508e-41ef-8524-8f5169105f9c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame 647B 531 B
881 B 265ms
55ms Document
text/html 2a02:26f0:3500:12::1730:17ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22efffad94-058f-4631-9e54-c8956765c4e8%22%2c%22adomain%22%3a%22bluemovement.com%22%2c%22page%22%3a%221388206%22%2c%22format%22%3a%2287205%22%2c%22crid%22%3a%2259619775%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2216035%22%2c%22cid%22%3a%222864202%22%2c%22adid%22%3a%2259619775%22%2c%22hash%22%3a%229112482153486109031%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17ba Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 531
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:17 GMT
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires: Sat, 03 Dec 2022 03:06:17 GMT
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame D9C4 1 KB
2 KB 227ms
76ms Script
text/javascript 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=59619775;rtbwp=GvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA;rtbdata=_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f66ff6eeb1deb5c8dfe3f5f35e6632398ca41245519b40394cb585404ee201d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1286
expires: -1

GET
H/1.1 200
OK aip
euw2.smartadserver.com/h/ Frame D9C4 43 B
270 B 168ms
56ms Image
image/gif 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euw2.smartadserver.com/h/aip?uii=2537701639988832960&tmstp=874446547&ckid=9201182698598365799&systgt=%24qc%3d1313617845%3b%24ql%3dMedium%3b%24qpc%3de1w%3b%24qt%3d78_2531_71929t%3b%24dma%3d0%3b%24b%3d16990%3b%24o%3d11100%3b%24wpc%3d5679%3b%24wpc%3d5753%3b%24wpc%3d5755%3b%24wpc%3d5813%3b%24wpc%3d5917%3b%24wpc%3d5918%3b%24wpc%3d5977%3b%24wpc%3d5978%3b%24wpc%3d5980%3b%24wpc%3d5982%3b%24wpc%3d5890%3b%24wpc%3d5892%3b%24wpc%3d5893%3b%24wpc%3d5839%3b%24wpc%3d5841%3b%24wpc%3d5844%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5786%3b%24wpc%3d5788%3b%24wpc%3d5791%3b%24wpc%3d5757%3b%24wpc%3d5759%3b%24wpc%3d5762%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d5775%3b%24wpc%3d5739%3b%24wpc%3d5741%3b%24wpc%3d5744%3b%24wpc%3d6052%3b%24wpc%3d6054%3b%24wpc%3d6055%3b%24wpc%3d6057%3b%24wpc%3d6059%3b%24wpc%3d6060%3b%24wpc%3d6001%3b%24wpc%3d6002%3b%24wpc%3d6005%3b%24wpc%3d6006%3b%24wpc%3d6007%3b%24wpc%3d6011%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5973%3b%24wpc%3d5947%3b%24wpc%3d5948%3b%24wpc%3d5951%3b%24wpc%3d5953%3b%24wpc%3d5955%3b%24wpc%3d5956%3b%24wpc%3d5920%3b%24wpc%3d5921%3b%24wpc%3d5924%3b%24wpc%3d5925%3b%24wpc%3d5928%3b%24wpc%3d5929%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5937%3b%24wpc%3d5939%3b%24wpc%3d5941%3b%24wpc%3d5943%3b%24wpc%3d5904%3b%24wpc%3d5906%3b%24wpc%3d5907%3b%24wpc%3d5910%3b%24wpc%3d5912%3b%24wpc%3d5914&acd=1669950376531&envtype=0&opid=a233cbb1-e870-46e4-ab7f-36cd03274f6b&opdt=1669950376532&siteid=413975&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=18&imptype=0&intgtype=3&pgDomain=https%3a%2f%2ffriends.in.ua%2f&cappid=9201182698598365799&capp=0&mcrdbt=0&insid=9361164&imgid=0&pgid=1388206&fmtid=87205&isLazy=0&rtb=1&rtbnid=1743&rtbbid=7215316244132796710&rtbh=7d142814941b74529911ffa86677fe1bd382ea50&rtblt=638055471765507014&rtbet=0&rtbptnid=22&cftgid=a86618ae58d6
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 03:06:17 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 Utils_v9-long.js Show response
ssl.connextra.com/services/ActiveAd/ Frame 402A 4 KB
2 KB 60ms
58ms Script
application/x-javascript 23.79.149.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/services/ActiveAd/Utils_v9-long.js
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=5831884733180408428&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FA_xHpuEcuj8yXdKfCz-rPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP2zyPSREBO9QGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAByPXXQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21fhq_IwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMDlA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMDk%3D%2Fbn%3D93154%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=5831884733180408428&_cb=1527560491
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.149.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-149-219.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=5831884733180408428&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FA_xHpuEcuj8yXdKfCz-rPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP2zyPSREBO9QGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAByPXXQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21fhq_IwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMDlA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMDk%3D%2Fbn%3D93154%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=5831884733180408428&_cb=1527560491
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:17 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2010 11:57:50 GMT
server: AkamaiNetStorage
etag: "159f636ee9f642a0c8c12354adf10d7c:1275911870"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 1742

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 04D5 34 KB
10 KB 63ms
62ms Script
text/html 23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1dd030e2797f617856d7eddb0af5a43b2de17251b4b5480305ea96078f8999bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Dec 2022 20:10:05 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=61397
Connection: keep-alive
Content-Length: 10067
Expires: Fri, 02 Dec 2022 20:09:34 GMT

GET
H2 200 Utils_v9-long.js Show response
ssl.connextra.com/services/ActiveAd/ Frame C633 4 KB
2 KB 60ms
59ms Script
application/x-javascript 23.79.149.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/services/ActiveAd/Utils_v9-long.js
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2072409584920642530&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FCY9SCZo7zz8-v05TVEvAPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP-JDT5KJrcIcGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA1yKuIwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21fhrFIwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU0NDRA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU0NDQ%3D%2Fbn%3D93351%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=2072409584920642530&_cb=276731986
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.149.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-149-219.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2072409584920642530&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FCY9SCZo7zz8-v05TVEvAPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP-JDT5KJrcIcGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA1yKuIwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21fhrFIwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU0NDRA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU0NDQ%3D%2Fbn%3D93351%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=2072409584920642530&_cb=276731986
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:17 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2010 11:57:50 GMT
server: AkamaiNetStorage
etag: "159f636ee9f642a0c8c12354adf10d7c:1275911870"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 1742

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame 2F24 531 B
881 B 199ms
54ms Document
text/html 2a02:26f0:3500:12::1730:17ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22a801f5eb-14a8-467d-973d-51f31c79eebb%22%2c%22adomain%22%3a%22bluemovement.com%22%2c%22page%22%3a%221388206%22%2c%22format%22%3a%2287205%22%2c%22crid%22%3a%2259619775%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2216035%22%2c%22cid%22%3a%222864202%22%2c%22adid%22%3a%2259619775%22%2c%22hash%22%3a%229112482153486109031%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17ba Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 531
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:17 GMT
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires: Sat, 03 Dec 2022 03:06:17 GMT
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame C811 1 KB
2 KB 228ms
142ms Script
text/javascript 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=59619775;rtbwp=M9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw;rtbdata=KaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c3a17655f21a096a023f55d4e720605b05dcda1501daaa7377f3b04772580bab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1278
expires: -1

GET
H/1.1 200
OK aip
euw2.smartadserver.com/h/ Frame C811 43 B
270 B 160ms
70ms Image
image/gif 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euw2.smartadserver.com/h/aip?uii=6845953214312054119&tmstp=2326233187&ckid=8357091702173661834&systgt=%24qc%3d1313617845%3b%24ql%3dMedium%3b%24qpc%3de1w%3b%24qt%3d78_2531_71929t%3b%24dma%3d0%3b%24b%3d16990%3b%24o%3d11100%3b%24wpc%3d5679%3b%24wpc%3d5753%3b%24wpc%3d5755%3b%24wpc%3d5813%3b%24wpc%3d5917%3b%24wpc%3d5918%3b%24wpc%3d5977%3b%24wpc%3d5978%3b%24wpc%3d5980%3b%24wpc%3d5982%3b%24wpc%3d5890%3b%24wpc%3d5892%3b%24wpc%3d5893%3b%24wpc%3d5839%3b%24wpc%3d5841%3b%24wpc%3d5844%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5786%3b%24wpc%3d5788%3b%24wpc%3d5791%3b%24wpc%3d5757%3b%24wpc%3d5759%3b%24wpc%3d5762%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d5775%3b%24wpc%3d5739%3b%24wpc%3d5741%3b%24wpc%3d5744%3b%24wpc%3d6052%3b%24wpc%3d6054%3b%24wpc%3d6055%3b%24wpc%3d6057%3b%24wpc%3d6059%3b%24wpc%3d6060%3b%24wpc%3d6001%3b%24wpc%3d6002%3b%24wpc%3d6005%3b%24wpc%3d6006%3b%24wpc%3d6007%3b%24wpc%3d6011%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5973%3b%24wpc%3d5947%3b%24wpc%3d5948%3b%24wpc%3d5951%3b%24wpc%3d5953%3b%24wpc%3d5955%3b%24wpc%3d5956%3b%24wpc%3d5920%3b%24wpc%3d5921%3b%24wpc%3d5924%3b%24wpc%3d5925%3b%24wpc%3d5928%3b%24wpc%3d5929%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5937%3b%24wpc%3d5939%3b%24wpc%3d5941%3b%24wpc%3d5943%3b%24wpc%3d5904%3b%24wpc%3d5906%3b%24wpc%3d5907%3b%24wpc%3d5910%3b%24wpc%3d5912%3b%24wpc%3d5914&acd=1669950376665&envtype=0&opid=3e32fe49-c261-4fc3-b5eb-ddc7481749ac&opdt=1669950376667&siteid=413975&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=18&imptype=0&intgtype=3&pgDomain=https%3a%2f%2ffriends.in.ua%2f&cappid=8357091702173661834&capp=0&mcrdbt=0&insid=9361164&imgid=0&pgid=1388206&fmtid=87205&isLazy=0&rtb=1&rtbnid=1743&rtbbid=1120624953303071251&rtbh=fd2592c1452e6a42d00b02736e7b4709bc15e9aa&rtblt=638055471766876988&rtbet=0&rtbptnid=22&cftgid=a86618ae58d6
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 03:06:16 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame 52B5 531 B
881 B 184ms
53ms Document
text/html 2a02:26f0:3500:12::1730:17ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%2203d07b6c-fcfb-4196-b8a5-ed5b055c188d%22%2c%22adomain%22%3a%22bluemovement.com%22%2c%22page%22%3a%221388206%22%2c%22format%22%3a%2287205%22%2c%22crid%22%3a%2259619775%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2216035%22%2c%22cid%22%3a%222864202%22%2c%22adid%22%3a%2259619775%22%2c%22hash%22%3a%229112482153486109031%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17ba Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 531
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:17 GMT
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires: Sat, 03 Dec 2022 03:06:17 GMT
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame E770 1 KB
2 KB 206ms
141ms Script
text/javascript 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=59619775;rtbwp=nC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw;rtbdata=MX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5fd74f661bff898e35a15ee20244a22c9f4f6517a01ad4f62e752f7b40e92e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1280
expires: -1

GET
H/1.1 200
OK aip
euw2.smartadserver.com/h/ Frame E770 43 B
270 B 142ms
59ms Image
image/gif 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euw2.smartadserver.com/h/aip?uii=1787527609093966972&tmstp=4560561796&ckid=2341258987806980663&systgt=%24qc%3d1313617845%3b%24ql%3dMedium%3b%24qpc%3de1w%3b%24qt%3d78_2531_71929t%3b%24dma%3d0%3b%24b%3d16990%3b%24o%3d11100%3b%24wpc%3d5679%3b%24wpc%3d5753%3b%24wpc%3d5755%3b%24wpc%3d5813%3b%24wpc%3d5917%3b%24wpc%3d5918%3b%24wpc%3d5977%3b%24wpc%3d5978%3b%24wpc%3d5980%3b%24wpc%3d5982%3b%24wpc%3d5890%3b%24wpc%3d5892%3b%24wpc%3d5893%3b%24wpc%3d5839%3b%24wpc%3d5841%3b%24wpc%3d5844%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5786%3b%24wpc%3d5788%3b%24wpc%3d5791%3b%24wpc%3d5757%3b%24wpc%3d5759%3b%24wpc%3d5762%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d5775%3b%24wpc%3d5739%3b%24wpc%3d5741%3b%24wpc%3d5744%3b%24wpc%3d6052%3b%24wpc%3d6054%3b%24wpc%3d6055%3b%24wpc%3d6057%3b%24wpc%3d6059%3b%24wpc%3d6060%3b%24wpc%3d6001%3b%24wpc%3d6002%3b%24wpc%3d6005%3b%24wpc%3d6006%3b%24wpc%3d6007%3b%24wpc%3d6011%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5973%3b%24wpc%3d5947%3b%24wpc%3d5948%3b%24wpc%3d5951%3b%24wpc%3d5953%3b%24wpc%3d5955%3b%24wpc%3d5956%3b%24wpc%3d5920%3b%24wpc%3d5921%3b%24wpc%3d5924%3b%24wpc%3d5925%3b%24wpc%3d5928%3b%24wpc%3d5929%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5937%3b%24wpc%3d5939%3b%24wpc%3d5941%3b%24wpc%3d5943%3b%24wpc%3d5904%3b%24wpc%3d5906%3b%24wpc%3d5907%3b%24wpc%3d5910%3b%24wpc%3d5912%3b%24wpc%3d5914&acd=1669950376583&envtype=0&opid=dbe717e8-36e7-4233-b471-74119a69f5a0&opdt=1669950376583&siteid=413975&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=18&imptype=0&intgtype=3&pgDomain=https%3a%2f%2ffriends.in.ua%2f&cappid=2341258987806980663&capp=0&mcrdbt=0&insid=9361164&imgid=0&pgid=1388206&fmtid=87205&isLazy=0&rtb=1&rtbnid=1743&rtbbid=2648126361552264938&rtbh=88a0182bd9cb7123f831679a58fa4e64c6f0cbdb&rtblt=638055471766019682&rtbet=0&rtbptnid=22&cftgid=a86618ae58d6
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 03:06:17 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame 5B31 531 B
881 B 183ms
54ms Document
text/html 2a02:26f0:3500:12::1730:17ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%228e19c86f-b8ad-4f87-a7d3-fbae043682b3%22%2c%22adomain%22%3a%22bluemovement.com%22%2c%22page%22%3a%221388206%22%2c%22format%22%3a%2287205%22%2c%22crid%22%3a%2259619775%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2216035%22%2c%22cid%22%3a%222864202%22%2c%22adid%22%3a%2259619775%22%2c%22hash%22%3a%229112482153486109031%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17ba Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 531
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:17 GMT
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires: Sat, 03 Dec 2022 03:06:17 GMT
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 1070 1 KB
2 KB 121ms
75ms Script
text/javascript 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=59619775;rtbwp=x5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w;rtbdata=YaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9eb072d3bb656e5d9d661bc0f0a4bca93adf7e2d916cb7fcbdceb926010abdbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1286
expires: -1

GET
H/1.1 200
OK aip
euw2.smartadserver.com/h/ Frame 1070 43 B
270 B 134ms
59ms Image
image/gif 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euw2.smartadserver.com/h/aip?uii=5236550213852648992&tmstp=4808982352&ckid=3136705287716403836&systgt=%24qc%3d1313617845%3b%24ql%3dMedium%3b%24qpc%3de1w%3b%24qt%3d78_2531_71929t%3b%24dma%3d0%3b%24b%3d16990%3b%24o%3d11100%3b%24wpc%3d5679%3b%24wpc%3d5753%3b%24wpc%3d5755%3b%24wpc%3d5813%3b%24wpc%3d5917%3b%24wpc%3d5918%3b%24wpc%3d5977%3b%24wpc%3d5978%3b%24wpc%3d5980%3b%24wpc%3d5982%3b%24wpc%3d5890%3b%24wpc%3d5892%3b%24wpc%3d5893%3b%24wpc%3d5839%3b%24wpc%3d5841%3b%24wpc%3d5844%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5786%3b%24wpc%3d5788%3b%24wpc%3d5791%3b%24wpc%3d5757%3b%24wpc%3d5759%3b%24wpc%3d5762%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d5775%3b%24wpc%3d5739%3b%24wpc%3d5741%3b%24wpc%3d5744%3b%24wpc%3d6052%3b%24wpc%3d6054%3b%24wpc%3d6055%3b%24wpc%3d6057%3b%24wpc%3d6059%3b%24wpc%3d6060%3b%24wpc%3d6001%3b%24wpc%3d6002%3b%24wpc%3d6005%3b%24wpc%3d6006%3b%24wpc%3d6007%3b%24wpc%3d6011%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5973%3b%24wpc%3d5947%3b%24wpc%3d5948%3b%24wpc%3d5951%3b%24wpc%3d5953%3b%24wpc%3d5955%3b%24wpc%3d5956%3b%24wpc%3d5920%3b%24wpc%3d5921%3b%24wpc%3d5924%3b%24wpc%3d5925%3b%24wpc%3d5928%3b%24wpc%3d5929%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5937%3b%24wpc%3d5939%3b%24wpc%3d5941%3b%24wpc%3d5943%3b%24wpc%3d5904%3b%24wpc%3d5906%3b%24wpc%3d5907%3b%24wpc%3d5910%3b%24wpc%3d5912%3b%24wpc%3d5914&acd=1669950376731&envtype=0&opid=790e23c2-be56-49e8-8e87-f70def089e3b&opdt=1669950376731&siteid=413975&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=18&imptype=0&intgtype=3&pgDomain=https%3a%2f%2ffriends.in.ua%2f&cappid=3136705287716403836&capp=0&mcrdbt=0&insid=9361164&imgid=0&pgid=1388206&fmtid=87205&isLazy=0&rtb=1&rtbnid=1743&rtbbid=4665249809442381300&rtbh=4109bc22babef52b444b8a96470a51f4f408aa3f&rtblt=638055471767504366&rtbet=0&rtbptnid=22&cftgid=a86618ae58d6
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 03:06:16 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 Utils_v9-long.js Show response
ssl.connextra.com/services/ActiveAd/ Frame CFEE 4 KB
2 KB 58ms
57ms Script
application/x-javascript 23.79.149.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/services/ActiveAd/Utils_v9-long.js
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2726967389647139504&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FA_xHpuEcuj8yXdKfCz-rPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP7Dy_Y1kItglGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAcCTV1wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21fRqFIwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1NTBA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY1NTA%3D%2Fbn%3D99138%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=2726967389647139504&_cb=1149004572
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.149.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-149-219.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2726967389647139504&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FA_xHpuEcuj8yXdKfCz-rPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP7Dy_Y1kItglGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAcCTV1wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21fRqFIwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1NTBA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY1NTA%3D%2Fbn%3D99138%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=2726967389647139504&_cb=1149004572
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:17 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2010 11:57:50 GMT
server: AkamaiNetStorage
etag: "159f636ee9f642a0c8c12354adf10d7c:1275911870"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 1742

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 266ms
144ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sholke.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 02 Dec 2022 03:06:17 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H3 200 1a Show response
i.clean.gg/ Frame AAB5 0
15 B 264ms
148ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 client Show response
ssl.connextra.com/FIFA/selector/ Frame C41F 1002 B
1 KB 78ms
72ms Document
text/html 23.79.149.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_DE_300x600&_cb=1037144864&apnauc=2384857886618493010&bidid=2384857886618493010&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?j41AvK5f0D-SQpZxoBXBPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP1Igr8OctxghGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA3yM3vgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21iBqKJgjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1ODhA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjY1ODg=/bn=99262/clickenc=
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.149.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-149-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: faa69d639d56fc49b0d21c556a95ba925a57fed658c13af51a9706cd525e79c5

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 686
content-type: text/html;charset=utf-8
date: Fri, 02 Dec 2022 03:06:17 GMT
expires: Fri, 02 Dec 2022 03:06:17 GMT
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
pragma: no-cache
vary: * Accept-Encoding
x-served-by: vlp-cxtadsrv01.connextra.net

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7507 52 KB
17 KB 71ms
69ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=qyeavrze&e=1965574524929
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:17 GMT
ETag: "623de86a-cf34"
Expires: Sat, 03 Dec 2022 03:06:19 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame AAB5 0
815 B 60ms
57ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QK9DvBMPQcAAAMA1gAFAQio16WcBhDSwLydzPOtjCEYmuDwqKL_k_VuKjYJj41AvK5f0D8RkkKWcaAVwT8ZAAAAIIXrwT8hkkKWcaAVwT8pj40JJPCaMQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXi-hwaAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCANKThzJywgMjgwMDU5OTAxLCANFjByJywgMzk4MTc4NTQ2BRbwi5IC3QQhbjM5b3VRakE0SUlhRVBMeDdyMEJHQUFnaTdLVkFUQUNPQUJBQUVpWU9WQ0sySzhLV0FCZ1VtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJDcWdCQ3JBQkFMa0JRamFrUGFGZjBEX0JBVUkycEQyaFg5QV95UUVBQUFBQUFBRHdQOWtCQUFBBQ50OERfZ0FiT18yd1AxQVQzY0RELVlBZ0NnQWdHMUFnASMEQzkJCNhEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NEkyX3JISmhBTEdBSXRBAUPwUkxvRENVWlNRVEU2TmpVNE9PQUQ4aS1BQktTajFRbUlCSjJtMVFtUUJBR1lCQUd5QkFrSXZ1b1JFTHJob2cyNkJCa0k3UWdSdUI2RjYxRzRuajhaAVcNAQBnASw8d1FTNEhvWHJVYmllUDhrRQ0cJEFBQURZQkFEeEIBCw0ByGlBVzhNNUFGLUpOUW1BWDl2OFdGQWFrRkdvYVBpQ21SN2oteEJRQUFBQ0NuaHVJX3dRVQE6IGdwNGJpUDhrRgENIHdONDg3al9SQgEoDQEAMgkoAXTId1AtQUY4TWNCOEFXenY2c0otQVgzOFo4RGdnWURWVk5FaUFZRWtBWUJtQVlBb1FhYW1aAQIwbnRQNmdHQkxJR0pBawFJCQEAQh3PBEJrCRQBAQBDHRhETGdHQ2cuLpoCmQEhaUJxS0pnOmECOEl1eWxRRWdBQ2dBTVpxWgFvXG1lMF9PZ2xHVWtFeE9qWTFPRGhBOGk5SgFcAQEMOEQ5UgEICQEEQloJCAEBBEJoOY0EOXABEgkBBEJ4CQgBAUGtLmkC8D44LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL_ICEQoGQURWX0lEEgc2ODEzOTQz8gISCgZDUEcBFCAIMTk1ODY5OTUBFQgFQ1ABFAAJdXg88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEEBzeJAgDyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwVCghTUExJVAFNGdnw9YADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNODIuMTk5LjEzMC4zOKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI0ZSQTE6NjU4ONoEAggB4AQB8ATy8e69AYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbYi-gUECAAQAJAGAJgGAKIGDzEwMjY0I0ZSQTE6NjU1NLgGAMEGAAAAAAAA8D_QBqkl2gYWChAAAAFFGQFgEAAYAOAGAfIGhwEI-JNQEoABUVJRM1Yxb0Fr2ERBQWtDQlFFSV85dUpDQkRka09JQ0dPLUZuUU1nQnlnQVFPUG4xQWRJM0lEWUIxRHlMMWlhTTN9PwxIZ0FntSMMQUFBSa1jLEpvQkFnZ0FxQUVBcy4gADxBLi6ABwGIBwCgBwG6Bw8IBaAAICFNMLoGQADIB76HBtIHDQkJwAQ0QAG-CNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=e121d58bf22938bf9bf65788f62c51b38e38dbc5&bdref=https%3A%2F%2Ffriends.in.ua%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ffriends.in.ua%2F,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dqyeavrze%26e%3D1965574524929,https%3A%2F%2Fsholke.com%2Fr%2Fp.html%3Ff%3Dqyeavrze%26e%3D1965574524929&

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:17 GMT
AN-X-Request-Uuid: 6895d1e2-187a-4454-b88d-b5451b58ddad
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame 9C77 531 B
881 B 155ms
56ms Document
text/html 2a02:26f0:3500:12::1730:17ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%226b7d8b51-7be9-4237-8876-2189d02db876%22%2c%22adomain%22%3a%22bluemovement.com%22%2c%22page%22%3a%221388206%22%2c%22format%22%3a%2287205%22%2c%22crid%22%3a%2259619775%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2216035%22%2c%22cid%22%3a%222864202%22%2c%22adid%22%3a%2259619775%22%2c%22hash%22%3a%229112482153486109031%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17ba Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 531
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:17 GMT
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires: Sat, 03 Dec 2022 03:06:17 GMT
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame BCE1 1 KB
2 KB 128ms
125ms Script
text/javascript 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=59619775;rtbwp=KPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ;rtbdata=0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

440c80877bb1610d47f3e3af0f19a0a04635209ee419c8cc58f265367e31c5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1283
expires: -1

GET
H/1.1 200
OK aip
euw2.smartadserver.com/h/ Frame BCE1 43 B
270 B 93ms
57ms Image
image/gif 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euw2.smartadserver.com/h/aip?uii=32105259927479505&tmstp=9216929669&ckid=4643713959313865435&systgt=%24qc%3d1313617845%3b%24ql%3dMedium%3b%24qpc%3de1w%3b%24qt%3d78_2531_71929t%3b%24dma%3d0%3b%24b%3d16990%3b%24o%3d11100%3b%24wpc%3d5679%3b%24wpc%3d5753%3b%24wpc%3d5755%3b%24wpc%3d5813%3b%24wpc%3d5917%3b%24wpc%3d5918%3b%24wpc%3d5977%3b%24wpc%3d5978%3b%24wpc%3d5980%3b%24wpc%3d5982%3b%24wpc%3d5890%3b%24wpc%3d5892%3b%24wpc%3d5893%3b%24wpc%3d5839%3b%24wpc%3d5841%3b%24wpc%3d5844%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5786%3b%24wpc%3d5788%3b%24wpc%3d5791%3b%24wpc%3d5757%3b%24wpc%3d5759%3b%24wpc%3d5762%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d5775%3b%24wpc%3d5739%3b%24wpc%3d5741%3b%24wpc%3d5744%3b%24wpc%3d6052%3b%24wpc%3d6054%3b%24wpc%3d6055%3b%24wpc%3d6057%3b%24wpc%3d6059%3b%24wpc%3d6060%3b%24wpc%3d6001%3b%24wpc%3d6002%3b%24wpc%3d6005%3b%24wpc%3d6006%3b%24wpc%3d6007%3b%24wpc%3d6011%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5973%3b%24wpc%3d5947%3b%24wpc%3d5948%3b%24wpc%3d5951%3b%24wpc%3d5953%3b%24wpc%3d5955%3b%24wpc%3d5956%3b%24wpc%3d5920%3b%24wpc%3d5921%3b%24wpc%3d5924%3b%24wpc%3d5925%3b%24wpc%3d5928%3b%24wpc%3d5929%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5937%3b%24wpc%3d5939%3b%24wpc%3d5941%3b%24wpc%3d5943%3b%24wpc%3d5904%3b%24wpc%3d5906%3b%24wpc%3d5907%3b%24wpc%3d5910%3b%24wpc%3d5912%3b%24wpc%3d5914&acd=1669950376732&envtype=0&opid=69d5bf30-a888-47e6-a5c8-9ebf53d40fc6&opdt=1669950376732&siteid=413975&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=18&imptype=0&intgtype=3&pgDomain=https%3a%2f%2ffriends.in.ua%2f&cappid=4643713959313865435&capp=0&mcrdbt=0&insid=9361164&imgid=0&pgid=1388206&fmtid=87205&isLazy=0&rtb=1&rtbnid=1743&rtbbid=6452667043541964841&rtbh=2a5fba9ee011d75beb426efa38d77ff24c1b8c4b&rtblt=638055471767485862&rtbet=0&rtbptnid=22&cftgid=a86618ae58d6
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 03:06:17 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame AD58 0
832 B 57ms
57ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLKFvQXAUoLAAADANYABQEIqNelnAYQxMXFjIOb8IwIGJrg8Kii_5P1bio2CW66DP9BocQ_EeJPtP5-hrU_GQAAACCF68E_IZJClnGgFcE_KY-NQLyuX9A_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXj71wWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCAwKTt1ZigncycsIDI4MDA1OTkwMSwgMCk7dWYoJ3InLCAzOTgxNzg1NDYFVfCLkgKBDyFFYUIyZWdqQTRJSWFFUEx4N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnVW1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQlFqYWtQYUZmMERfQkFVSTJwRDJoWDlBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJPXzJ3UDFBVDNjREQtWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STJfckhKaEFMR0FJdEEBQ-hMb0RDVVpTUVRFNk5UTXlNLUFEOGktQUJLU2oxUW1JQkoybTFRbVFCQUdZQkFHZ0JCU3FCTlVIQ1BfXxUCCHdFURUMFF9fX0FSagEHDQEMOEJJUA0LAQEId0VvAQcRAQhBVEQRCxRfX184Qk8yLAAERkEBFhEBBEFVNlgAAFU2LAAAWREoAQEEQVc2WAAAYTYsAAB3ASQRAQRBWDZYAAhnQUgRGwWUAGk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBTAH5DQEIOEJpOhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAARnQS4tAiEANhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVQt_AEBIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBWAH5DQEhADYQAABrOhAAAG06EACYc2dRSkNMN3FFUkM2NGFJTnVnUVpDTzBJRWJnZWhldFJ1SjRfR1FBoX4FAQBJASw8Y0VFdUI2RjYxRzRual9KQgUaCQEUMkFRQThRLjEAkGdGeXltUUJmaVRVSmdGX2JfRmhRR3BCUnFHajRncGtlNF9zUVUBPSBncDRiaVA4RUYBDRBJS2VHNAFcAUscTURlUE80XzAJKAkBBE5rBSgBAcF88EBCZkRIQWZBRnM3LXJDZmdGOV9HZkE0SUdBMVZUUklnR0JKQUdBWmdHQUtFR21wbVptWm1aN1Qtb0JnU3lCaVFKQQFJCQEAUgkHBQEAWgUGCQEAaAkHAQE8QzRCZ28umgKZASFlaHFwST6FBzRJdXlsUUVnQUNnQU1acQVtWG1lMF9PZ2xHVWtFeE9qVXpNak5BOGk5FXkIOEQ5HXkAQh15BEJoOW0EOXABfwkBBEJ4CQgBAQxCNEFJLo0H9AUBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuMzioBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjUzMjPaBAIIAeAEAfAE8vHuvQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjUzMTi4BgDBBgk1KPA_0AapJdoGFgoQCREZAWAQABgA4AYB8gaHAQj4k1ASgAFZeFJfWFZvIVTgREFBa0NCUUVJXzl1SkNCRGRrT0lDR08tRm5RTWdCeWdBUU9QbjFBZEkzSURZQjFEeUwxakdLWEVBAT0FAQxIZ0FnIjAJDEFBQUkacAksSm9CQWdnQXFBRUFzLiAAPEEuLoAHAYgHAKAHAboHDwgFoEQgADAAOLoGQADIB_vXBdIHDQkJwAQ0QAG-CNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=d5f4580c9fedee9af6fd86b20c5ebe3970daec7c&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=4873359461673888085&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:17 GMT
AN-X-Request-Uuid: 05fa053e-c43a-40dd-9fcd-3ab38910ab4f
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Utils_v9-long.js Show response
ssl.connextra.com/services/ActiveAd/ Frame 874E 4 KB
2 KB 59ms
58ms Script
application/x-javascript 23.79.149.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/services/ActiveAd/Utils_v9-long.js
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=583709661498270404&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FbroM_0GhxD_iT7T-foa1PwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP8RikTHYwBkIGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPyVRWgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21ehqpIgjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMjNA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMjM%3D%2Fbn%3D93179%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=583709661498270404&_cb=1055645968
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.149.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-149-219.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=583709661498270404&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FbroM_0GhxD_iT7T-foa1PwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP8RikTHYwBkIGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPyVRWgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21ehqpIgjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMjNA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMjM%3D%2Fbn%3D93179%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=583709661498270404&_cb=1055645968
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:17 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2010 11:57:50 GMT
server: AkamaiNetStorage
etag: "159f636ee9f642a0c8c12354adf10d7c:1275911870"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 1742

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame 249C 531 B
881 B 97ms
54ms Document
text/html 2a02:26f0:3500:12::1730:17ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%221fc5b950-6c80-47af-9cd4-376cab6b47c7%22%2c%22adomain%22%3a%22bluemovement.com%22%2c%22page%22%3a%221388206%22%2c%22format%22%3a%2287205%22%2c%22crid%22%3a%2259619775%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2216035%22%2c%22cid%22%3a%222864202%22%2c%22adid%22%3a%2259619775%22%2c%22hash%22%3a%229112482153486109031%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17ba Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 531
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:17 GMT
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires: Sat, 03 Dec 2022 03:06:17 GMT
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 2AB9 1 KB
2 KB 80ms
72ms Script
text/javascript 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=59619775;rtbwp=DbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A;rtbdata=sZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c8e415f1f00ee16b5a176e75036c9f9630f1ac4e07c5ec4b2ceb1dd22aba9506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1280
expires: -1

GET
H/1.1 200
OK aip
euw2.smartadserver.com/h/ Frame 2AB9 43 B
270 B 73ms
66ms Image
image/gif 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euw2.smartadserver.com/h/aip?uii=9200339918225548402&tmstp=5621863564&ckid=6376721473564637704&systgt=%24qc%3d1313617845%3b%24ql%3dMedium%3b%24qpc%3de1w%3b%24qt%3d78_2531_71929t%3b%24dma%3d0%3b%24b%3d16990%3b%24o%3d11100%3b%24wpc%3d5679%3b%24wpc%3d5753%3b%24wpc%3d5755%3b%24wpc%3d5813%3b%24wpc%3d5917%3b%24wpc%3d5918%3b%24wpc%3d5977%3b%24wpc%3d5978%3b%24wpc%3d5980%3b%24wpc%3d5982%3b%24wpc%3d5890%3b%24wpc%3d5892%3b%24wpc%3d5893%3b%24wpc%3d5839%3b%24wpc%3d5841%3b%24wpc%3d5844%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5786%3b%24wpc%3d5788%3b%24wpc%3d5791%3b%24wpc%3d5757%3b%24wpc%3d5759%3b%24wpc%3d5762%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d5775%3b%24wpc%3d5739%3b%24wpc%3d5741%3b%24wpc%3d5744%3b%24wpc%3d6052%3b%24wpc%3d6054%3b%24wpc%3d6055%3b%24wpc%3d6057%3b%24wpc%3d6059%3b%24wpc%3d6060%3b%24wpc%3d6001%3b%24wpc%3d6002%3b%24wpc%3d6005%3b%24wpc%3d6006%3b%24wpc%3d6007%3b%24wpc%3d6011%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5973%3b%24wpc%3d5947%3b%24wpc%3d5948%3b%24wpc%3d5951%3b%24wpc%3d5953%3b%24wpc%3d5955%3b%24wpc%3d5956%3b%24wpc%3d5920%3b%24wpc%3d5921%3b%24wpc%3d5924%3b%24wpc%3d5925%3b%24wpc%3d5928%3b%24wpc%3d5929%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5937%3b%24wpc%3d5939%3b%24wpc%3d5941%3b%24wpc%3d5943%3b%24wpc%3d5904%3b%24wpc%3d5906%3b%24wpc%3d5907%3b%24wpc%3d5910%3b%24wpc%3d5912%3b%24wpc%3d5914&acd=1669950376742&envtype=0&opid=54abb416-3fdc-4bc8-b9b4-9a5742151644&opdt=1669950376745&siteid=413975&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=18&imptype=0&intgtype=3&pgDomain=https%3a%2f%2ffriends.in.ua%2f&cappid=6376721473564637704&capp=0&mcrdbt=0&insid=9361164&imgid=0&pgid=1388206&fmtid=87205&isLazy=0&rtb=1&rtbnid=1743&rtbbid=1408047737329708751&rtbh=e0e6dfaac34cc5f88f3b9d5a465c5ac6345d7e35&rtblt=638055471767674490&rtbet=0&rtbptnid=22&cftgid=a86618ae58d6
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 03:06:17 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame E8FF 531 B
881 B 65ms
56ms Document
text/html 2a02:26f0:3500:12::1730:17ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%225f4e11d6-cde2-45c2-94d5-f4e81677e859%22%2c%22adomain%22%3a%22bluemovement.com%22%2c%22page%22%3a%221388206%22%2c%22format%22%3a%2287205%22%2c%22crid%22%3a%2259619775%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2216035%22%2c%22cid%22%3a%222864202%22%2c%22adid%22%3a%2259619775%22%2c%22hash%22%3a%229112482153486109031%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17ba Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 531
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:17 GMT
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires: Sat, 03 Dec 2022 03:06:17 GMT
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame F8CB 1 KB
2 KB 84ms
71ms Script
text/javascript 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=59619775;rtbwp=_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw;rtbdata=zRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8f20e91dbd741fe6d49dc2c0db08cff9aca01e9f07aecf8af3bb997167962daf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1280
expires: -1

GET
H/1.1 200
OK aip
euw2.smartadserver.com/h/ Frame F8CB 43 B
270 B 74ms
62ms Image
image/gif 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euw2.smartadserver.com/h/aip?uii=7444082385093419841&tmstp=1252280101&ckid=4198349288355199639&systgt=%24qc%3d1313617845%3b%24ql%3dMedium%3b%24qpc%3de1w%3b%24qt%3d78_2531_71929t%3b%24dma%3d0%3b%24b%3d16990%3b%24o%3d11100%3b%24wpc%3d5679%3b%24wpc%3d5753%3b%24wpc%3d5755%3b%24wpc%3d5813%3b%24wpc%3d5917%3b%24wpc%3d5918%3b%24wpc%3d5977%3b%24wpc%3d5978%3b%24wpc%3d5980%3b%24wpc%3d5982%3b%24wpc%3d5890%3b%24wpc%3d5892%3b%24wpc%3d5893%3b%24wpc%3d5839%3b%24wpc%3d5841%3b%24wpc%3d5844%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5786%3b%24wpc%3d5788%3b%24wpc%3d5791%3b%24wpc%3d5757%3b%24wpc%3d5759%3b%24wpc%3d5762%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d5775%3b%24wpc%3d5739%3b%24wpc%3d5741%3b%24wpc%3d5744%3b%24wpc%3d6052%3b%24wpc%3d6054%3b%24wpc%3d6055%3b%24wpc%3d6057%3b%24wpc%3d6059%3b%24wpc%3d6060%3b%24wpc%3d6001%3b%24wpc%3d6002%3b%24wpc%3d6005%3b%24wpc%3d6006%3b%24wpc%3d6007%3b%24wpc%3d6011%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5973%3b%24wpc%3d5947%3b%24wpc%3d5948%3b%24wpc%3d5951%3b%24wpc%3d5953%3b%24wpc%3d5955%3b%24wpc%3d5956%3b%24wpc%3d5920%3b%24wpc%3d5921%3b%24wpc%3d5924%3b%24wpc%3d5925%3b%24wpc%3d5928%3b%24wpc%3d5929%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5937%3b%24wpc%3d5939%3b%24wpc%3d5941%3b%24wpc%3d5943%3b%24wpc%3d5904%3b%24wpc%3d5906%3b%24wpc%3d5907%3b%24wpc%3d5910%3b%24wpc%3d5912%3b%24wpc%3d5914&acd=1669950376858&envtype=0&opid=b2078c8a-0882-4e80-92f0-b05c0ed944d1&opdt=1669950376858&siteid=413975&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=18&imptype=0&intgtype=3&pgDomain=https%3a%2f%2ffriends.in.ua%2f&cappid=4198349288355199639&capp=0&mcrdbt=0&insid=9361164&imgid=0&pgid=1388206&fmtid=87205&isLazy=0&rtb=1&rtbnid=1743&rtbbid=3381505178722409336&rtbh=8532dedda07c9d38983e475573313fee17863cb7&rtblt=638055471768766975&rtbet=0&rtbptnid=22&cftgid=a86618ae58d6
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 03:06:17 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame 0FA9 531 B
881 B 60ms
60ms Document
text/html 2a02:26f0:3500:12::1730:17ba
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22c25f301b-e2ef-456b-8988-418a936595ed%22%2c%22adomain%22%3a%22bluemovement.com%22%2c%22page%22%3a%221388206%22%2c%22format%22%3a%2287205%22%2c%22crid%22%3a%2259619775%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2216035%22%2c%22cid%22%3a%222864202%22%2c%22adid%22%3a%2259619775%22%2c%22hash%22%3a%229112482153486109031%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17ba Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 531
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:17 GMT
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires: Sat, 03 Dec 2022 03:06:17 GMT
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame A069 1 KB
2 KB 75ms
73ms Script
text/javascript 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=59619775;rtbwp=Es49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA;rtbdata=4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

216d9fd8badd63ea3ea54b2f8f857b6c385f114669bb111fbe9abc364d5520f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1284
expires: -1

GET
H/1.1 200
OK aip
euw2.smartadserver.com/h/ Frame A069 43 B
270 B 62ms
61ms Image
image/gif 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euw2.smartadserver.com/h/aip?uii=2449095111095527474&tmstp=7415021801&ckid=5076842831086942742&systgt=%24qc%3d1313617845%3b%24ql%3dMedium%3b%24qpc%3de1w%3b%24qt%3d78_2531_71929t%3b%24dma%3d0%3b%24b%3d16990%3b%24o%3d11100%3b%24wpc%3d5679%3b%24wpc%3d5753%3b%24wpc%3d5755%3b%24wpc%3d5813%3b%24wpc%3d5917%3b%24wpc%3d5918%3b%24wpc%3d5977%3b%24wpc%3d5978%3b%24wpc%3d5980%3b%24wpc%3d5982%3b%24wpc%3d5890%3b%24wpc%3d5892%3b%24wpc%3d5893%3b%24wpc%3d5839%3b%24wpc%3d5841%3b%24wpc%3d5844%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5786%3b%24wpc%3d5788%3b%24wpc%3d5791%3b%24wpc%3d5757%3b%24wpc%3d5759%3b%24wpc%3d5762%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d5775%3b%24wpc%3d5739%3b%24wpc%3d5741%3b%24wpc%3d5744%3b%24wpc%3d6052%3b%24wpc%3d6054%3b%24wpc%3d6055%3b%24wpc%3d6057%3b%24wpc%3d6059%3b%24wpc%3d6060%3b%24wpc%3d6001%3b%24wpc%3d6002%3b%24wpc%3d6005%3b%24wpc%3d6006%3b%24wpc%3d6007%3b%24wpc%3d6011%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5973%3b%24wpc%3d5947%3b%24wpc%3d5948%3b%24wpc%3d5951%3b%24wpc%3d5953%3b%24wpc%3d5955%3b%24wpc%3d5956%3b%24wpc%3d5920%3b%24wpc%3d5921%3b%24wpc%3d5924%3b%24wpc%3d5925%3b%24wpc%3d5928%3b%24wpc%3d5929%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5937%3b%24wpc%3d5939%3b%24wpc%3d5941%3b%24wpc%3d5943%3b%24wpc%3d5904%3b%24wpc%3d5906%3b%24wpc%3d5907%3b%24wpc%3d5910%3b%24wpc%3d5912%3b%24wpc%3d5914&acd=1669950376808&envtype=0&opid=95bbea3b-637c-4de9-ad93-235db201a308&opdt=1669950376808&siteid=413975&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=18&imptype=0&intgtype=3&pgDomain=https%3a%2f%2ffriends.in.ua%2f&cappid=5076842831086942742&capp=0&mcrdbt=0&insid=9361164&imgid=0&pgid=1388206&fmtid=87205&isLazy=0&rtb=1&rtbnid=1743&rtbbid=4578350183099338342&rtbh=934a951aa39c864c705cb5a35f7191b93563a59a&rtblt=638055471768265822&rtbet=0&rtbptnid=22&cftgid=a86618ae58d6
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 02 Dec 2022 03:06:17 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 4DE3 284 B
536 B 240ms
56ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 075D 284 B
536 B 236ms
57ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 571B 284 B
536 B 227ms
57ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 04D5 284 B
536 B 175ms
54ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame DFFB 34 KB
16 KB 332ms
138ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59619775;rtbwp=Wcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw;rtbdata=GSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 03 Dec 2022 06:20:27 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 1070 34 KB
16 KB 357ms
166ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59619775;rtbwp=x5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w;rtbdata=YaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 03 Dec 2022 06:20:27 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame D9C4 34 KB
16 KB 403ms
213ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59619775;rtbwp=GvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA;rtbdata=_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 03 Dec 2022 06:20:27 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7507 0
744 B 58ms
58ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:18 GMT
AN-X-Request-Uuid: c1dc69a5-3bd5-42df-84c3-9bbe313a6e2e
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 controller Show response
ssl.connextra.com/servlet/ Frame 7E8D 1 KB
843 B 59ms
58ms Document
text/html 23.79.149.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2384857886618493010&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fj41AvK5f0D-SQpZxoBXBPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP1Igr8OctxghGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA3yM3vgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21iBqKJgjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1ODhA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY1ODg%3D%2Fbn%3D99262%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=2384857886618493010&_cb=1037144864
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_DE_300x600&_cb=1037144864&apnauc=2384857886618493010&bidid=2384857886618493010&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?j41AvK5f0D-SQpZxoBXBPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP1Igr8OctxghGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA3yM3vgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21iBqKJgjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1ODhA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjY1ODg=/bn=99262/clickenc=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.149.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-149-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ada010ff26dcf50d70711d8d9d35a597d1f7dbeec8d7972cd7c198f5f6176fc9

Request headers

Referer: https://ssl.connextra.com/FIFA/selector/client?client=FIFA&placement=DDM_APN_SB_BRA_DE_300x600&_cb=1037144864&apnauc=2384857886618493010&bidid=2384857886618493010&dspid=3bc1d7fd2e&tclk=https://fra1-ib.adnxs.com/click?j41AvK5f0D-SQpZxoBXBPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP1Igr8OctxghGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA3yM3vgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21iBqKJgjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1ODhA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8./cca=NzMyMCNGUkExOjY1ODg=/bn=99262/clickenc=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-length: 684
content-type: text/html;charset=UTF-8
date: Fri, 02 Dec 2022 03:06:18 GMT
expires: Fri, 02 Dec 2022 03:14:49 GMT
vary: Accept-Encoding
x-served-by: vlp-cxtadsrv11.connextra.net

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame E770 34 KB
16 KB 399ms
232ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59619775;rtbwp=nC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw;rtbdata=MX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 03 Dec 2022 06:20:27 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame C811 34 KB
16 KB 399ms
233ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59619775;rtbwp=M9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw;rtbdata=KaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 03 Dec 2022 06:20:27 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame BCE1 34 KB
16 KB 399ms
233ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59619775;rtbwp=KPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ;rtbdata=0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 03 Dec 2022 06:20:27 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 2AB9 34 KB
16 KB 395ms
234ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59619775;rtbwp=DbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A;rtbdata=sZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 03 Dec 2022 06:20:27 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame F8CB 34 KB
16 KB 377ms
234ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59619775;rtbwp=_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw;rtbdata=zRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 03 Dec 2022 06:20:27 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame A069 34 KB
16 KB 377ms
234ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59619775;rtbwp=Es49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA;rtbdata=4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 03 Dec 2022 06:20:27 GMT

GET
H2 200 300x600.png
ssl.connextra.com/resources/FIFA/DE_SB_BRA_FifaWorldCupNov2022/ Frame 402A 159 KB
159 KB 64ms
63ms Image
image/png 23.79.149.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.connextra.com/resources/FIFA/DE_SB_BRA_FifaWorldCupNov2022/300x600.png
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=5831884733180408428&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FA_xHpuEcuj8yXdKfCz-rPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP2zyPSREBO9QGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAByPXXQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21fhq_IwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMDlA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMDk%3D%2Fbn%3D93154%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=5831884733180408428&_cb=1527560491
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.149.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-149-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c9ce265ce2b48d817939e2bf23231279055d2ca8943fc89d0e95adac38ef27e6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=5831884733180408428&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FA_xHpuEcuj8yXdKfCz-rPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP2zyPSREBO9QGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAByPXXQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21fhq_IwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMDlA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMDk%3D%2Fbn%3D93154%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=5831884733180408428&_cb=1527560491
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
last-modified: Wed, 16 Nov 2022 14:40:03 GMT
accept-ranges: bytes
etag: W/"162460-1668609603000"
content-length: 162460
content-type: image/png

GET
H2 200 300x600.png
ssl.connextra.com/resources/FIFA/DE_SB_BRA_FifaWorldCupNov2022/ Frame C633 159 KB
159 KB 117ms
117ms Image
image/png 23.79.149.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.connextra.com/resources/FIFA/DE_SB_BRA_FifaWorldCupNov2022/300x600.png
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2072409584920642530&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FCY9SCZo7zz8-v05TVEvAPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP-JDT5KJrcIcGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA1yKuIwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21fhrFIwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU0NDRA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU0NDQ%3D%2Fbn%3D93351%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=2072409584920642530&_cb=276731986
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.149.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-149-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c9ce265ce2b48d817939e2bf23231279055d2ca8943fc89d0e95adac38ef27e6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2072409584920642530&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FCY9SCZo7zz8-v05TVEvAPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP-JDT5KJrcIcGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA1yKuIwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21fhrFIwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjU0NDRA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjU0NDQ%3D%2Fbn%3D93351%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=2072409584920642530&_cb=276731986
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
last-modified: Wed, 16 Nov 2022 14:40:03 GMT
accept-ranges: bytes
etag: W/"162460-1668609603000"
content-length: 162460
content-type: image/png

GET
H2 200 300x600.png
ssl.connextra.com/resources/FIFA/DE_SB_BRA_FifaWorldCupNov2022/ Frame CFEE 159 KB
159 KB 151ms
151ms Image
image/png 23.79.149.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.connextra.com/resources/FIFA/DE_SB_BRA_FifaWorldCupNov2022/300x600.png
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2726967389647139504&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FA_xHpuEcuj8yXdKfCz-rPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP7Dy_Y1kItglGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAcCTV1wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21fRqFIwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1NTBA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY1NTA%3D%2Fbn%3D99138%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=2726967389647139504&_cb=1149004572
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.149.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-149-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c9ce265ce2b48d817939e2bf23231279055d2ca8943fc89d0e95adac38ef27e6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2726967389647139504&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FA_xHpuEcuj8yXdKfCz-rPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP7Dy_Y1kItglGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAcCTV1wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21fRqFIwjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1NTBA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY1NTA%3D%2Fbn%3D99138%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=2726967389647139504&_cb=1149004572
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
last-modified: Wed, 16 Nov 2022 14:40:03 GMT
accept-ranges: bytes
etag: W/"162460-1668609603000"
content-length: 162460
content-type: image/png

GET
H2 200 300x600.png
ssl.connextra.com/resources/FIFA/DE_SB_BRA_FifaWorldCupNov2022/ Frame 874E 159 KB
159 KB 158ms
156ms Image
image/png 23.79.149.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.connextra.com/resources/FIFA/DE_SB_BRA_FifaWorldCupNov2022/300x600.png
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=583709661498270404&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FbroM_0GhxD_iT7T-foa1PwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP8RikTHYwBkIGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPyVRWgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21ehqpIgjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMjNA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMjM%3D%2Fbn%3D93179%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=583709661498270404&_cb=1055645968
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.149.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-149-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c9ce265ce2b48d817939e2bf23231279055d2ca8943fc89d0e95adac38ef27e6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=583709661498270404&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FbroM_0GhxD_iT7T-foa1PwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP8RikTHYwBkIGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgAPyVRWgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21ehqpIgjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjUzMjNA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjUzMjM%3D%2Fbn%3D93179%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=583709661498270404&_cb=1055645968
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
last-modified: Wed, 16 Nov 2022 14:40:03 GMT
accept-ranges: bytes
etag: W/"162460-1668609603000"
content-length: 162460
content-type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5750 0
0 92ms
91ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=3477844337653359&rc=
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame AAB5 0
832 B 62ms
61ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QKmDPBMJgYAAAMA1gAFAQio16WcBhDSwLydzPOtjCEYmuDwqKL_k_VuKjYJj41AvK5f0D8RkkKWcaAVwT8ZAAAAIIXrwT8hkkKWcaAVwT8pj40JJPCaMQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXi-hwaAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCANKThzJywgMjgwMDU5OTAxLCANFjByJywgMzk4MTc4NTQ2BRbwi5IC3QQhbjM5b3VRakE0SUlhRVBMeDdyMEJHQUFnaTdLVkFUQUNPQUJBQUVpWU9WQ0sySzhLV0FCZ1VtZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJDcWdCQ3JBQkFMa0JRamFrUGFGZjBEX0JBVUkycEQyaFg5QV95UUVBQUFBQUFBRHdQOWtCQUFBBQ50OERfZ0FiT18yd1AxQVQzY0RELVlBZ0NnQWdHMUFnASMEQzkJCNhEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NEkyX3JISmhBTEdBSXRBAUPwUkxvRENVWlNRVEU2TmpVNE9PQUQ4aS1BQktTajFRbUlCSjJtMVFtUUJBR1lCQUd5QkFrSXZ1b1JFTHJob2cyNkJCa0k3UWdSdUI2RjYxRzRuajhaAVcNAQBnASw8d1FTNEhvWHJVYmllUDhrRQ0cJEFBQURZQkFEeEIBCw0ByGlBVzhNNUFGLUpOUW1BWDl2OFdGQWFrRkdvYVBpQ21SN2oteEJRQUFBQ0NuaHVJX3dRVQE6IGdwNGJpUDhrRgENIHdONDg3al9SQgEoDQEAMgkoAXTId1AtQUY4TWNCOEFXenY2c0otQVgzOFo4RGdnWURWVk5FaUFZRWtBWUJtQVlBb1FhYW1aAQIwbnRQNmdHQkxJR0pBawFJCQEAQh3PBEJrCRQBAQBDHRhETGdHQ2cuLpoCmQEhaUJxS0pnOmECOEl1eWxRRWdBQ2dBTVpxWgFvXG1lMF9PZ2xHVWtFeE9qWTFPRGhBOGk5SgFcAQEMOEQ5UgEICQEEQloJCAEBBEJoOY0EOXABEgkBBEJ4CQgBAUGtLmkC9AUBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuMzioBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjY1ODjaBAIIAeAEAfAE8vHuvQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjY1NTS4BgDBBgk1KPA_0AapJdoGFgoQCREZAWAQABgA4AYB8gaHAQj4k1ASgAFRUlEzVjFvIVTYREFBa0NCUUVJXzl1SkNCRGRrT0lDR08tRm5RTWdCeWdBUU9QbjFBZEkzSURZQjFEeUwxaWFNM10oDEhnQWeVDAxBQUFJjUwsSm9CQWdnQXFBRUFzLiAAPEEuLoAHAYgHAKAHAboHDwgFoEQgADAAOLoGQADIB76HBtIHDQkJwAQ0QAG-CNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=00ea031d245df80bbb813db6cbb898810b99106b&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=600&sid=4873359461673888085&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=600&ww=300&wh=600&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:18 GMT
AN-X-Request-Uuid: dff42666-3f7b-4bf4-8f4c-c9e2f885e2e2
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Utils_v9-long.js Show response
ssl.connextra.com/services/ActiveAd/ Frame 7E8D 4 KB
2 KB 178ms
178ms Script
application/x-javascript 23.79.149.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.connextra.com/services/ActiveAd/Utils_v9-long.js
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2384857886618493010&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fj41AvK5f0D-SQpZxoBXBPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP1Igr8OctxghGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA3yM3vgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21iBqKJgjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1ODhA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY1ODg%3D%2Fbn%3D99262%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=2384857886618493010&_cb=1037144864
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.149.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-149-219.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2384857886618493010&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fj41AvK5f0D-SQpZxoBXBPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP1Igr8OctxghGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA3yM3vgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21iBqKJgjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1ODhA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY1ODg%3D%2Fbn%3D99262%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=2384857886618493010&_cb=1037144864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2010 11:57:50 GMT
server: AkamaiNetStorage
etag: "159f636ee9f642a0c8c12354adf10d7c:1275911870"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
content-length: 1742

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 8A41 36 KB
16 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 19:32:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Dec 2023 19:32:08 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4A54 0
744 B 58ms
57ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:18 GMT
AN-X-Request-Uuid: b61ac866-1566-4704-9688-145fae75434e
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A573 0
744 B 60ms
60ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:18 GMT
AN-X-Request-Uuid: f910620a-f0e4-42d8-b354-9f0a8f4b46a3
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame DFFB 7 KB
3 KB 72ms
72ms Script
text/javascript 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=59619775;rtbwp=Wcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw;rtbdata=GSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2;js=1;adfxid=1x;5131;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffriends.in.ua

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ece1396d2793d15de84e18a6a5527b7e52bf44bc6e56901e7e5e35d5093b8a0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2861
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 1070 7 KB
3 KB 72ms
72ms Script
text/javascript 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=59619775;rtbwp=x5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w;rtbdata=YaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2;js=1;adfxid=2x;2053;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffriends.in.ua

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d541aa62c506c4ff9167e15f7c9e9e967b1bdf8f92118237ad55a6a3864f67a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2871
expires: -1

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6C0F 0
744 B 57ms
57ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:18 GMT
AN-X-Request-Uuid: 70036d67-a30c-437e-a54f-a9644df34759
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 62CF 0
744 B 73ms
73ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:18 GMT
AN-X-Request-Uuid: 3d3747b4-c4b7-4fd8-883e-6abc5555c4ba
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 300x600.png
ssl.connextra.com/resources/FIFA/DE_SB_BRA_FifaWorldCupNov2022/ Frame 7E8D 159 KB
159 KB 58ms
57ms Image
image/png 23.79.149.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssl.connextra.com/resources/FIFA/DE_SB_BRA_FifaWorldCupNov2022/300x600.png
Requested by: Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2384857886618493010&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fj41AvK5f0D-SQpZxoBXBPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP1Igr8OctxghGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA3yM3vgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21iBqKJgjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1ODhA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY1ODg%3D%2Fbn%3D99262%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=2384857886618493010&_cb=1037144864
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.149.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-149-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c9ce265ce2b48d817939e2bf23231279055d2ca8943fc89d0e95adac38ef27e6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssl.connextra.com/servlet/controller?service=DDM_SB_BRA_DE_FifaWorldCupNov2022_300x600&pubhost=sholke.com&apnauc=2384857886618493010&tclk=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3Fj41AvK5f0D-SQpZxoBXBPwAAACCF68E_kkKWcaAVwT-PjUC8rl_QP1Igr8OctxghGjAcJfpP6m6oa4ljAAAAAArsSwEYKAAAmBwAAAIAAADyuLsXC1klAAAAAABVU0QARVVSACwBWAJ-MAAAAAABAQUCAAAAANgA3yM3vgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%21iBqKJgjA4IIaEPLx7r0BGIuylQEgACgAMZqZmZmZme0_OglGUkExOjY1ODhA8i9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhuB6F61G4nj9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DNzMyMCNGUkExOjY1ODg%3D%2Fbn%3D99262%2Fclickenc%3D&client=FIFA&dspid=3bc1d7fd2e&placement=DDM_APN_SB_BRA_DE_300x600&bidid=2384857886618493010&_cb=1037144864
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
last-modified: Wed, 16 Nov 2022 14:40:03 GMT
accept-ranges: bytes
etag: W/"162460-1668609603000"
content-length: 162460
content-type: image/png

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame D9C4 7 KB
3 KB 80ms
80ms Script
text/javascript 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=59619775;rtbwp=GvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA;rtbdata=_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2;js=1;adfxid=3x;7027;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffriends.in.ua

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0cbd829caf6481245426144a1f2d5d27ebc85834e6ce21a7d9feb53bd1cf1f71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2869
expires: -1

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8A41 0
10 B 53ms
53ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Khk_wg
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame DFFB 35 KB
12 KB 172ms
60ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 247680
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sN80zqj46KdDFpJ2BikIA41BBimXxW4Pz6bpxtZJ4IPxDZGAgp%2F9HrHencBNJqCDwjcldp%2BPp4u4UmJIcRz6fGM2JQIAO7FX1TRBvQJ41BzKoCiBOJnK6ADzh%2Bg%2FmlM8CQvGK6I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7730d88a197f06d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 29 Nov 2022 06:18:07 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame DFFB 35 B
465 B 72ms
72ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=59619775&csi=sCXHqiGYCPWP_PuntyOufzJIKsL4aPWEpprkm5emzGfZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 1070 35 KB
12 KB 203ms
103ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 247680
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIH3Jt6utaiHKCHkQ%2FPHDCA6zjUtYjLFw890T6%2BjUn%2BLDb6B36x0uN3KYGJOWCekkvopxb%2BYVkcE0Y4qd6Nk9Wx9A4DvC%2FBlcDUIWbqKEmFAMHcI6H%2Fp%2FmZcngR9hPQt%2FoPD%2BdM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7730d88a198006d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 29 Nov 2022 06:18:07 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 1070 35 B
465 B 80ms
80ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=59619775&csi=R9l6ebuSu8KtbEmgdF3xwiymX1QUMApMpprkm5emzGfZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/jsmetrics/ Frame 1070 43 B
208 B 79ms
78ms Image
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/jsmetrics/?sid=276&rid=10436&cid=35187&adfserve=85&asset=358&deviceType=Desktop

Requested by

Host: sholke.com
URL: https://sholke.com/r/p.html?f=nnibtkoy&e=1965574524929

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 22 Jul 2016 06:55:37 GMT
server: nginx
etag: "5791c369-2b"
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame DFFB 34 KB
15 KB 85ms
84ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 03 Dec 2022 06:24:54 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame E770 7 KB
3 KB 76ms
75ms Script
text/javascript 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=59619775;rtbwp=nC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw;rtbdata=MX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2;js=1;adfxid=4x;4932;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffriends.in.ua

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ec745d98e0660fe0fc5ccbf5b66d7cb9381b708f5276b1d133a613f085e21ec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2864
expires: -1

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 1070 34 KB
15 KB 79ms
78ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 03 Dec 2022 06:24:54 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame C811 7 KB
3 KB 72ms
72ms Script
text/javascript 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=59619775;rtbwp=M9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw;rtbdata=KaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2;js=1;adfxid=5x;10505;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffriends.in.ua

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ef873eff64fdbf3aad9ff01b9c6769486adb6f8a6913b7798158d206a2c71da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2871
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame BCE1 7 KB
3 KB 72ms
72ms Script
text/javascript 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=59619775;rtbwp=KPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ;rtbdata=0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2;js=1;adfxid=6x;9978;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffriends.in.ua

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ba596ee2020ea5cd3eb5a6356a5604dedba161599b0d7b2001f0509f588733d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2873
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame F8CB 7 KB
3 KB 72ms
72ms Script
text/javascript 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=59619775;rtbwp=_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw;rtbdata=zRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2;js=1;adfxid=7x;1855;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffriends.in.ua

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

3d49508dd0138a36ce38733bacb139489669212d365b7a2cf460d0b8c45bc2f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2867
expires: -1

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame D9C4 35 KB
12 KB 151ms
94ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 247680
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQXU0CjVNmvCwFxhmStSET9sTZygdRzfqJeWNgwqfgMuxN8vbCLaD11%2BJwD4FhswjLeeozJ%2FIpQjBwa0rOMz4bA%2BGMIIn9HkKqxgmwM%2Fzl3PORyXE9Sr12ucMPNYFjbO1Ive0vY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7730d88a198306d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 29 Nov 2022 06:18:07 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame D9C4 35 B
465 B 87ms
87ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=59619775&csi=b9SDZ0tkTfflZp1UTb2jeSLhCaagPz5Spprkm5emzGfZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame A069 7 KB
3 KB 80ms
80ms Script
text/javascript 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=59619775;rtbwp=Es49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA;rtbdata=4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2;js=1;adfxid=8x;1661;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffriends.in.ua

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d1a6f1a3318a1a4bee3b13bd4c93c229915b58b75c5a7ffad4e54636c2632859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2871
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 2AB9 7 KB
3 KB 93ms
93ms Script
text/javascript 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=59619775;rtbwp=DbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A;rtbdata=sZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2;js=1;adfxid=9x;5293;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffriends.in.ua

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

191f89ea7eacd2b0a10107c7f3eee4e35d43e53c33c3de37b68e527a3078943b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2867
expires: -1

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame D9C4 34 KB
15 KB 78ms
77ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 03 Dec 2022 06:24:54 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame FD7F 0
832 B 57ms
56ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLGFvQXAUYLAAADANYABQEIqNelnAYQ7OT3ocKIwfdQGJrg8Kii_5P1bio2CQP8R6bhHLo_ETJd0p8LP6s_GQAAACCF68E_IZJClnGgFcE_KY-NQLyuX9A_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXji1wWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCAwKTt1ZigncycsIDI4MDA1OTkwMSwgMCk7dWYoJ3InLCAzOTgxNzg1NDYFVfCLkgL9DiFUNTlPWEFqQTRJSWFFUEx4N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnVW1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQlFqYWtQYUZmMERfQkFVSTJwRDJoWDlBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJPXzJ3UDFBVDNjREQtWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STJfckhKaEFMR0FJdEEBQ9hMb0RDVVpTUVRFNk5UTXdPZUFEOGktQUJLU2oxUW1JQkoybTFRbVFCQUdZQkFHcUJOVUhDUF9fFQIId0VRFQwUX19fQVJqAQcNAQw4QklQDQsBAQh3RW8BBxEBCEFURBELFF9fXzhCTzIsAARGQQEWEQEEQVU2WAAAVTYsAABZESgBAQRBVzZYAABhNiwAAHcBJBEBBEFYNlgACGdBSBEbBZQAaToQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FMAfkNAQg4Qmk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAABGdBLi0CIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBVC38AQEhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FYAfkNASEANhAAAGs6EAAAbToQAJhzZ1FKQ0w3cUVSQzY0YUlOdWdRWkNPMElFYmdlaGV0UnVKNF9HUUGhegUBAEkBLDxjRUV1QjZGNjFHNG5qX0pCBRoJARQyQVFBOFEuMQCQZ0Z2U21RQmZpVFVKZ0ZfYl9GaFFHcEJScUdqNGdwa2U0X3NRVQE9IGdwNGJpUDhFRgENEElLZUc0AVwBSxxNRGVQTzRfMAkoCQEETmsFKAEBwXjwQEJmREhBZkFGczctckNmZ0Y5X0dmQTRJR0ExVlRSSWdHQkpBR0FaZ0dBS0VHbXBtWm1abVo3VC1vQmdTeUJpUUpBAUkJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIWZocV9JdzqBBzRJdXlsUUVnQUNnQU1acQVtWG1lMF9PZ2xHVWtFeE9qVXpNRGxBOGk5FXkIOEQ5HXkAQh15BEJoOW0EOXABfwkBBEJ4CQgBAQxCNEFJLokH9AUBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuMzioBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjUzMDnaBAIIAeAEAfAE8vHuvQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjY1NDa4BgDBBgk1KPA_0AapJdoGFgoQCREZAWAQABgA4AYB8gaHAQj4k1ASgAFUUlNYV2xvIVTgREFBa0NCUUVJXzl1SkNCRGRrT0lDR08tRm5RTWdCeWdVUU9QbjFBZEkzSURZQjFEeUwxaVNNM0VBAT0FAQxIZ0FnIiwJDEFBQUkabAksSm9CQWdnQXFBRUFzLiAAPEEuLoAHAYgHAKAHAboHDwgFoEQgADAAOLoGQADIB-LXBdIHDQkJwAQ0QAG-CNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=f0b69b46e842f011b14a7a623ef5b07c5bc1e145&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=1&sid=4873359461673888085&vd=ct~0|rr~6&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=pv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:18 GMT
AN-X-Request-Uuid: 4d31c969-9067-4423-87f9-d02fc70358e7
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame C2C5 0
832 B 60ms
59ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QKmDPQXASYGAAADANYABQEIqNelnAYQ4oe9kpmxq-EcGJrg8Kii_5P1bio2CQmPUgmaO88_ET6_TlNUS8A_GQAAACCF68E_IZJClnGgFcE_KY-NQLyuX9A_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXin2QWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCAwKTt1ZigncycsIDI4MDA1OTkwMSwgMCk7dWYoJ3InLCAzOTgxNzg1NDYFVfCLkgLdBCFsSC1wcmdqQTRJSWFFUEx4N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnVW1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQlFqYWtQYUZmMERfQkFVSTJwRDJoWDlBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJPXzJ3UDFBVDNjREQtWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STJfckhKaEFMR0FJdEEBQ_BSTG9EQ1VaU1FURTZOVFEwTk9BRDhpLUFCS1NqMVFtSUJKMm0xUW1RQkFHWUJBR3lCQWtJdnVvUkVMcmhvZzI2QkJrSTdRZ1J1QjZGNjFHNG5qOFoBVw0BAGcBLDx3UVM0SG9YclViaWVQOGtFDRwkQUFBRFlCQUR4QgELDQHIaUFYRUtwQUYtSk5RbUFYOXY4V0ZBYWtGR29hUGlDbVI3ai14QlFBQUFDQ25odUlfd1FVATogZ3A0YmlQOGtGAQ0gd040ODdqX1JCASgNAQAyCSgBdMh3UC1BRjhNY0I4QVd6djZzSi1BWDM4WjhEZ2dZRFZWTkVpQVlFa0FZQm1BWUFvUWFhbVoBAjBudFA2Z0dCTElHSkFrAUkJAQBCHc8EQmsJFAEBAEMdGERMZ0dDZy4umgKZASFmaHJGSXc6YQI4SXV5bFFFZ0FDZ0FNWnFaAW9cbWUwX09nbEdVa0V4T2pVME5EUkE4aTlKAVwBAQw4RDlSAQgJAQRCWgkIAQEEQmg5jQQ5cAESCQEEQngJCAEBQa0uaQL0BQE4LtgCAOACm4VO6gIWaHR0cHM6Ly9mcmllbmRzLmluLnVhL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNODIuMTk5LjEzMC4zOKgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADSBA43MzIwI0ZSQTE6NTQ0NNoEAggB4AQB8ATy8e69AYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbYi-gUECAAQAJAGAJgGAKIGDzEwMjY0I0ZSQTE6NTY3OLgGAMEGCTUo8D_QBqkl2gYWChAJERkBYBAAGADgBgHyBocBCPiTUBKAAVRoU2hXVm8hVNhEQUFrQ0JRRUlfOXVKQ0JEZGtPSUNHTy1GblFNZ0J5Z0FRT1BuMUFkSTNJRFlCMUR5TDFpdUxIXSgMSGdBZ5UMDEFBQUmNTCxKb0JBZ2dBcUFFQXMuIAA8QS4ugAcBiAcAoAcBugcPCAWgRCAAMAA4ugZAAMgHp9kF0gcNCQnABDRAAb4I2gcGCSdo4AcA6gcCCADwB-72A4oIAhAAlQgAAIA_mAgB&s=808da0bce40c35ee8d56a17ccfd4770bbdf344e0&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=1&sid=4873359461673888085&vd=ct~0|rr~6&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=pv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:18 GMT
AN-X-Request-Uuid: 3df23631-c45d-428b-8cc3-95ee4e9b17e7
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame E770 35 KB
13 KB 60ms
57ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 247680
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZmrvheagOuH7PS2B8MBlnJyWz9hAE6pICDqpM0r6mXHNsvTvRqjAstbXgS3v1em0ybpoKIL5%2F4qV7imLTpzBu%2FfnFwzi3lqCseZ3N3l2Hcm4miEbIJ%2FxwdJBa%2Fy9u%2B2DdcuxBE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7730d88a198206d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 29 Nov 2022 06:18:07 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame E770 35 B
465 B 75ms
73ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=59619775&csi=Ggy4oZzTFaSmqje8ZEhPGQhXTvaGN90Apprkm5emzGfZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame C811 35 KB
12 KB 64ms
63ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 247680
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlfLtVxITe8gzuMwBaObl0ro3A5uLYqEEPY78CLN3AVT5bZhiraEPy8Ik9a%2FaYrYQh%2BNK4SbC5U6IAeFGENlemj0GbV8hBwWFqIanoT2H14pS%2BGxfWa2htcBNueBtexg7a100SI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7730d88a198406d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 29 Nov 2022 06:18:07 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame C811 35 B
465 B 74ms
74ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=59619775&csi=-9MHgi1x7HlZ9IHgJtpe22DPuz7yukQBpprkm5emzGfZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame BCE1 35 KB
12 KB 93ms
92ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 247680
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OC%2FKK3rnVPGUrhisdHzsxDBNnj8gYAr1d5akYUNl4ioOo8eH1%2FMoEtaqQovKwFIZsDBDCtRgjKbu6fV5%2B42pu1F%2Bp0jomgcK6DMLIWiKXKzUFqc5DsXjxOEE5O5EIFP4jfJX11g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7730d88a298b06d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 29 Nov 2022 06:18:07 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame BCE1 35 B
465 B 71ms
71ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=59619775&csi=SXJ2Ln3NpJazrO1AqBY2EssSuJtwtvwapprkm5emzGfZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame F8CB 35 KB
12 KB 89ms
88ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 247680
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKsZJJsMa4ypVqz%2BAE4R2J3BoUhYB0a9d4EnoXz1jrXEHt2e1pOEonepBoB60YdhHt2IiklKtQzUPk1sGb%2Fufstj9E18T2N6EeRXoqNcQp3CLqnSQMiSkVMGTfD9kdspdmUa3Uo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7730d88a299106d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 29 Nov 2022 06:18:07 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame F8CB 35 B
465 B 74ms
74ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=59619775&csi=7I47nS5wipeBE2ua7otUigKpRwS1AHMSpprkm5emzGfZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame E770 34 KB
15 KB 80ms
80ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 03 Dec 2022 06:24:54 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame C811 34 KB
15 KB 78ms
77ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 03 Dec 2022 06:24:54 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame BCE1 34 KB
15 KB 78ms
78ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 03 Dec 2022 06:24:54 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame A069 35 KB
12 KB 71ms
71ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 247680
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAWgvKSSgaA0lx99MPGZr%2BM84d6Q2LoKjzY020hFGaWzQEHZ6zyjGt5PK3kcC81Yi8UhI22x8yuU%2FBCtsGnjZn52L8n9pKIzviuJvc7cXsCXjlAefx6m7w5f54GP6Um2JXymenU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7730d88a49a906d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 29 Nov 2022 06:18:07 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame A069 35 B
465 B 74ms
74ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=59619775&csi=vOBBEwusbE481f-OBbi-6qmC0nl8rnjEpprkm5emzGfZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame F8CB 34 KB
15 KB 405ms
404ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 03 Dec 2022 06:24:54 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame A069 34 KB
15 KB 401ms
389ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 03 Dec 2022 06:24:54 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 2AB9 35 KB
13 KB 132ms
56ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 247681
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHhpDg%2B1uwzjZRUmy7rWt6Bj9J%2BIJxPdY3rN%2BU%2Bi18VtaOFiWxl0DgOVL71pAjVqoaJQ1TIjS7WRJ0MHf0cirHz%2FuIYFkOo6CJcmED%2FrY7vA89slkqJoGw9gzowbdfFkxLqGndQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7730d88ae804887f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 29 Nov 2022 06:18:07 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 2AB9 35 B
465 B 82ms
74ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=59619775&csi=7h48mG9lGG0nBdKjce5dz42NeTl0DwTppprkm5emzGfZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 2AB9 34 KB
15 KB 393ms
390ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 03 Dec 2022 06:24:54 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame D051 88 KB
29 KB 425ms
56ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Dec 2022 03:06:19 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 083A 2 KB
1 KB 165ms
117ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 132045
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7730d88ae802887f-LHR
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 02 Dec 2022 03:06:18 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4vsImaT6EMYfcd92x5pqsCGPNF06XiFATCAVIhKauZoym0z8Gv%2Blrh6tVTJRPvsJuwAs6LO06qbqjaIRwMjYed3XFv7cXhGoWJPn1bSGkkmb4Z0AqcP%2BjSnKZq7BIsQeyXg92M%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame 78F7 2 KB
1 KB 162ms
118ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 132045
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7730d88ae806887f-LHR
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 02 Dec 2022 03:06:18 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7eVj8FJCNsuuuG2zrX2%2FhHhutek245rmJ57a7%2Bs1RKiCQoydDTypq6%2BGlt%2B6bcXBZH1COLz0RPYQKRAwHQ6i2egn3B79jeaxtbjVyw2GD3L7N7Mfimx%2BSVLk4uATVErv3UgG4U%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame E011 2 KB
1 KB 114ms
110ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 132045
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7730d88af81e887f-LHR
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 02 Dec 2022 03:06:18 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KCSfxvIDghlj9Tf%2BIDcfKd9T8um5Lk9S1gW3AF0%2BWiwxATiOXKwnv1g6SZoazRmILY12E2ZizY9b%2FTj5avWQH7cuuT%2BqY%2FdQXAO71ei6FNf7CKxk4ZezKP%2FW2mgy80Clfuxxvg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK action
www8.smartadserver.com/track/ Frame 2E47 43 B
163 B 444ms
51ms Image
image/gif 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.smartadserver.com/track/action?sid=1669950376841&pid=1388206&iid=9361164&fmtid=87205&cid=0&key=viewcount&rtb=1&rtbbid=6857784089187623367&rtbet=0&rtblt=638055471764960251&rtbnid=1743&rtbh=1ca6129b45b2c8663dd858f52f7691b515964719&ts=1669950376841
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1 200
OK action
www8.smartadserver.com/track/ Frame 6791 43 B
163 B 445ms
52ms Image
image/gif 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.smartadserver.com/track/action?sid=1669950376861&pid=1388206&iid=9361164&fmtid=87205&cid=0&key=viewcount&rtb=1&rtbbid=7215316244132796710&rtbet=0&rtblt=638055471765507014&rtbnid=1743&rtbh=7d142814941b74529911ffa86677fe1bd382ea50&ts=1669950376861
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
transfer-encoding: chunked
content-type: image/gif

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame C85A 0
832 B 92ms
92ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLGFvQXAUYLAAADANYABQEIqNelnAYQsOX378jMiOwlGJrg8Kii_5P1bio2CQP8R6bhHLo_ETJd0p8LP6s_GQAAACCF68E_IZJClnGgFcE_KY-NQLyuX9A_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXjChgaAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCAwKTt1ZigncycsIDI4MDA1OTkwMSwgMCk7dWYoJ3InLCAzOTgxNzg1NDYFVfCLkgL9DiFNWjgzUlFqQTRJSWFFUEx4N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnVW1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQlFqYWtQYUZmMERfQkFVSTJwRDJoWDlBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJPXzJ3UDFBVDNjREQtWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STJfckhKaEFMR0FJdEEBQ9hMb0RDVVpTUVRFNk5qVTFNT0FEOGktQUJLU2oxUW1JQkoybTFRbVFCQUdZQkFHcUJOVUhDUF9fFQIId0VRFQwUX19fQVJqAQcNAQw4QklQDQsBAQh3RW8BBxEBCEFURBELFF9fXzhCTzIsAARGQQEWEQEEQVU2WAAAVTYsAABZESgBAQRBVzZYAABhNiwAAHcBJBEBBEFYNlgACGdBSBEbBZQAaToQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FMAfkNAQg4Qmk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAABGdBLi0CIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBVC38AQEhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FYAfkNASEANhAAAGs6EAAAbToQAJhzZ1FKQ0w3cUVSQzY0YUlOdWdRWkNPMElFYmdlaGV0UnVKNF9HUUGhegUBAEkBLDxjRUV1QjZGNjFHNG5qX0pCBRoJARQyQVFBOFEuMQCQZ0Zsak9RQmZpVFVKZ0ZfYl9GaFFHcEJScUdqNGdwa2U0X3NRVQE9IGdwNGJpUDhFRgENEElLZUc0AVwBSxxNRGVQTzRfMAkoCQEETmsFKAEBwXjwQEJmREhBZkFGczctckNmZ0Y5X0dmQTRJR0ExVlRSSWdHQkpBR0FaZ0dBS0VHbXBtWm1abVo3VC1vQmdTeUJpUUpBAUkJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIWZScUZJdzqBBzRJdXlsUUVnQUNnQU1acQVtWG1lMF9PZ2xHVWtFeE9qWTFOVEJBOGk5FXkIOEQ5HXkAQh15BEJoOW0EOXABfwkBBEJ4CQgBAQxCNEFJLokH9AUBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuMzioBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjY1NTDaBAIIAeAEAfAE8vHuvQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjU3Njm4BgDBBgk1KPA_0AapJdoGFgoQCREZAWAQABgA4AYB8gaHAQj4k1ASgAFLaFFFVTFvIVTgREFBa0NCUUVJXzl1SkNCRGRrT0lDR08tRm5RTWdCeWdBUU9QbjFBZEkzSURZQjFEeUwxaUpMWEVBAT0FAQxIZ0FnIiwJDEFBQUkabAksSm9CQWdnQXFBRUFzLiAAPEEuLoAHAYgHAKAHAboHDwgFoEQgADAAOLoGQADIB8KGBtIHDQkJwAQ0QAG-CNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=8a2466be5a0aea7363d05e7b28a76cb3c4700bf0&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=1&sid=4873359461673888085&vd=ct~0|rr~6&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=pv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:18 GMT
AN-X-Request-Uuid: 13486102-892f-4f31-a504-bdf4ee6542be
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame E3EA 2 KB
1 KB 95ms
95ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 132045
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7730d88b083f887f-LHR
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 02 Dec 2022 03:06:18 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ap6xaM5AwBZ7fwWwADSpCXBjN8wq0ZamTaqrevW0FdyLoRGUUcxqHgeiY6lKTgWdDFa4R39jyzmaOfasG98tJxKFUYSxVAAaT5Y5ea7guTx31uZG%2FpB3Z0%2FrbBvtDPVw8Zs77Vo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame 9668 2 KB
1 KB 84ms
84ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 132045
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7730d88b2852887f-LHR
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 02 Dec 2022 03:06:18 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORCk8fvAuM%2B5DZTZ6PyWyAR%2BGZ69MtDFMwPtoBAUPTietKng8ED%2FUx5thWs5zWiDJGLaeyfV0V9vt8YID9U186pdxDhBqQOw0bM1aGzjSDySWswuHeR%2Ft4Oy6qXpD3dBykyZzWc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame 7E52 2 KB
1 KB 58ms
52ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 132045
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7730d88bb8c2887f-LHR
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 02 Dec 2022 03:06:18 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqHbx5lpp7SqXiWGFYAzfamr0Hx0VXgklemqmPVrQIUiGfsNFiq4KYTKLEKWu4wrg5Hjx9X7QfqtbWG%2FIlEBi9jSOejBshmoYgwCXyOxeAJlSWfL%2BfFk%2Fc9ZOo3SGEk7yM5R0Lk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame 182E 2 KB
1 KB 54ms
53ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 132045
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7730d88bc8c4887f-LHR
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 02 Dec 2022 03:06:18 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qqv0zUJxNd0PXWHmAe4%2FyCEp6iSBl3e9JSKAtXTcKdsB%2B%2FZIGcXh8jws52Uui9%2FSoqnxsF7P6zfH4w2Oh2UeRhJq2B4NoB7frxC6g%2BqgZIR4kmxmwMzL2QSBD1GReDzs27bmcXM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame FB16 2 KB
1 KB 57ms
56ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 132045
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7730d88c091b887f-LHR
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 02 Dec 2022 03:06:18 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdcaMQeVAd2hmMeSHXbpw7lQP8mLJXRsSCSSAqafIiz1Sph182UhQRT2wfTRI92QoizMQqX5rXCxX%2BODi6QYX29oh2Sccnif4NikHhYQw3kDgii1PYr3aux%2FtnEkOV7Vv4hF%2FJs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame 30A5 2 KB
1 KB 53ms
52ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 132045
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7730d88c1920887f-LHR
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 02 Dec 2022 03:06:18 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbBCFIG9Wyv1fJv8rkR8j95Fa3qzIC7ipOAEJ%2BMK2tHmcldZRMDITKl406CPYWQ%2Bp6fW%2FLsmCs6AMmmf%2Fb1aiUZpIdWZb9j4VtWoM9hpgVaJkdo8RoZVO13vwYd773r%2FRa1KQd4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK action
www8.smartadserver.com/track/ Frame 5C9F 43 B
163 B 269ms
53ms Image
image/gif 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.smartadserver.com/track/action?sid=1669950376958&pid=1388206&iid=9361164&fmtid=87205&cid=0&key=viewcount&rtb=1&rtbbid=2648126361552264938&rtbet=0&rtblt=638055471766019682&rtbnid=1743&rtbh=88a0182bd9cb7123f831679a58fa4e64c6f0cbdb&ts=1669950376958
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=zxkwnuxhs&e=1965574524929
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1 200
OK action
www8.smartadserver.com/track/ Frame F8AF 43 B
163 B 275ms
59ms Image
image/gif 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.smartadserver.com/track/action?sid=1669950376995&pid=1388206&iid=9361164&fmtid=87205&cid=0&key=viewcount&rtb=1&rtbbid=4665249809442381300&rtbet=0&rtblt=638055471767504366&rtbnid=1743&rtbh=4109bc22babef52b444b8a96470a51f4f408aa3f&ts=1669950376995
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1 200
OK action
www8.smartadserver.com/track/ Frame AC96 43 B
163 B 267ms
51ms Image
image/gif 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.smartadserver.com/track/action?sid=1669950376946&pid=1388206&iid=9361164&fmtid=87205&cid=0&key=viewcount&rtb=1&rtbbid=1120624953303071251&rtbet=0&rtblt=638055471766876988&rtbnid=1743&rtbh=fd2592c1452e6a42d00b02736e7b4709bc15e9aa&ts=1669950376946
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=vygrucsc&e=1965574524929
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1 200
OK action
www8.smartadserver.com/track/ Frame 8653 43 B
163 B 260ms
53ms Image
image/gif 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.smartadserver.com/track/action?sid=1669950376974&pid=1388206&iid=9361164&fmtid=87205&cid=0&key=viewcount&rtb=1&rtbbid=6452667043541964841&rtbet=0&rtblt=638055471767485862&rtbnid=1743&rtbh=2a5fba9ee011d75beb426efa38d77ff24c1b8c4b&ts=1669950376974
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
transfer-encoding: chunked
content-type: image/gif

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame AD58 0
832 B 58ms
57ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ffriends.in.ua%2F&e=wqT_3QLKFvQXAUoLAAADANYABQEIqNelnAYQxMXFjIOb8IwIGJrg8Kii_5P1bio2CW66DP9BocQ_EeJPtP5-hrU_GQAAACCF68E_IZJClnGgFcE_KY-NQLyuX9A_MQAAAEDheoQ_MIrYrwo4mFBAmDlIAlDy8e69AViLspUBYABo_uCwAXj71wWAAQGKAQNVU0SSAQNFVVKYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCaXVmKCdhJywgNjgxMzk0MywgMCk7dWYoJ2knLCA3NzkwNTE1LCAwKTt1ZignZycsIDE5NTg2OTk1LCAwKTt1ZigncycsIDI4MDA1OTkwMSwgMCk7dWYoJ3InLCAzOTgxNzg1NDYFVfCLkgKBDyFFYUIyZWdqQTRJSWFFUEx4N3IwQkdBQWdpN0tWQVRBQ09BQkFBRWlZT1ZDSzJLOEtXQUJnVW1nQWNBQjRBSUFCQUlnQkFKQUJBWmdCQWFBQkNxZ0JDckFCQUxrQlFqYWtQYUZmMERfQkFVSTJwRDJoWDlBX3lRRUFBQUFBQUFEd1A5a0JBQUEFDnQ4RF9nQWJPXzJ3UDFBVDNjREQtWUFnQ2dBZ0cxQWcBIwRDOQkI2ERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdDQUF3R1lBd0dpQXc0STJfckhKaEFMR0FJdEEBQ-hMb0RDVVpTUVRFNk5UTXlNLUFEOGktQUJLU2oxUW1JQkoybTFRbVFCQUdZQkFHZ0JCU3FCTlVIQ1BfXxUCCHdFURUMFF9fX0FSagEHDQEMOEJJUA0LAQEId0VvAQcRAQhBVEQRCxRfX184Qk8yLAAERkEBFhEBBEFVNlgAAFU2LAAAWREoAQEEQVc2WAAAYTYsAAB3ASQRAQRBWDZYAAhnQUgRGwWUAGk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBTAH5DQEIOEJpOhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAARnQS4tAiEANhAAAGs6EAAAbToQAABvOhAAAHE6EAAAczoQAAB1OhAAAHc6EAAAeToQAAAwOhAAADI6EAAANDoQAAA2OhAAADg6EAAALToQAAhnQVQt_AEBIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBWAH5DQEhADYQAABrOhAAAG06EACYc2dRSkNMN3FFUkM2NGFJTnVnUVpDTzBJRWJnZWhldFJ1SjRfR1FBoX4FAQBJASw8Y0VFdUI2RjYxRzRual9KQgUaCQEUMkFRQThRLjEAkGdGeXltUUJmaVRVSmdGX2JfRmhRR3BCUnFHajRncGtlNF9zUVUBPSBncDRiaVA4RUYBDRBJS2VHNAFcAUscTURlUE80XzAJKAkBBE5rBSgBAcF88EBCZkRIQWZBRnM3LXJDZmdGOV9HZkE0SUdBMVZUUklnR0JKQUdBWmdHQUtFR21wbVptWm1aN1Qtb0JnU3lCaVFKQQFJCQEAUgkHBQEAWgUGCQEAaAkHAQE8QzRCZ28umgKZASFlaHFwST6FBzRJdXlsUUVnQUNnQU1acQVtWG1lMF9PZ2xHVWtFeE9qVXpNak5BOGk5FXkIOEQ5HXkAQh15BEJoOW0EOXABfwkBBEJ4CQgBAQxCNEFJLo0H9AUBOC7YAgDgApuFTuoCFmh0dHBzOi8vZnJpZW5kcy5pbi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuMzioBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA0gQONzMyMCNGUkExOjUzMjPaBAIIAeAEAfAE8vHuvQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW2IvoFBAgAEACQBgCYBgCiBg8xMDI2NCNGUkExOjUzMTi4BgDBBgk1KPA_0AapJdoGFgoQCREZAWAQABgA4AYB8gaHAQj4k1ASgAFZeFJfWFZvIVTgREFBa0NCUUVJXzl1SkNCRGRrT0lDR08tRm5RTWdCeWdBUU9QbjFBZEkzSURZQjFEeUwxakdLWEVBAT0FAQxIZ0FnIjAJDEFBQUkacAksSm9CQWdnQXFBRUFzLiAAPEEuLoAHAYgHAKAHAboHDwgFoEQgADAAOLoGQADIB_vXBdIHDQkJwAQ0QAG-CNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=d5f4580c9fedee9af6fd86b20c5ebe3970daec7c&type=pv&jm=1003&px=0&py=0&bw=300&bh=600&sf=0.8&sid=4873359461673888085&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21752842&cid=3&cr=nv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:18 GMT
AN-X-Request-Uuid: ee2801d6-9fe5-4cae-83e0-8685766cd8f8
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://sholke.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK action
www8.smartadserver.com/track/ Frame B4F1 43 B
163 B 326ms
63ms Image
image/gif 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.smartadserver.com/track/action?sid=1669950377010&pid=1388206&iid=9361164&fmtid=87205&cid=0&key=viewcount&rtb=1&rtbbid=1408047737329708751&rtbet=0&rtblt=638055471767674490&rtbnid=1743&rtbh=e0e6dfaac34cc5f88f3b9d5a465c5ac6345d7e35&ts=1669950377010
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=mtpwcn&e=1965574524929
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
transfer-encoding: chunked
content-type: image/gif

POST
H3 200 rs Show response
ad4m.at/ Frame E770 1 KB
1 KB 94ms
90ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3c6da7d2c1b3f54a0b6b70e706fddd7fac5dcebb28dc4b4b3eaef6d1f8d3637

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fg1gOPPr%2BHyQO%2FQaX%2Fk62iGVKXrZhHalMsU%2FSDRtSuVO190mTx5ezqZK1pnxscwF1Mmbuu2g8kQx4CFHBEMTghxtNFafshPRzp9elW4yZERWpsptijcD27pn2EBJc3CMtbv4RLo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cf-ray: 7730d88d7a6e72ba-LHR
x-backend-server: aa-reachservice-group-europe-west1-ktgt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 125ms
78ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sholke.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://sholke.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7730d88cea1c72ba-LHR
content-length: 24
content-type: text/plain
date: Fri, 02 Dec 2022 03:06:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4zlZXl10IDrqNL2cNvpIzw3XMaXa0ad4MfeXJjezrchGwD3ITVnhO0%2Bgb5SEJLKxROjkdyRhm8x51%2BxrO%2BIFRdnJQ%2Bj9HAdLQQsHphizYc44NPv%2FP23JUXXM%2B%2FGP6RE7bJd6yY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-ktgt

POST
H3 200 rs Show response
ad4m.at/ Frame DFFB 1 KB
1 KB 102ms
95ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed7650d92891f78ed522c5551444dd32ee65d9abc9da25d3b2a3ec079e2bae3c

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mMmVksjDHzCKfN7ZE%2BEPIX6iN847pV1%2FbC7OYFiouLIqaSTRJwqmxkVrYus6aj8KV7ezzLwPtJGIYFVgdM8TRlS730d7rbIVDTr8JnmwhXglE4KpGOGW4a9shrIo%2FGVnFpG7ZA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cf-ray: 7730d88d7a6c72ba-LHR
x-backend-server: aa-reachservice-group-europe-west1-ktgt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 120ms
75ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sholke.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://sholke.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7730d88cea1d72ba-LHR
content-length: 24
content-type: text/plain
date: Fri, 02 Dec 2022 03:06:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hepvjCm3MRm3CmNkDVsJ9YNg1SlhFZwQ1L67TxSRV0ZCIMMIBkXKMebphpnRxvF8LSMP3MO06bo5p2j3N%2BEEmKNT8DX9%2BTcEXa6XoJ1wo%2B74Jo0ZDPVim9WvAanwWI8D1Zy9CIQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-ktgt

POST
H3 200 rs Show response
ad4m.at/ Frame C811 1 KB
1 KB 99ms
93ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0e641dde8d7e6695dd34925b9777784c31994054729a217a358c7aafd407151

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HECfuZNQncEJLyrjICi%2BfwoqsIlUaxn7jtcMzHIgQGDIGJE%2B7ZxjWQfL8wHTv7887WiDwD03w0r7GUqWosiwvv0i%2B0An%2FrjFiu8SH%2BEAwTf%2Bs7%2BC6l%2F1T2%2BQjMo28uKz6nTf6YU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cf-ray: 7730d88d7a7472ba-LHR
x-backend-server: aa-reachservice-group-europe-west1-v578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 126ms
81ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sholke.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://sholke.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7730d88cea1972ba-LHR
content-length: 24
content-type: text/plain
date: Fri, 02 Dec 2022 03:06:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwzLsAQxNmOLOvITC0x3kfeQ85pv9qSFliMXftyAUcJkN8GjGZ2mbpsJzSkUKJYsyuSWdi06M69l8bNJjmtbxXxDSWT5b8DV1MMUVWMUu54NfsuY20nxvmk9i9NlD0dazMuySDQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-v578

POST
H3 200 rs Show response
ad4m.at/ Frame D9C4 1 KB
1 KB 98ms
93ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2979899ff0e0d7252b21e06101a094d9a1f26d738a4ef10b2b0d288144ca0444

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C47X6J01Ah0SvIlydYt69jVFwKgMYQlkGYf%2FQUCYj5iFxUUz%2BhUSWwose8G%2FAxFhcFK0dty%2FUevBg9c6JypsIwb3z6%2BHx0LA5piqTPOyuwSAfa15oRF%2FvG%2F0xlm2fuQzF%2FZaikQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cf-ray: 7730d88d7a7372ba-LHR
x-backend-server: aa-reachservice-group-europe-west1-v578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 123ms
80ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sholke.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://sholke.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7730d88cea1a72ba-LHR
content-length: 24
content-type: text/plain
date: Fri, 02 Dec 2022 03:06:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qzTkz7n9hajBkwOpZaUcOTwppWsExUWGS3fTaxgQL3Hyzff4DTyna4vwmORCBJ0gTBW2psqkiIKCBThput%2BnL0kyfyUycUjL8ksK4%2Fgn%2BC6p%2F5qn2AIfTzsGQp1g5%2FJPSX2GHU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-v578

POST
H3 200 rs Show response
ad4m.at/ Frame 1070 1 KB
1 KB 104ms
96ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13f8275cbf4e7c804ad0f9bff131ac159811afe0c5405e965b1b3c8c1f2de945

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bh2jwFRqISspM23BWNRYzpxRjisUpfu6FXLVYZITDaMz08cbQO3RdSYbC26TaX%2BomzV%2F4c2qbTdCwXfFT4vUlQC1IyWWgcp%2FF%2FHCDlMgFWauUFfQ0gACIOGqV3cw7jz5e9MA%2B%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cf-ray: 7730d88d6a6a72ba-LHR
x-backend-server: aa-reachservice-group-europe-west1-ktgt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 111ms
69ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sholke.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://sholke.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7730d88cea1772ba-LHR
content-length: 24
content-type: text/plain
date: Fri, 02 Dec 2022 03:06:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J22cEvR1C5zaMSVWaWTAOblJSqlaa%2FVzvzhvyONbSy2vr9qxOGttPGQg9GAX7nj%2FHZBWDq50c0z48nFuFi0wZm9Xfg%2FBiiJRxJkrSezdV%2BovpLBX8%2Fiz5VM3gOiDL4ULElKDGHA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-ktgt

POST
H3 200 rs Show response
ad4m.at/ Frame F8CB 1 KB
1 KB 80ms
71ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62298b3c0bebba797fe5720908a0e0dd1f83367e44403041cc0d992c2e722bc3

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7XHeMeXHjNao8rwNSPMylwTcz%2B114fH3MAyCd5H%2B1zPeh4AbG2u5slPBPcoEMRjQt%2FJmRDgOwtDPMMAyPQBAe%2BjodTLkQaBtqkHpR%2BPootsNcc74qUkLUiG4wObt5bL2k9Buas%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cf-ray: 7730d88d5a6172ba-LHR
x-backend-server: aa-reachservice-group-europe-west1-ktgt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame BCE1 1 KB
1 KB 91ms
84ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b501542cfbefe3c6690454ceeb1a625dce5d1dac9c075f79e5e31bded6cb1937

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2IASeUyQaEGjAuiFz1CBo3FF5xT4zECVwHPJwHl15iqbKpQPE18C5x5jDVMSKb392TzLlCHz4tZHec89fauOrJRwDQoQRyW7cOtX64hoUhvSDSOQBhxAZd66vIrlg%2FiOndDEVks%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cf-ray: 7730d88d6a6b72ba-LHR
x-backend-server: aa-reachservice-group-europe-west1-ktgt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK action
www8.smartadserver.com/track/ Frame ADAA 43 B
163 B 228ms
62ms Image
image/gif 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.smartadserver.com/track/action?sid=1669950377099&pid=1388206&iid=9361164&fmtid=87205&cid=0&key=viewcount&rtb=1&rtbbid=4578350183099338342&rtbet=0&rtblt=638055471768265822&rtbnid=1743&rtbh=934a951aa39c864c705cb5a35f7191b93563a59a&ts=1669950377099
Requested by: Host: sholke.com
URL: https://sholke.com/r/p.html?f=xlgcilhn&e=1965574524929
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:18 GMT
transfer-encoding: chunked
content-type: image/gif

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 85ms
66ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sholke.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://sholke.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7730d88cea1872ba-LHR
content-length: 24
content-type: text/plain
date: Fri, 02 Dec 2022 03:06:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4FXi6v7ko0LLMwgFRmg9P1shT356unR5dAAhwiD%2FycokJirKW3dHpj0bJ%2F224dcGfSRTybgwWFdjAXVe05R%2F4J6s7cBv3CAXjM1p4q5fpc9rAmFFkaWSVOPK5XfytRLAHwze3w%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-ktgt

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 93ms
73ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sholke.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://sholke.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7730d88cea1e72ba-LHR
content-length: 24
content-type: text/plain
date: Fri, 02 Dec 2022 03:06:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upoBBTzkjHeXY11xS49h2OjRZokxzbHE2IZylJNV%2BsUzSWfgmjn5hz1G6RW91B90VY1NVqloOFx8vVfX7feQpRPReHW%2B74ICHY22j8jtU4omTJ6yfqRqjccjyoHcgzB8PnmPoNU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-ktgt

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D051 0
0 104ms
104ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=3477844337653359&bg=!zM-lz4vNAAbvMpMzzzI7ACkAdvg8WkWiI8FAcZXLlY0c_O4HqxKfLkgKHajwLducR9QAfAb00tC76gIAAACuUgAAAANoAQeZAtLaGH_CDZsU2FL586BaLCwdTtCi37O5sw_lU-zKLY8DXc8s9k9eTM1tnw3W3hPEtANdY3F5HUDKn11pfUq5RErAwWyl4oOLQ5r_lQjJLqk6nC3D5D-a02IIKE0Xew1divUe8eMSE-zRI4CTAD90PqQbFO_TBimoyuEM0fqyMl5eUjic05jXehsa5gPjMeNCrjcZdMPYMoGfcCH5OCh0Q5v5bN-HKoF29wc924cbQ1PHYkHyozf8Eb5zYVAtKhEdKAR2KSrCAyIXjW-hatH_dO4csrAmM8SrEQeY3CRkm3yjM0fx7FOTi7Uyw2UGKgOHV1P2Pk0dYx8nfCT37ajypvvtB0vSxAukaxKdLrN25DXMChXS9aSWQBcYL29RZtCd8A8BDTQIw5Ofdih9fjES5mBO_YZQx1em_VmhT0jFdLDIGzDfNxj06X_KJjXOlMbRH4TW_F0vcu-XU8J3QKvicoSdXwYzZ9E4OA3Up-3v4MR_2hKnyAUtO27tdHdntW2aVjcwOAv-8KFV7_5htDMPTmUiDOMuxHPXr7TDlLjxbPt9YOfrgsYRdrUYHavUyw1NcdCrmw68m_Znn4W0aihkE3STRB1AKAk9WvYbWT3ErYTLIknINYYwWPG7LWAdzUN-fLRppMoIqo0vK6ihRQMUItCDDG1ISZ2gWIQhCa66J479p8-qZBCZkjmP3_XOSicTY1QmPHTW1oCv1m5NqMEjljYI_PvsR797jrkILfR8gr9cJddcxejwnxaCR24DShsvS--vs50W6vgrQgso8J_CHHRdPZ-xOKXSzmJm7D13EIv116Y0nX7u4RMxleeolv3VdXQgGX5zw2eReoG4CMwpROsjzf0wwEhBog7-0Dw0fi0IRidLiP5tJ9cdSAjh7KqcdcEDiB7XnR-6Li3veH0pwQfruChtTGph1ioL8zZBqJI66aZGZzqYjBuDXP2OsxAXPvl9yg
Requested by: Host: friends.in.ua
URL: https://friends.in.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H3 200 rs Show response
ad4m.at/ Frame A069 1 KB
1 KB 136ms
133ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c3c5b8c4015ae50c8b6e0feab18c737d7440f5b3384cbb8e979f265b87e9667

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRrBtIhHvSJz8%2F3ewCP8OhZJx%2Fvp8psOynCNscZHcpaNNzpUJdUyOP1uPtfXjDkQqpr2b7TyJbcSCCM3fWEK0jp5Cen5mksKxtUtDXjm0jQ2K7alqPAdjuBhyUhjr0vaZkfn350%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cf-ray: 7730d88d7a7172ba-LHR
x-backend-server: aa-reachservice-group-europe-west1-v578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 94ms
79ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sholke.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://sholke.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7730d88cea1b72ba-LHR
content-length: 24
content-type: text/plain
date: Fri, 02 Dec 2022 03:06:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPCyVMsMfoZKjhvgenTKq1Hnxl2vZglfDCcV5l%2BYPZ767IVR6U6TGd64IZn1RfTvC33MvDQyJO8gthGzimz2W%2FLDH1yP13i4s%2FJB1YxOggyFPkB2aWxJrEylpM3Fh93047l2V%2BE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-v578

POST
H3 200 rs Show response
ad4m.at/ Frame 2AB9 1 KB
1 KB 84ms
76ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84f9e55423a6e74d0fc05bdf28b1010e51fc3ce420d47a4a096a7e7a12dd4f75

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrythKEwfN1yI1rIucuOk2W9kw6F%2BStY%2FgScRKa2F2K1uQavb3%2BZZH3hJebB6MTPTi7odOGuAO3%2Bb1bGnbwh7tlUOOoZzRgWiYCD0ydIULKjdcEicZoHyS3FeW7Jq6StzJnORaE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://sholke.com
access-control-allow-credentials: true
cf-ray: 7730d88d6a6772ba-LHR
x-backend-server: aa-reachservice-group-europe-west1-ktgt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 77ms
66ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sholke.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://sholke.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7730d88cea2072ba-LHR
content-length: 24
content-type: text/plain
date: Fri, 02 Dec 2022 03:06:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTbzQ3TE6J0LLhmgrTPJ%2BtONbhQ4ICXqig19A6Yjxk%2FC5uKPySadHRCAdm%2FScFZ1PoGsEP04Bqeqzl6qqTRN%2B3EGfD11sLuYWQkpBLjGQ%2FAROsNfQaAqU4h5ayVRCMb5yR2BmTQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-ktgt

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7507 0
744 B 61ms
61ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=1986887&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=1986887

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:19 GMT
AN-X-Request-Uuid: cf436eaf-c151-4fe9-96cd-5bc6144d4f3d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 99ms
98ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d6dcba35ce9dc1f66fa87185f1886cd8ae8b236d2618fb28f65ba96479cd9bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11119
x-xss-protection: 0

GET
H2 204 stats
x01.aidata.io/ Frame 7B45 0
40 B 102ms
99ms Image
text/plain 89.108.120.76
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/stats?pixel=VIBOOM&v=1669950375400&url=https%3A%2F%2Ffriends.in.ua%2F&is_js_referrer=1&origin_referrer=&pid=VIBOOM&js=1&sid=939567fc4818438ea58e668371c0069a&__upin=ERjBqPFO/Ml2WZymwihJGQ&id=9a55578d4f950aacbea7b1d918835f8a&url=https%3A%2F%2Ffriends.in.ua%2F&payload=%7B%22event%22%3A%22referrer%22%2C%22type%22%3A%22referrer%22%2C%22data%22%3A%7B%22value%22%3A%22%22%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51804.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
server: nginx

GET
H2

204

0.gif
x01.aidata.io/ Frame 7B45
Redirect Chain

https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

0
433 B

92ms
92ms

Image
text/plain

89.108.120.76
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Protocol: H2
Server: 89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51804.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:19 GMT
last-modified: Fri, 02 Dec 2022 03:06:18 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Fri, 02 Dec 2022 03:06:18 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Date: Fri, 02 Dec 2022 03:06:19 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 242
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 pixel.js
x01.aidata.io/ Frame 7B45 21 KB
21 KB 103ms
100ms Image
application/javascript 89.108.120.76
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=9a55578d4f950aacbea7b1d918835f8a&url=https%3A%2F%2Ffriends.in.ua%2F&v=1669950379109&is_js_referrer=1&es_name=GA&es_uid=1554725003.1669950374
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51804.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:19 GMT
content-encoding: gzip
last-modified: Fri, 02 Dec 2022 03:06:18 GMT
server: nginx
access-control-allow-methods: GET, POST
content-type: application/javascript
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Fri, 02 Dec 2022 03:06:18 GMT

GET
H2 200 pixel.js
x01.aidata.io/ Frame 7B45 21 KB
21 KB 186ms
183ms Image
application/javascript 89.108.120.76
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/pixel.js?pixel=VIBOOM&id=9a55578d4f950aacbea7b1d918835f8a&url=https%3A%2F%2Ffriends.in.ua%2F&v=1669950379109&is_js_referrer=1&es_name=YM&es_uid=1669950375958593397
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51804.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:19 GMT
content-encoding: gzip
last-modified: Fri, 02 Dec 2022 03:06:18 GMT
server: nginx
access-control-allow-methods: GET, POST
content-type: application/javascript
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Fri, 02 Dec 2022 03:06:18 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8277 15 KB
6 KB 244ms
55ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:18 GMT
server: Kestrel
server-processing-duration-in-ticks: 805140
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame D051 89 KB
29 KB 195ms
60ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Dec 2022 03:06:19 GMT

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 758F 2 KB
2 KB 113ms
74ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=da6c4781dd6acf51214f07a04ee5235e%2F561703368391241008&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379121&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa8d0f708854fa8176787962412fd62da9f35b52e2df11209f5fd946663ce895

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7730d88e6c8c06d1-LHR
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:19 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 8DC4 2 KB
3 KB 100ms
73ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=1be2c977aaa3f58f98c92491b290960a%2F2969712775557992297&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379124&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db4a2b60b546fb7631a59b8e6edcab335bd6de1f6bf23ca42c21da40564bd085

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7730d88e6c8e06d1-LHR
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:19 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame EE2A 2 KB
2 KB 81ms
73ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=316d8c2c0f9401fb59aec95496b2d31e%2F16028934218110961411&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379128&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

999808e0c710f238290331d80dec5f1a2828dc0ec5b6e7fa52441b123ca2678d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7730d88e6c8f06d1-LHR
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:19 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 6E3F 2 KB
2 KB 76ms
75ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=53d74e330441253f0391477857992b7e%2F13913970616444599020&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379130&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46663c08dc42f22f8418baf4c0046629db113c619713a4d8db2500bb575ce392

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7730d88e6c8b06d1-LHR
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:19 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame F334 2 KB
2 KB 73ms
72ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=db6ebf9c73bcd0130da5edc1224cc801%2F14094637955215982565&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379131&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

442284eabbe832cc0149146779708e568a120a7099e5c3b21fb73af61749b1d7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7730d88e7c9a06d1-LHR
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:19 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 167E 2 KB
2 KB 76ms
74ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=663187f0122faacc41e82cc911c1edf2%2F3097570911165648593&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379131&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a47f0acbfac22ba56e7f163f70ee3d00e7eed490969b683d6a5dbd7adaba1e10

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7730d88e8caa06d1-LHR
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:19 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame BA82 2 KB
2 KB 76ms
75ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=ccdd13037c8393181b79905ede7f76fc%2F5024791005212309553&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379132&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23c83e5555864a994bbfdff51901ff7da42c694568af8d38c3a96301b659a965

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7730d88eacb806d1-LHR
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:19 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 68ms
66ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 02 Dec 2022 03:06:19 GMT

GET
H2 200 /
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame D051 95 B
223 B 205ms
64ms Image
image/png 157.90.211.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Ffriends.in.ua%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.211.90.157.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/png
date: Fri, 02 Dec 2022 03:06:19 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 6384 2 KB
2 KB 74ms
71ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=6ffaf0f53cc69a5ec4d3fd194d6618b4%2F11855803503469576366&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379133&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f39147206a051246d91727ceaca78422a4b65e6732c8e2441e508bab1a5a812

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7730d88ecccd06d1-LHR
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:19 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame BA03 2 KB
2 KB 73ms
70ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=803424a564a0c8299f5b967855b51963%2F4747129119722439925&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379136&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64cc6d9db3528249fa7ad50508a34b0b744a4211e4520089c751803b380c347f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7730d88eccd206d1-LHR
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:19 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.26/one-ad/ Frame 8DC4 89 KB
11 KB 61ms
56ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.26/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=1be2c977aaa3f58f98c92491b290960a%2F2969712775557992297&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379124&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=1be2c977aaa3f58f98c92491b290960a%2F2969712775557992297&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379124&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669909960
age: 39226
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtQkAdSc0DTs_WHdWK8MdqupDyiwMG-HAUSpoDZCrSlyEczXjpF0fpxBL-p014ddJ09_F2J5CMgUiex0mVi4cDOMQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Dec 2022 15:53:06 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669909986917312
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJSV4cKQ0%2FbJsbviLvTTVA43uc9gJJ9Wv4Xg%2BfanpWNedXtCQ89HwemZtTcxlKbkMpmDP%2BqSfFCVQigckVclsIAgMu6KFr6F2CC3cLt4VzClFAVJIBXgnlJVO7PsGTuz%2B8aQrGM2O3Y%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7730d88f0be2887f-LHR
expires: Fri, 02 Dec 2022 04:06:19 GMT

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6 Show response
mediaintelligence.de/trck/epv/ Frame 8DC4 0
500 B 257ms
57ms Script
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/epv/b94b7a94526c275d4ccbe07dc4f031d6?t=htlp&subid=oneidZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672oneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=1be2c977aaa3f58f98c92491b290960a%2F2969712775557992297&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379124&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:19 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AA_93878F70:01BB_63896BAB_C56872:21AAE
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n1
Keep-Alive: timeout=20
Content-Length: 0

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6 Show response
mediaintelligence.de/trck/ehtml/ Frame 8DC4 2 KB
2 KB 653ms
454ms Script
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/ehtml/b94b7a94526c275d4ccbe07dc4f031d6?ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%253Bcrtbdata%253DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D&subid=oneid9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEeoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=1be2c977aaa3f58f98c92491b290960a%2F2969712775557992297&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379124&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 74ebb114f46025f4c0986580d59f9313b9d932abe8755aeddf35f6ecb3a01d2f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:19 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AC_93878F70:01BB_63896BAB_C4E1AE:21AB0
X-IPLB-Instance: 37714
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Min-LB: n2
Keep-Alive: timeout=20
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.26/one-ad/ Frame EE2A 89 KB
11 KB 57ms
53ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.26/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=316d8c2c0f9401fb59aec95496b2d31e%2F16028934218110961411&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379128&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=316d8c2c0f9401fb59aec95496b2d31e%2F16028934218110961411&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379128&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669909960
age: 39226
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtQkAdSc0DTs_WHdWK8MdqupDyiwMG-HAUSpoDZCrSlyEczXjpF0fpxBL-p014ddJ09_F2J5CMgUiex0mVi4cDOMQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Dec 2022 15:53:06 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669909986917312
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjbwKI8scQiDeYCuyN9r0ruIjo4lnRB7KoFOWlHOLSI%2BaDr4BwrNXDVPPkK723woV0p9ioMI%2BOJHJToPMWuPjV%2Boi3YHtwRtB07vv%2BxG64hJNTUGaOsvWLphb7sqb49rzQ%2Bwc27q1P8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7730d88f1bec887f-LHR
expires: Fri, 02 Dec 2022 04:06:19 GMT

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6 Show response
mediaintelligence.de/trck/epv/ Frame EE2A 0
500 B 247ms
58ms Script
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/epv/b94b7a94526c275d4ccbe07dc4f031d6?t=htlp&subid=oneidZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672oneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=316d8c2c0f9401fb59aec95496b2d31e%2F16028934218110961411&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379128&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:19 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B4_93878F70:01BB_63896BAB_C532EB:21AAF
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n1
Keep-Alive: timeout=20
Content-Length: 0

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6 Show response
mediaintelligence.de/trck/ehtml/ Frame EE2A 2 KB
2 KB 469ms
280ms Script
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/ehtml/b94b7a94526c275d4ccbe07dc4f031d6?ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%253Bcrtbdata%253D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D&subid=oneid9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEeoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=316d8c2c0f9401fb59aec95496b2d31e%2F16028934218110961411&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379128&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8f7e830ead0183c0cb0cb00ee80f0168123b5b233a5e24556692904127d3afe8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:19 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B6_93878F70:01BB_63896BAB_C56873:21AAE
X-IPLB-Instance: 37714
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Min-LB: n3
Keep-Alive: timeout=20
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.26/one-ad/ Frame 758F 89 KB
11 KB 83ms
82ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.26/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=da6c4781dd6acf51214f07a04ee5235e%2F561703368391241008&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379121&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=da6c4781dd6acf51214f07a04ee5235e%2F561703368391241008&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379121&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669909960
age: 39226
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtQkAdSc0DTs_WHdWK8MdqupDyiwMG-HAUSpoDZCrSlyEczXjpF0fpxBL-p014ddJ09_F2J5CMgUiex0mVi4cDOMQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Dec 2022 15:53:06 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669909986917312
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CH%2B4GPtDFCGEFK%2BXq7UishBcruVHzDGeSgN7A4N03q2gCRkKR12BnCbm%2FEopf0B00u91IK520efH%2FAFy%2BS6r4fr8eKwRuZyzHqr6cc%2FwAgoOAwzzQ550omQsG2K9iwM%2Bm03Xg8EAb3c%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7730d88f2c01887f-LHR
expires: Fri, 02 Dec 2022 04:06:19 GMT

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6 Show response
mediaintelligence.de/trck/epv/ Frame 758F 0
500 B 238ms
58ms Script
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/epv/b94b7a94526c275d4ccbe07dc4f031d6?t=htlp&subid=oneidZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672oneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=da6c4781dd6acf51214f07a04ee5235e%2F561703368391241008&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379121&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:19 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AE_93878F70:01BB_63896BAB_C4E1AF:21AB0
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n1
Keep-Alive: timeout=20
Content-Length: 0

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6 Show response
mediaintelligence.de/trck/ehtml/ Frame 758F 2 KB
2 KB 545ms
356ms Script
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/ehtml/b94b7a94526c275d4ccbe07dc4f031d6?ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%253Bcrtbdata%253DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D&subid=oneid9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEeoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=da6c4781dd6acf51214f07a04ee5235e%2F561703368391241008&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379121&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: a695b09d12dc140f99887cd23d333b5fdf0682b1f44557273a486d2c7c16aa72

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:19 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B0_93878F70:01BB_63896BAB_C4E1B0:21AB0
X-IPLB-Instance: 37714
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Min-LB: n3
Keep-Alive: timeout=20
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.26/one-ad/ Frame 6E3F 89 KB
11 KB 70ms
70ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.26/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=53d74e330441253f0391477857992b7e%2F13913970616444599020&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379130&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=53d74e330441253f0391477857992b7e%2F13913970616444599020&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379130&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669909960
age: 39226
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtQkAdSc0DTs_WHdWK8MdqupDyiwMG-HAUSpoDZCrSlyEczXjpF0fpxBL-p014ddJ09_F2J5CMgUiex0mVi4cDOMQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Dec 2022 15:53:06 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669909986917312
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHvwXKR4a5RhU8PpUvdIjD2EU0QZ4%2BVDGKY%2FZYOqQi4k8WrSY5rMD1AIsesykJRFQCIBCxBmN7Jv6qeTDChJoJx2DdcR5TDjTFm30UsUL9FIEG%2FK9qi365ksmpUso%2B%2FeMtWEGKCN6%2Fg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7730d88f3c16887f-LHR
expires: Fri, 02 Dec 2022 04:06:19 GMT

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6 Show response
mediaintelligence.de/trck/epv/ Frame 6E3F 0
500 B 280ms
56ms Script
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/epv/b94b7a94526c275d4ccbe07dc4f031d6?t=htlp&subid=oneidZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672oneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=53d74e330441253f0391477857992b7e%2F13913970616444599020&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379130&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:19 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AA_93878F70:01BB_63896BAB_C56874:21AAE
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n1
Keep-Alive: timeout=20
Content-Length: 0

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6 Show response
mediaintelligence.de/trck/ehtml/ Frame 6E3F 2 KB
2 KB 556ms
333ms Script
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/ehtml/b94b7a94526c275d4ccbe07dc4f031d6?ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%253Bcrtbdata%253DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D&subid=oneid9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEeoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=53d74e330441253f0391477857992b7e%2F13913970616444599020&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379130&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: b39089f86c5a91e4ace07afe8c1b939c3c4b4cd43e7d2c0c8f84fd3e244436d1

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:19 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B4_93878F70:01BB_63896BAB_C532EC:21AAF
X-IPLB-Instance: 37714
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Min-LB: n3
Keep-Alive: timeout=20
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.26/one-ad/ Frame F334 89 KB
11 KB 63ms
63ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.26/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=db6ebf9c73bcd0130da5edc1224cc801%2F14094637955215982565&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379131&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=db6ebf9c73bcd0130da5edc1224cc801%2F14094637955215982565&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379131&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669909960
age: 39226
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtQkAdSc0DTs_WHdWK8MdqupDyiwMG-HAUSpoDZCrSlyEczXjpF0fpxBL-p014ddJ09_F2J5CMgUiex0mVi4cDOMQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Dec 2022 15:53:06 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669909986917312
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsw%2FW%2FHZxUc9UxFm2AkeyIA4XRUjiCgu4SFiMh6kZDho11ktBEtWZxos1E5X0WKtKnB8szmUdxBwFdagZy7XUenEuYm3lR1tHRMIuJlRBpI739p5mmMFTBgNtT3Rvyyuqu2wT4Cj48M%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7730d88f4c28887f-LHR
expires: Fri, 02 Dec 2022 04:06:19 GMT

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6 Show response
mediaintelligence.de/trck/epv/ Frame F334 0
500 B 272ms
58ms Script
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/epv/b94b7a94526c275d4ccbe07dc4f031d6?t=htlp&subid=oneidZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672oneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=db6ebf9c73bcd0130da5edc1224cc801%2F14094637955215982565&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379131&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:19 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AE_93878F70:01BB_63896BAB_C4E1B1:21AB0
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n1
Keep-Alive: timeout=20
Content-Length: 0

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6 Show response
mediaintelligence.de/trck/ehtml/ Frame F334 2 KB
2 KB 566ms
296ms Script
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/ehtml/b94b7a94526c275d4ccbe07dc4f031d6?ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%253Bcrtbdata%253DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D&subid=oneid9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEeoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=db6ebf9c73bcd0130da5edc1224cc801%2F14094637955215982565&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379131&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8b28a6c0486f3ec6e7ce50318a8f548bac97f197586712ee6ecdabc18424d0dc

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:19 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AA_93878F70:01BB_63896BAB_C56875:21AAE
X-IPLB-Instance: 37714
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Min-LB: n3
Keep-Alive: timeout=20
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.26/one-ad/ Frame 167E 89 KB
11 KB 58ms
55ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.26/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=663187f0122faacc41e82cc911c1edf2%2F3097570911165648593&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379131&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=663187f0122faacc41e82cc911c1edf2%2F3097570911165648593&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379131&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669909960
age: 39226
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtQkAdSc0DTs_WHdWK8MdqupDyiwMG-HAUSpoDZCrSlyEczXjpF0fpxBL-p014ddJ09_F2J5CMgUiex0mVi4cDOMQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Dec 2022 15:53:06 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669909986917312
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fihUwZMq%2Fa5PQJVobaV1rG74rjTyqSaiE5iwn0nFq4UBm5p%2B54cSTPfrV8JZyEXJDBbuP9BxXOddplg3IOamH22TpOtjujpGON5fhSKT%2Fh7IDDIzZY76LZE5Y1ZkHLdTsIA06R6NwTE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7730d88f6c44887f-LHR
expires: Fri, 02 Dec 2022 04:06:19 GMT

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6 Show response
mediaintelligence.de/trck/epv/ Frame 167E 0
500 B 342ms
82ms Script
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/epv/b94b7a94526c275d4ccbe07dc4f031d6?t=htlp&subid=oneidZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672oneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=663187f0122faacc41e82cc911c1edf2%2F3097570911165648593&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379131&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:19 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AE_93878F70:01BB_63896BAB_C4E1B2:21AB0
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n3
Keep-Alive: timeout=20
Content-Length: 0

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6 Show response
mediaintelligence.de/trck/ehtml/ Frame 167E 2 KB
2 KB 587ms
243ms Script
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/ehtml/b94b7a94526c275d4ccbe07dc4f031d6?ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%253Bcrtbdata%253DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D&subid=oneid9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEeoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=663187f0122faacc41e82cc911c1edf2%2F3097570911165648593&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379131&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 12dbd0e6de6f91fce74cfcb3eee8e3468c94ae49a0424b495f41fcbb5452d84a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:19 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AE_93878F70:01BB_63896BAB_C4E1B3:21AB0
X-IPLB-Instance: 37714
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Min-LB: n1
Keep-Alive: timeout=20
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.26/one-ad/ Frame BA82 89 KB
11 KB 73ms
72ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.26/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=ccdd13037c8393181b79905ede7f76fc%2F5024791005212309553&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379132&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=ccdd13037c8393181b79905ede7f76fc%2F5024791005212309553&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379132&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669909960
age: 39226
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtQkAdSc0DTs_WHdWK8MdqupDyiwMG-HAUSpoDZCrSlyEczXjpF0fpxBL-p014ddJ09_F2J5CMgUiex0mVi4cDOMQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Dec 2022 15:53:06 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669909986917312
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RSOA8dhpjgW9AMzE5NldW%2BlxDL6c%2BpNfrhyHp4so9ntP9jmf9ZyWqCTAE7ElWY2qsZLYPdCISzRaatidedjULOcnHvMh0U57CuxzoUGL76TbKrQdg87hO1OpZlVm%2B%2FPdSx5hduzFpM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7730d88f7c5a887f-LHR
expires: Fri, 02 Dec 2022 04:06:19 GMT

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6 Show response
mediaintelligence.de/trck/epv/ Frame BA82 0
500 B 461ms
56ms Script
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/epv/b94b7a94526c275d4ccbe07dc4f031d6?t=htlp&subid=oneidZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672oneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=ccdd13037c8393181b79905ede7f76fc%2F5024791005212309553&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379132&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:19 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B6_93878F70:01BB_63896BAB_C56876:21AAE
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n1
Keep-Alive: timeout=20
Content-Length: 0

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6 Show response
mediaintelligence.de/trck/ehtml/ Frame BA82 2 KB
2 KB 774ms
283ms Script
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/ehtml/b94b7a94526c275d4ccbe07dc4f031d6?ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%253Bcrtbdata%253D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D&subid=oneid9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEeoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=ccdd13037c8393181b79905ede7f76fc%2F5024791005212309553&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379132&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 62a90d8e9e32738ac8556ab3ac318e8e4756d3439024901b0292adad1780a53c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:20 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B0_93878F70:01BB_63896BAB_C4E1B4:21AB0
X-IPLB-Instance: 37714
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Min-LB: n3
Keep-Alive: timeout=20
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.26/one-ad/ Frame 6384 89 KB
11 KB 63ms
61ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.26/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=6ffaf0f53cc69a5ec4d3fd194d6618b4%2F11855803503469576366&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379133&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=6ffaf0f53cc69a5ec4d3fd194d6618b4%2F11855803503469576366&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379133&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669909960
age: 39226
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtQkAdSc0DTs_WHdWK8MdqupDyiwMG-HAUSpoDZCrSlyEczXjpF0fpxBL-p014ddJ09_F2J5CMgUiex0mVi4cDOMQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Dec 2022 15:53:06 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669909986917312
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PNePEOy1lQetgzoMzzaFOSyORwuhVsDSSZLNiIBPyE1c1fsdnDTEx%2B4wvp5F2IfjLmJyJAf8OWLP06B8w0SPlbM0Q5kSk6N0VDp06fXX9V3znos59MGmNNlZ2ePywgmihbrcfMTD0g%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7730d88f8c6a887f-LHR
expires: Fri, 02 Dec 2022 04:06:19 GMT

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6 Show response
mediaintelligence.de/trck/epv/ Frame 6384 0
500 B 847ms
82ms Script
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/epv/b94b7a94526c275d4ccbe07dc4f031d6?t=htlp&subid=oneidZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672oneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=6ffaf0f53cc69a5ec4d3fd194d6618b4%2F11855803503469576366&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379133&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:20 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B0_93878F70:01BB_63896BAC_C4E1B7:21AB0
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n3
Keep-Alive: timeout=20
Content-Length: 0

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6 Show response
mediaintelligence.de/trck/ehtml/ Frame 6384 2 KB
2 KB 1009ms
239ms Script
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/ehtml/b94b7a94526c275d4ccbe07dc4f031d6?ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%253Bcrtbdata%253DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D&subid=oneid9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEeoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=6ffaf0f53cc69a5ec4d3fd194d6618b4%2F11855803503469576366&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379133&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: fb335728f8fce433087e47181a2037351faf9ecaafbb13e827cd4df8a691a84e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:20 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B4_93878F70:01BB_63896BAC_C532EF:21AAF
X-IPLB-Instance: 37714
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Min-LB: n1
Keep-Alive: timeout=20
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.26/one-ad/ Frame BA03 89 KB
11 KB 57ms
56ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.26/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=803424a564a0c8299f5b967855b51963%2F4747129119722439925&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379136&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=803424a564a0c8299f5b967855b51963%2F4747129119722439925&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379136&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669909960
age: 39226
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtQkAdSc0DTs_WHdWK8MdqupDyiwMG-HAUSpoDZCrSlyEczXjpF0fpxBL-p014ddJ09_F2J5CMgUiex0mVi4cDOMQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Dec 2022 15:53:06 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669909986917312
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gK1T2pSp6m%2BEuQGtGQQwz3c0Heoj0glHXGl6CTiIXQhnp2tF16AOJVy8azVjU5HASeE6zHVSw8LtQpVeZRtFzWreR47f0036VvDMvMcJdggftdqXSz4%2Bj9SsMvcKyVUJlNzH8cK4T74%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 7730d88f9c76887f-LHR
expires: Fri, 02 Dec 2022 04:06:19 GMT

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6 Show response
mediaintelligence.de/trck/epv/ Frame BA03 0
485 B 829ms
61ms Script
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/epv/b94b7a94526c275d4ccbe07dc4f031d6?t=htlp&subid=oneidZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672oneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=803424a564a0c8299f5b967855b51963%2F4747129119722439925&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379136&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:20 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AE_93878F70:01BB_63896BAC_C4E1B8:21AB0
X-IPLB-Instance: 37714
Content-Type: application/javascript
X-Min-LB: n4
Keep-Alive: timeout=20
Content-Length: 0

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6 Show response
mediaintelligence.de/trck/ehtml/ Frame BA03 2 KB
2 KB 1116ms
333ms Script
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/ehtml/b94b7a94526c275d4ccbe07dc4f031d6?ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%253Bcrtbdata%253D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D&subid=oneid9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEeoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321881&b=ZxwtwfBfG42EtmHKt5u3tV1Vka6SXTQXBa2672&f=9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEe&c=300&d=600&e=&g=803424a564a0c8299f5b967855b51963%2F4747129119722439925&i=111279&j=39&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1669950379136&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx / PHP/7.2.34-28+0~20211119.67+debian11~1.gbpf24e81
Resource Hash: 568d7d013e4ed656e5aaf5a307f05ccbf8c8d988475e881430c939822de1a88a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:20 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AA_93878F70:01BB_63896BAC_C5687C:21AAE
X-Powered-By: PHP/7.2.34-28+0~20211119.67+debian11~1.gbpf24e81
X-IPLB-Instance: 37714
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Min-LB: n4
Keep-Alive: timeout=20
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E7B8 13 KB
5 KB 57ms
54ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 24408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 20:19:31 GMT
expires: Fri, 01 Dec 2023 20:19:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3255 783 B
535 B 195ms
69ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

42dfe980f39c2fa9c3305ff3651e283f7bc3d5fa70aae11eb43eb309b7b0b2a4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tL3FSM6lkCXd2MJhgjZ5hA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://friends.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-tL3FSM6lkCXd2MJhgjZ5hA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:19 GMT
expires: Fri, 02 Dec 2022 03:06:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8277
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=friends.in.ua&sn=ChromeSyncframe&so=0&topUrl=friends.in.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=Sws-Ynw4M2paMXo4ZUVDWXFBSElKYW1QVUlhT1NoeDBlVW9GMEFYSUFnOUJzcm5HaCtOcDRaYlhIQkIxNjRkQ0dUZVhTUnBnMDNjakY4TUtCSnZoMnZWNVRpbFgwSFFxbUJ3MVg0Tm8yTGxBQ0xMVlI0bjI3U0YyZlVaVU...

433 B
654 B

229ms
50ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Sws-Ynw4M2paMXo4ZUVDWXFBSElKYW1QVUlhT1NoeDBlVW9GMEFYSUFnOUJzcm5HaCtOcDRaYlhIQkIxNjRkQ0dUZVhTUnBnMDNjakY4TUtCSnZoMnZWNVRpbFgwSFFxbUJ3MVg0Tm8yTGxBQ0xMVlI0bjI3U0YyZlVaVU5uQ0llVkdVQU9nZjI5NDhPQnVFYmxnaklhT0NIanJtZDNCNWtTT3cyMElIN09BdXY1MnJLdzROSkM2UlBVNVdWSHI3dVVmRHVZUlFYaUdGdkUwK1NxeEw1V0FpZHExaDc5d0Z1WlBGUlJOdGpkU1ZhWjY0dHczQTZzb2w4VXo0VFpEWlV1aWQrTFRGaVNJTkhCb1ZVbXZ4VDN1SVFzdz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8fef6c7728b57a1d5ab79290a1d0eeca78ddb972d5904917014ca8804f828f53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:18 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2066508
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:19 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=Sws-Ynw4M2paMXo4ZUVDWXFBSElKYW1QVUlhT1NoeDBlVW9GMEFYSUFnOUJzcm5HaCtOcDRaYlhIQkIxNjRkQ0dUZVhTUnBnMDNjakY4TUtCSnZoMnZWNVRpbFgwSFFxbUJ3MVg0Tm8yTGxBQ0xMVlI0bjI3U0YyZlVaVU5uQ0llVkdVQU9nZjI5NDhPQnVFYmxnaklhT0NIanJtZDNCNWtTT3cyMElIN09BdXY1MnJLdzROSkM2UlBVNVdWSHI3dVVmRHVZUlFYaUdGdkUwK1NxeEw1V0FpZHExaDc5d0Z1WlBGUlJOdGpkU1ZhWjY0dHczQTZzb2w4VXo0VFpEWlV1aWQrTFRGaVNJTkhCb1ZVbXZ4VDN1SVFzdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 662470
content-length: 0
expires: 0

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame E7B8 36 KB
16 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 19:32:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Dec 2023 19:32:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3255 0
0 93ms
91ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=269038751741260&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E7B8 0
10 B 53ms
53ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?w0D7Fg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame EB1F 52 KB
17 KB 67ms
67ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:19 GMT
ETag: "623de86a-cf34"
Expires: Sat, 03 Dec 2022 03:06:21 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6.htm Show response
mediaintelligence.de/trck/ehtmlcontent/ Frame 0F1D 10 KB
10 KB 353ms
299ms Document
text/html 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%253Bcrtbdata%253D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtml/b94b7a94526c275d4ccbe07dc4f031d6?ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%253Bcrtbdata%253D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D&subid=oneid9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEeoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e7f92a27f7ad39ce1008cfaab2cb20ff2cc79314cd0fbc94952741e35d32a373

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Dec 2022 03:06:20 GMT
Keep-Alive: timeout=20
Server: nginx
Transfer-Encoding: chunked
X-IPLB-Instance: 37714
X-IPLB-Request-ID: 52C78226:89B6_93878F70:01BB_63896BAB_C56877:21AAE
X-Min-LB: n3

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3156 52 KB
17 KB 67ms
67ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:19 GMT
ETag: "623de86a-cf34"
Expires: Sat, 03 Dec 2022 03:06:21 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 15C0 52 KB
17 KB 61ms
60ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:19 GMT
ETag: "623de86a-cf34"
Expires: Sat, 03 Dec 2022 03:06:21 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame EB1F 0
744 B 57ms
57ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:19 GMT
AN-X-Request-Uuid: 5c69cfa6-b8d3-4a10-af2a-5cb3d327c4f5
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6712 52 KB
17 KB 67ms
67ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:19 GMT
ETag: "623de86a-cf34"
Expires: Sat, 03 Dec 2022 03:06:21 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3156 0
744 B 58ms
57ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:19 GMT
AN-X-Request-Uuid: 6837efff-9a93-452c-ab07-3996ad976861
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6.htm Show response
mediaintelligence.de/trck/ehtmlcontent/ Frame CAB4 10 KB
10 KB 275ms
262ms Document
text/html 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%253Bcrtbdata%253DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtml/b94b7a94526c275d4ccbe07dc4f031d6?ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%253Bcrtbdata%253DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D&subid=oneid9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEeoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 0be21eecf298f76f0150a10f8197b1aa93fcb5ff114577aff0c6231e5c972e4e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Dec 2022 03:06:20 GMT
Keep-Alive: timeout=20
Server: nginx
Transfer-Encoding: chunked
X-IPLB-Instance: 37714
X-IPLB-Request-ID: 52C78226:89B4_93878F70:01BB_63896BAB_C532ED:21AAF
X-Min-LB: n3

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 15C0 0
744 B 57ms
56ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:19 GMT
AN-X-Request-Uuid: e1a6c52f-708b-4557-adb0-efb6d22c8c62
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame D55B 52 KB
17 KB 77ms
77ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:19 GMT
ETag: "623de86a-cf34"
Expires: Sat, 03 Dec 2022 03:06:21 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6.htm Show response
mediaintelligence.de/trck/ehtmlcontent/ Frame CE47 10 KB
10 KB 272ms
264ms Document
text/html 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%253Bcrtbdata%253DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtml/b94b7a94526c275d4ccbe07dc4f031d6?ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%253Bcrtbdata%253DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D&subid=oneid9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEeoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: eef1e87a90a2a3a05465a552f948571869322806a434af522b5392bc94ba57b5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Dec 2022 03:06:20 GMT
Keep-Alive: timeout=20
Server: nginx
Transfer-Encoding: chunked
X-IPLB-Instance: 37714
X-IPLB-Request-ID: 52C78226:89AA_93878F70:01BB_63896BAB_C56879:21AAE
X-Min-LB: n3

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 56F9 52 KB
17 KB 70ms
70ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:19 GMT
ETag: "623de86a-cf34"
Expires: Sat, 03 Dec 2022 03:06:21 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6712 0
744 B 57ms
56ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:19 GMT
AN-X-Request-Uuid: b6de0320-7fb7-4028-adf8-2d42833f8c8f
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame BBC9 52 KB
17 KB 67ms
67ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:19 GMT
ETag: "623de86a-cf34"
Expires: Sat, 03 Dec 2022 03:06:21 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6.htm Show response
mediaintelligence.de/trck/ehtmlcontent/ Frame F8A8 10 KB
10 KB 230ms
215ms Document
text/html 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%253Bcrtbdata%253DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtml/b94b7a94526c275d4ccbe07dc4f031d6?ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%253Bcrtbdata%253DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D&subid=oneid9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEeoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 5348ec191818bec0f4d0d58f387d0e90b5deb79ced308c39ad7a60317cd95d5c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Dec 2022 03:06:20 GMT
Keep-Alive: timeout=20
Server: nginx
Transfer-Encoding: chunked
X-IPLB-Instance: 37714
X-IPLB-Request-ID: 52C78226:89AE_93878F70:01BB_63896BAC_C4E1B5:21AB0
X-Min-LB: n1

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame AF2A 52 KB
17 KB 57ms
57ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:20 GMT
ETag: "623de86a-cf34"
Expires: Sat, 03 Dec 2022 03:06:22 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6.htm Show response
mediaintelligence.de/trck/ehtmlcontent/ Frame 3DF6 10 KB
10 KB 249ms
248ms Document
text/html 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%253Bcrtbdata%253DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtml/b94b7a94526c275d4ccbe07dc4f031d6?ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%253Bcrtbdata%253DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D&subid=oneid9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEeoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx / PHP/7.2.34-28+0~20211119.67+debian11~1.gbpf24e81
Resource Hash: c0ec2f990fddecd9804e96e022c258e6ec3960a6d47144df58bcb83f0a3cbd7b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Dec 2022 03:06:20 GMT
Keep-Alive: timeout=20
Server: nginx
Transfer-Encoding: chunked
X-IPLB-Instance: 37714
X-IPLB-Request-ID: 52C78226:89AC_93878F70:01BB_63896BAC_C4E1B6:21AB0
X-Min-LB: n4
X-Powered-By: PHP/7.2.34-28+0~20211119.67+debian11~1.gbpf24e81

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6.htm Show response
mediaintelligence.de/trck/ehtmlcontent/ Frame FE4C 10 KB
10 KB 458ms
292ms Document
text/html 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%253Bcrtbdata%253DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtml/b94b7a94526c275d4ccbe07dc4f031d6?ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%253Bcrtbdata%253DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D&subid=oneid9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEeoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: fdd997b8d0a45a366bafcb635743428f7cfcf77f031f6a89fc5c8b190169b8d6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Dec 2022 03:06:20 GMT
Keep-Alive: timeout=20
Server: nginx
Transfer-Encoding: chunked
X-IPLB-Instance: 37714
X-IPLB-Request-ID: 52C78226:89B6_93878F70:01BB_63896BAC_C5687B:21AAE
X-Min-LB: n2

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0953 52 KB
17 KB 71ms
67ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:20 GMT
ETag: "623de86a-cf34"
Expires: Sat, 03 Dec 2022 03:06:22 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 587B 52 KB
17 KB 76ms
66ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:20 GMT
ETag: "623de86a-cf34"
Expires: Sat, 03 Dec 2022 03:06:22 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D55B 0
744 B 57ms
57ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:20 GMT
AN-X-Request-Uuid: 305628b1-7f24-4e87-a0af-7058d80eeea9
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 90BA 52 KB
17 KB 67ms
66ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:20 GMT
ETag: "623de86a-cf34"
Expires: Sat, 03 Dec 2022 03:06:22 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 56F9 0
744 B 58ms
58ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:20 GMT
AN-X-Request-Uuid: ebaca482-3de7-430d-95c7-68352a1ddadc
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame AF2A 0
744 B 57ms
57ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:20 GMT
AN-X-Request-Uuid: 6d0eb940-4db8-4f9e-9d45-bd6574f5484d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F603 52 KB
17 KB 68ms
67ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:20 GMT
ETag: "623de86a-cf34"
Expires: Sat, 03 Dec 2022 03:06:22 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame BBC9 0
744 B 57ms
57ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:20 GMT
AN-X-Request-Uuid: a247d40e-8a6d-41fd-b190-51a235944f15
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4E44 52 KB
17 KB 71ms
68ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:20 GMT
ETag: "623de86a-cf34"
Expires: Sat, 03 Dec 2022 03:06:22 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame EC0B 52 KB
17 KB 68ms
67ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 02 Dec 2022 03:06:20 GMT
ETag: "623de86a-cf34"
Expires: Sat, 03 Dec 2022 03:06:22 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0953 0
744 B 58ms
58ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:20 GMT
AN-X-Request-Uuid: b3f68189-bcdc-4f25-beaa-f6f42e314d58
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 587B 0
744 B 57ms
57ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:20 GMT
AN-X-Request-Uuid: 0dd56da3-33fb-4702-aa3b-e77ff6cdcc36
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 90BA 0
744 B 58ms
57ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:20 GMT
AN-X-Request-Uuid: 9be46026-cdda-4857-bd50-936f6b8d764b
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
a.gsitrix.com/view/ Frame 0F1D 58 KB
58 KB 216ms
57ms Script
application/javascript 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896bab1627363b82c8ecc9&id=
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%253Bcrtbdata%253D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash: 85c45cee9b4f8d8d287c0911094cdacc9cf64fbd1c7f163415d7b5706b61a1bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:20 GMT
access-control-allow-methods: *
p3p: CP="NOI DEVa TAIa OUR BUS UNI"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: *
expires: Sat, 13 Jun 1992 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F603 0
744 B 58ms
57ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:20 GMT
AN-X-Request-Uuid: c8b20b51-1aa6-419e-8f59-b77f306b12e3
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
a.gsitrix.com/view/ Frame CAB4 58 KB
59 KB 187ms
54ms Script
application/javascript 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896babb43db64c60a6cfc0&id=
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%253Bcrtbdata%253DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash: abfcb01141c43c34a551f34901fe76e4f84dcfba3d998098142ad14264e3fc7d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:20 GMT
access-control-allow-methods: *
p3p: CP="NOI DEVa TAIa OUR BUS UNI"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: *
expires: Sat, 13 Jun 1992 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4E44 0
744 B 58ms
57ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:20 GMT
AN-X-Request-Uuid: f199b3a3-7e6f-40a2-b5ba-b3ecdbb2602a
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 index.html Show response
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0837 103 KB
41 KB 357ms
218ms Document
text/html 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%253Bcrtbdata%253D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 613e9bc8606361a83d5e6fd53c90fcb3386fc532b31955b2fca66730f7776636

Request headers

Referer: https://mediaintelligence.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: Range
access-control-allow-origin: *
access-control-expose-headers: Content-Length
access-control-max-age: 3600
content-encoding: br
content-type: text/html
date: Fri, 02 Dec 2022 03:06:20 GMT
etag: W/"63764652-19aab"
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cacheable: Cacheable
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-request-id: 195002763

GET
H2 200 / Show response
a.gsitrix.com/view/ Frame F8A8 58 KB
58 KB 172ms
55ms Script
application/javascript 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896babb43db64c60a6cfc0&id=
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%253Bcrtbdata%253DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash: b147907747673ed17920d157551394a7b0f9825874bf09a5e6baf552e50c4a33

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:20 GMT
access-control-allow-methods: *
p3p: CP="NOI DEVa TAIa OUR BUS UNI"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: *
expires: Sat, 13 Jun 1992 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame EC0B 0
744 B 57ms
57ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:20 GMT
AN-X-Request-Uuid: b5a29fa7-22e1-43bc-a102-10983a59f2fe
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6.htm Show response
mediaintelligence.de/trck/ehtmlcontent/ Frame 7856 10 KB
10 KB 331ms
330ms Document
text/html 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%253Bcrtbdata%253D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtml/b94b7a94526c275d4ccbe07dc4f031d6?ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%253Bcrtbdata%253D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D&subid=oneid9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEeoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx / PHP/7.2.34-28+0~20211119.67+debian11~1.gbpf24e81
Resource Hash: dbf4d7abfc0934fa3c0e37a2c5136d3fa428fd4be4c9502d68eb04def3db9bd0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Dec 2022 03:06:20 GMT
Keep-Alive: timeout=20
Server: nginx
Transfer-Encoding: chunked
X-IPLB-Instance: 37714
X-IPLB-Request-ID: 52C78226:89AC_93878F70:01BB_63896BAC_C4E1B9:21AB0
X-Min-LB: n4
X-Powered-By: PHP/7.2.34-28+0~20211119.67+debian11~1.gbpf24e81

GET
H2 200 / Show response
a.gsitrix.com/view/ Frame CE47 58 KB
58 KB 160ms
56ms Script
application/javascript 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896babb43db64c60a6cfc0&id=
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%253Bcrtbdata%253DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash: e379a2d041fb3a6209377c16290698752facddde5ddf527a75dc8a56afd4a82e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:20 GMT
access-control-allow-methods: *
p3p: CP="NOI DEVa TAIa OUR BUS UNI"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: *
expires: Sat, 13 Jun 1992 00:00:00 GMT

GET
H2 200 index.html Show response
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 5D04 103 KB
41 KB 333ms
231ms Document
text/html 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%253Bcrtbdata%253DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 613e9bc8606361a83d5e6fd53c90fcb3386fc532b31955b2fca66730f7776636

Request headers

Referer: https://mediaintelligence.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: Range
access-control-allow-origin: *
access-control-expose-headers: Content-Length
access-control-max-age: 3600
content-encoding: br
content-type: text/html
date: Fri, 02 Dec 2022 03:06:20 GMT
etag: W/"63764652-19aab"
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cacheable: Cacheable
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-request-id: 195002764

GET
H2 200 / Show response
a.gsitrix.com/view/ Frame 3DF6 58 KB
58 KB 135ms
57ms Script
application/javascript 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896babb43db64c60a6cfc0&id=
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%253Bcrtbdata%253DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash: f9d4b9988ba256c2bd4b37ca52857f847e68d79f17493869897579d4a982e433

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:20 GMT
access-control-allow-methods: *
p3p: CP="NOI DEVa TAIa OUR BUS UNI"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: *
expires: Sat, 13 Jun 1992 00:00:00 GMT

GET
H2 200 index.html Show response
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 6D53 103 KB
41 KB 197ms
109ms Document
text/html 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%253Bcrtbdata%253DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 613e9bc8606361a83d5e6fd53c90fcb3386fc532b31955b2fca66730f7776636

Request headers

Referer: https://mediaintelligence.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: Range
access-control-allow-origin: *
access-control-expose-headers: Content-Length
access-control-max-age: 3600
content-encoding: br
content-type: text/html
date: Fri, 02 Dec 2022 03:06:20 GMT
etag: W/"63764652-19aab"
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cacheable: Cacheable
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-request-id: 195002765

GET
H2 200 index.html Show response
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0304 103 KB
41 KB 249ms
163ms Document
text/html 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%253Bcrtbdata%253DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 613e9bc8606361a83d5e6fd53c90fcb3386fc532b31955b2fca66730f7776636

Request headers

Referer: https://mediaintelligence.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: Range
access-control-allow-origin: *
access-control-expose-headers: Content-Length
access-control-max-age: 3600
content-encoding: br
content-type: text/html
date: Fri, 02 Dec 2022 03:06:20 GMT
etag: W/"63764652-19aab"
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cacheable: Cacheable
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-request-id: 195002766

GET
H2 200 index.html Show response
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17D0 103 KB
41 KB 343ms
273ms Document
text/html 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%253Bcrtbdata%253DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 613e9bc8606361a83d5e6fd53c90fcb3386fc532b31955b2fca66730f7776636

Request headers

Referer: https://mediaintelligence.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: Range
access-control-allow-origin: *
access-control-expose-headers: Content-Length
access-control-max-age: 3600
content-encoding: br
content-type: text/html
date: Fri, 02 Dec 2022 03:06:20 GMT
etag: W/"63764652-19aab"
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cacheable: Cacheable
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-request-id: 195002767

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 97ms
95ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=269038751741260&bg=!JySlJGDNAAbvMpMzzzI7ACkAdvg8WqxFj6qeMQDXhyc5ii7uNoalgmhkTvlsYovoPrEpg9eJ30asfQIAAAClUgAAAAZoAQcKABBUMvn0RdHVvEDYl7UODM-2mQKnMQKVnyC0cNrepsaM2_3KJw0aEdHi13qtNpVruzdJeRN-Eui0I0IGR6v9j_cp9zDUd8f1E9q0AYZsHcX-0KY5vYDvyDcf7WU_Ge6hGs0Uk3yew_Hf_pjZcyyLNrRSZFbNksGycChdwi81KcDa5t4TxmK1LuNLo0CCIIciIvEjI6uFfOvVA5QtASRyY2I3VXeeDfkjwvVKSKUNqtc3Oydnbei9q0qoQSBiezmAQS0KZlnorTF3pM6CNAAtX3urom44EZXjvCxCqvroftJtPkG0CzIyjo4-EMmy7PBM1Ivl9oPbKhrtcNJGc0jIJYEQoYmXhYDQ--PhkPYDZwJKLBnx-CA5X8WBo76g0WpekoS6pnoq8tc9dpx7BuVbrxH8IEkmh-SH4UCT1eJDb_1vPxqVK_4gJmWOvyCiS8vwrm8qitVo-Ra0b-SQhpOxFJKVfkzQO-_PxlNy9d6ajyI4Cvf0JV3SwlvTgrX8rM0PByuBriINv6Y-GpI4qAFDIy7pu4ltbuo-jXCVeDaMGuyCGuwqCZ-Hbgw_-o-McKWSNI3c0O-1gzzcp6DQ2qKs7AugaU272OeEX-eTIQMzYY2zeLNaPKfAKm0RmbLBQhKCIrTaCvLXPmviH4L5vVwkF3Chhx-yTt1NZ7tpHzT0sMYAxxI4OoEQZAKtWdHDu3xZPJBmgkACiaOlsQZ9cU_efFhcE6IOfp-YAf3uy64ev49I7kQubs7TT6i9mt3DKwY4oP3IK8cNNSd8D8-Qtux1tdOMcJHGE8GdS0cVBFHGLNnfYTIAddR7aEd7RT50vXimqGsXid60qfpHev8s4CVOoyVVTTMabFPPFXSJjjmezIf_c4cucDyWyiKlfSIx1lklbbooVJ4LqP4Wk7wjaU2NgTlUIawlpEXm20QAhQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://friends.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6.htm Show response
mediaintelligence.de/trck/ehtmlcontent/ Frame 2EFC 10 KB
10 KB 284ms
283ms Document
text/html 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%253Bcrtbdata%253DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtml/b94b7a94526c275d4ccbe07dc4f031d6?ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%253Bcrtbdata%253DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D&subid=oneid9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEeoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx / PHP/7.2.34-28+0~20211119.67+debian11~1.gbpf24e81
Resource Hash: 00caed03f7da2eca64c51bfcbe0d41e2cabe4a6f555b6b94b73386a6120367ae

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Dec 2022 03:06:20 GMT
Keep-Alive: timeout=20
Server: nginx
Transfer-Encoding: chunked
X-IPLB-Instance: 37714
X-IPLB-Request-ID: 52C78226:89B4_93878F70:01BB_63896BAC_C532F1:21AAF
X-Min-LB: n4
X-Powered-By: PHP/7.2.34-28+0~20211119.67+debian11~1.gbpf24e81

GET
H2 200 / Show response
a.gsitrix.com/view/ Frame FE4C 58 KB
58 KB 152ms
150ms Script
application/javascript 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896babb43db64c60a6cfc0&id=
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%253Bcrtbdata%253DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash: 068f7a5fdfe9a914fe5b39aed0b11e2a54a02462dea2484184ea4ca0ea0178a6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:20 GMT
access-control-allow-methods: *
p3p: CP="NOI DEVa TAIa OUR BUS UNI"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: *
expires: Sat, 13 Jun 1992 00:00:00 GMT

GET
H2 200 index.html Show response
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame D52D 103 KB
41 KB 158ms
158ms Document
text/html 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%253Bcrtbdata%253DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 613e9bc8606361a83d5e6fd53c90fcb3386fc532b31955b2fca66730f7776636

Request headers

Referer: https://mediaintelligence.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: Range
access-control-allow-origin: *
access-control-expose-headers: Content-Length
access-control-max-age: 3600
content-encoding: br
content-type: text/html
date: Fri, 02 Dec 2022 03:06:20 GMT
etag: W/"63764652-19aab"
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cacheable: Cacheable
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-request-id: 195002768

POST
H2 200 /
track.adform.net/serving/unload/ Frame DFFB 35 B
465 B 72ms
72ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@59619775,3857404985629630782,100|1002|0|0|0|0|0|0|0||94|1|||||1|0|0|UzpsjhVmZcbi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK b94b7a94526c275d4ccbe07dc4f031d6.htm Show response
mediaintelligence.de/trck/ehtmlcontent/ Frame 0B96 10 KB
10 KB 373ms
372ms Document
text/html 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%253Bcrtbdata%253D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtml/b94b7a94526c275d4ccbe07dc4f031d6?ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%253Bcrtbdata%253D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D&subid=oneid9j4sMfmf7zWgfKHgtQuzC8P8GU9SmTzEMCepEeoneid__adfPros&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: af979fb22443f5e45d9e166bbc7a049202c7a8c7c9b5e5b0323a80a7d0e3bc16

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Dec 2022 03:06:20 GMT
Keep-Alive: timeout=20
Server: nginx
Transfer-Encoding: chunked
X-IPLB-Instance: 37714
X-IPLB-Request-ID: 52C78226:89AA_93878F70:01BB_63896BAC_C5687D:21AAE
X-Min-LB: n2

GET
H2 200 Bild01.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 6D53 24 KB
24 KB 62ms
50ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild01.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7eb67f2752cc00c01d096a432f38903fcd28e19546e54a8398b5c5a94a4c41b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 24324
x-request-id: 199786580
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-5f04"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text01.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 6D53 2 KB
2 KB 65ms
54ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text01.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: eb11aba293f137cd39bf466b01f8de4105d0e5bed6f2ff34d6281a15c6de9188

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1939
x-request-id: 199786581
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-793"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Bild02.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 6D53 20 KB
20 KB 63ms
53ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild02.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: d73872fea47ecf9e7c96d60a36585037efd6e66e2ecf39e8a4b697a7d64fc14a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 19981
x-request-id: 199786582
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-4e0d"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text02.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 6D53 2 KB
2 KB 64ms
53ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text02.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 407326350975c0cba3da334676dab1778131da77cc5b85eeca66f7f87505fac1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2106
x-request-id: 199786583
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-83a"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Bild03.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 6D53 21 KB
21 KB 65ms
54ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild03.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e1c6d8e452ac4e0808066929a74847d9e7b269da9100a2f9add5495c60620d9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 21107
x-request-id: 199786584
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-5273"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text03.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 6D53 2 KB
2 KB 65ms
56ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text03.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 66648bd12980a88b2e1a17e3772ecacf489072bc3183add3e48b21c1b7cbfe7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1627
x-request-id: 199786585
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-65b"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 BG_Ende.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 6D53 3 KB
4 KB 64ms
55ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/BG_Ende.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3cfe699255ca2dd49006f5a200f4dd483032c30691c1a3dbc19b371af1b81571

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 3283
x-request-id: 199786586
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-cd3"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Produkt_Slide.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 6D53 47 KB
48 KB 75ms
66ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Produkt_Slide.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: a1ef9c4b3b3adadf00ee533142b95ade92036859a9f4e58b4fc79a4c07aa4c77

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 48242
x-request-id: 199786587
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-bc72"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 CTA01.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 6D53 969 B
1 KB 75ms
67ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/CTA01.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: caecfb958ef1a9571585c051bf22deab7f719c629b3b604a160cb8a18903a03e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 969
x-request-id: 199786588
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-3c9"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_blue_end.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 6D53 3 KB
3 KB 76ms
67ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_blue_end.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7e87fdd3002e9e43dbd6211bb81b7f4f4e04f42de94b008e167186810572d044

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2965
x-request-id: 199786589
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-b95"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_small.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 6D53 1 KB
1 KB 73ms
65ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_small.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3dd8af17c4b149f67ba80b4abbfb16778dac3b410b6c783fe98d4595e2552f7e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1096
x-request-id: 199786590
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-448"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Stoerer.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 6D53 2 KB
2 KB 77ms
69ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Stoerer.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3994011b7f2475f47a23ddf0347d5ee7649380677a6b2113c74fa87cde5ca01f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1688
x-request-id: 199786591
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-698"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text04.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 6D53 2 KB
2 KB 78ms
70ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text04.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 892a4805cd03f138c65c4536ec6563b09ed3c5b488fa4a44a995a17de22cefc0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2032
x-request-id: 199786592
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-7f0"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 CTA02.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 6D53 945 B
1 KB 102ms
94ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/CTA02.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: bf9203363a52ecce705e13cea541d2cf2294533037365ea9d1e1545a1dce8652

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 945
x-request-id: 199786593
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-3b1"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_big.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 6D53 2 KB
3 KB 102ms
95ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_big.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 590c9ddbc51f7ed2aa6f06fd9d4100194a40bb8dafae047df242c3b7886e2f73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%3Bcrtbdata%3DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2555
x-request-id: 199786594
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-9fb"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 1070 35 B
465 B 74ms
71ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@59619775,6496114435056239046,100|1051|0|0|0|0|0|0|0||99|1|||||1|0|0|UzpsjhVmZcbi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 / Show response
a.gsitrix.com/view/ Frame 7856 58 KB
58 KB 64ms
55ms Script
application/javascript 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896babb43db64c60a6cfc0&id=
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%253Bcrtbdata%253D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash: ee8c7a171fae56ccd6fa2c4795beeca609c1845bc5d70cc77c9040be096abbbc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:20 GMT
access-control-allow-methods: *
p3p: CP="NOI DEVa TAIa OUR BUS UNI"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: *
expires: Sat, 13 Jun 1992 00:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame D9C4 35 B
465 B 73ms
71ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@59619775,4592672160995560977,100|1074|0|0|0|0|0|0|0||101|1|||||1|0|0|UzpsjhVmZcbi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame E770 35 B
465 B 74ms
73ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@59619775,7265687980519397772,100|1075|0|0|0|0|0|0|0||101|1|||||1|0|0|UzpsjhVmZcbi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame C811 35 B
465 B 73ms
72ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@59619775,6365695654102705715,94|1069|0|0|0|0|0|0|0||94|1|||||1|0|0|UzpsjhVmZcbi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame BCE1 35 B
465 B 72ms
71ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@59619775,7939873898890200094,100|1083|0|0|0|0|0|0|0||102|1|||||1|0|0|UzpsjhVmZcbi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame A069 35 B
465 B 73ms
73ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@59619775,7115691116402738163,53|1170|0|0|0|0|0|0|0||58|1|||||1|0|0|UzpsjhVmZcbi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 2AB9 35 B
465 B 71ms
71ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@59619775,2597617558834715331,67|1171|0|0|0|0|0|0|0||73|1|||||1|0|0|UzpsjhVmZcbi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 index.html Show response
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 7F8A 103 KB
41 KB 63ms
63ms Document
text/html 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%253Bcrtbdata%253D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 613e9bc8606361a83d5e6fd53c90fcb3386fc532b31955b2fca66730f7776636

Request headers

Referer: https://mediaintelligence.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: Range
access-control-allow-origin: *
access-control-expose-headers: Content-Length
access-control-max-age: 3600
content-encoding: br
content-type: text/html
date: Fri, 02 Dec 2022 03:06:20 GMT
etag: W/"63764652-19aab"
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cacheable: Cacheable
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-request-id: 195002784

GET
H2 200 Bild01.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0304 24 KB
24 KB 56ms
54ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild01.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7eb67f2752cc00c01d096a432f38903fcd28e19546e54a8398b5c5a94a4c41b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 24324
x-request-id: 199786580
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-5f04"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text01.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0304 2 KB
2 KB 58ms
53ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text01.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: eb11aba293f137cd39bf466b01f8de4105d0e5bed6f2ff34d6281a15c6de9188

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1939
x-request-id: 199786581
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-793"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Bild02.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0304 20 KB
20 KB 58ms
54ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild02.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: d73872fea47ecf9e7c96d60a36585037efd6e66e2ecf39e8a4b697a7d64fc14a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 19981
x-request-id: 199786582
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-4e0d"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text02.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0304 2 KB
2 KB 59ms
55ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text02.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 407326350975c0cba3da334676dab1778131da77cc5b85eeca66f7f87505fac1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2106
x-request-id: 199786583
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-83a"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Bild03.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0304 21 KB
21 KB 61ms
56ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild03.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e1c6d8e452ac4e0808066929a74847d9e7b269da9100a2f9add5495c60620d9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 21107
x-request-id: 199786584
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-5273"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text03.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0304 2 KB
2 KB 61ms
56ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text03.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 66648bd12980a88b2e1a17e3772ecacf489072bc3183add3e48b21c1b7cbfe7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1627
x-request-id: 199786585
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-65b"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 BG_Ende.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0304 3 KB
4 KB 61ms
57ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/BG_Ende.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3cfe699255ca2dd49006f5a200f4dd483032c30691c1a3dbc19b371af1b81571

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 3283
x-request-id: 199786586
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-cd3"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Produkt_Slide.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0304 47 KB
48 KB 63ms
59ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Produkt_Slide.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: a1ef9c4b3b3adadf00ee533142b95ade92036859a9f4e58b4fc79a4c07aa4c77

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 48242
x-request-id: 199786587
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-bc72"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 CTA01.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0304 969 B
1 KB 72ms
68ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/CTA01.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: caecfb958ef1a9571585c051bf22deab7f719c629b3b604a160cb8a18903a03e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 969
x-request-id: 199786588
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-3c9"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_blue_end.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0304 3 KB
3 KB 72ms
69ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_blue_end.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7e87fdd3002e9e43dbd6211bb81b7f4f4e04f42de94b008e167186810572d044

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2965
x-request-id: 199786589
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-b95"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_small.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0304 1 KB
1 KB 73ms
70ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_small.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3dd8af17c4b149f67ba80b4abbfb16778dac3b410b6c783fe98d4595e2552f7e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1096
x-request-id: 199786590
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-448"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Stoerer.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0304 2 KB
2 KB 73ms
71ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Stoerer.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3994011b7f2475f47a23ddf0347d5ee7649380677a6b2113c74fa87cde5ca01f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1688
x-request-id: 199786591
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-698"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text04.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0304 2 KB
2 KB 74ms
71ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text04.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 892a4805cd03f138c65c4536ec6563b09ed3c5b488fa4a44a995a17de22cefc0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2032
x-request-id: 199786592
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-7f0"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 CTA02.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0304 945 B
1 KB 74ms
72ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/CTA02.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: bf9203363a52ecce705e13cea541d2cf2294533037365ea9d1e1545a1dce8652

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 945
x-request-id: 199786593
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-3b1"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_big.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0304 2 KB
3 KB 74ms
73ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_big.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 590c9ddbc51f7ed2aa6f06fd9d4100194a40bb8dafae047df242c3b7886e2f73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%3Bcrtbdata%3DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2555
x-request-id: 199786594
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-9fb"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Bild01.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0837 24 KB
24 KB 68ms
56ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild01.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7eb67f2752cc00c01d096a432f38903fcd28e19546e54a8398b5c5a94a4c41b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 24324
x-request-id: 199786580
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-5f04"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text01.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0837 2 KB
2 KB 69ms
57ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text01.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: eb11aba293f137cd39bf466b01f8de4105d0e5bed6f2ff34d6281a15c6de9188

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1939
x-request-id: 199786581
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-793"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Bild02.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0837 20 KB
20 KB 70ms
58ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild02.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: d73872fea47ecf9e7c96d60a36585037efd6e66e2ecf39e8a4b697a7d64fc14a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 19981
x-request-id: 199786582
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-4e0d"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text02.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0837 2 KB
2 KB 71ms
59ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text02.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 407326350975c0cba3da334676dab1778131da77cc5b85eeca66f7f87505fac1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2106
x-request-id: 199786583
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-83a"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Bild03.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0837 21 KB
21 KB 71ms
60ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild03.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e1c6d8e452ac4e0808066929a74847d9e7b269da9100a2f9add5495c60620d9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 21107
x-request-id: 199786584
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-5273"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text03.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0837 2 KB
2 KB 72ms
61ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text03.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 66648bd12980a88b2e1a17e3772ecacf489072bc3183add3e48b21c1b7cbfe7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1627
x-request-id: 199786585
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-65b"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 BG_Ende.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0837 3 KB
4 KB 72ms
61ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/BG_Ende.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3cfe699255ca2dd49006f5a200f4dd483032c30691c1a3dbc19b371af1b81571

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 3283
x-request-id: 199786586
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-cd3"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Produkt_Slide.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0837 47 KB
48 KB 72ms
62ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Produkt_Slide.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: a1ef9c4b3b3adadf00ee533142b95ade92036859a9f4e58b4fc79a4c07aa4c77

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 48242
x-request-id: 199786587
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-bc72"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 CTA01.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0837 969 B
1 KB 73ms
63ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/CTA01.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: caecfb958ef1a9571585c051bf22deab7f719c629b3b604a160cb8a18903a03e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 969
x-request-id: 199786588
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-3c9"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_blue_end.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0837 3 KB
3 KB 73ms
64ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_blue_end.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7e87fdd3002e9e43dbd6211bb81b7f4f4e04f42de94b008e167186810572d044

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2965
x-request-id: 199786589
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-b95"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_small.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0837 1 KB
1 KB 75ms
65ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_small.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3dd8af17c4b149f67ba80b4abbfb16778dac3b410b6c783fe98d4595e2552f7e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1096
x-request-id: 199786590
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-448"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Stoerer.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0837 2 KB
2 KB 75ms
66ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Stoerer.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3994011b7f2475f47a23ddf0347d5ee7649380677a6b2113c74fa87cde5ca01f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1688
x-request-id: 199786591
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-698"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text04.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0837 2 KB
2 KB 76ms
66ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text04.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 892a4805cd03f138c65c4536ec6563b09ed3c5b488fa4a44a995a17de22cefc0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2032
x-request-id: 199786592
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-7f0"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 CTA02.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0837 945 B
1 KB 76ms
67ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/CTA02.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: bf9203363a52ecce705e13cea541d2cf2294533037365ea9d1e1545a1dce8652

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 945
x-request-id: 199786593
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-3b1"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_big.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 0837 2 KB
3 KB 77ms
68ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_big.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 590c9ddbc51f7ed2aa6f06fd9d4100194a40bb8dafae047df242c3b7886e2f73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%3Bcrtbdata%3D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bab1627363b82c8ecc9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2555
x-request-id: 199786594
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-9fb"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Bild01.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 5D04 24 KB
24 KB 58ms
53ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild01.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7eb67f2752cc00c01d096a432f38903fcd28e19546e54a8398b5c5a94a4c41b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 24324
x-request-id: 199786580
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-5f04"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text01.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 5D04 2 KB
2 KB 72ms
66ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text01.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: eb11aba293f137cd39bf466b01f8de4105d0e5bed6f2ff34d6281a15c6de9188

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1939
x-request-id: 199786581
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-793"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Bild02.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 5D04 20 KB
20 KB 72ms
67ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild02.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: d73872fea47ecf9e7c96d60a36585037efd6e66e2ecf39e8a4b697a7d64fc14a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 19981
x-request-id: 199786582
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-4e0d"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text02.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 5D04 2 KB
2 KB 60ms
55ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text02.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 407326350975c0cba3da334676dab1778131da77cc5b85eeca66f7f87505fac1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2106
x-request-id: 199786583
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-83a"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Bild03.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 5D04 21 KB
21 KB 59ms
55ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild03.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e1c6d8e452ac4e0808066929a74847d9e7b269da9100a2f9add5495c60620d9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 21107
x-request-id: 199786584
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-5273"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text03.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 5D04 2 KB
2 KB 58ms
54ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text03.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 66648bd12980a88b2e1a17e3772ecacf489072bc3183add3e48b21c1b7cbfe7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1627
x-request-id: 199786585
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-65b"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 BG_Ende.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 5D04 3 KB
4 KB 61ms
56ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/BG_Ende.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3cfe699255ca2dd49006f5a200f4dd483032c30691c1a3dbc19b371af1b81571

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 3283
x-request-id: 199786586
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-cd3"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Produkt_Slide.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 5D04 47 KB
48 KB 71ms
67ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Produkt_Slide.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: a1ef9c4b3b3adadf00ee533142b95ade92036859a9f4e58b4fc79a4c07aa4c77

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 48242
x-request-id: 199786587
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-bc72"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 CTA01.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 5D04 969 B
1 KB 61ms
57ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/CTA01.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: caecfb958ef1a9571585c051bf22deab7f719c629b3b604a160cb8a18903a03e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 969
x-request-id: 199786588
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-3c9"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_blue_end.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 5D04 3 KB
3 KB 63ms
60ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_blue_end.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7e87fdd3002e9e43dbd6211bb81b7f4f4e04f42de94b008e167186810572d044

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2965
x-request-id: 199786589
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-b95"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_small.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 5D04 1 KB
1 KB 65ms
62ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_small.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3dd8af17c4b149f67ba80b4abbfb16778dac3b410b6c783fe98d4595e2552f7e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1096
x-request-id: 199786590
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-448"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Stoerer.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 5D04 2 KB
2 KB 66ms
63ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Stoerer.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3994011b7f2475f47a23ddf0347d5ee7649380677a6b2113c74fa87cde5ca01f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1688
x-request-id: 199786591
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-698"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text04.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 5D04 2 KB
2 KB 68ms
65ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text04.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 892a4805cd03f138c65c4536ec6563b09ed3c5b488fa4a44a995a17de22cefc0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2032
x-request-id: 199786592
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-7f0"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 CTA02.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 5D04 945 B
1 KB 66ms
64ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/CTA02.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: bf9203363a52ecce705e13cea541d2cf2294533037365ea9d1e1545a1dce8652

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 945
x-request-id: 199786593
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-3b1"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_big.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 5D04 2 KB
3 KB 67ms
65ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_big.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 590c9ddbc51f7ed2aa6f06fd9d4100194a40bb8dafae047df242c3b7886e2f73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%3Bcrtbdata%3DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2555
x-request-id: 199786594
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-9fb"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Bild01.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17D0 24 KB
24 KB 57ms
55ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild01.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7eb67f2752cc00c01d096a432f38903fcd28e19546e54a8398b5c5a94a4c41b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 24324
x-request-id: 199786580
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-5f04"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text01.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17D0 2 KB
2 KB 57ms
55ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text01.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: eb11aba293f137cd39bf466b01f8de4105d0e5bed6f2ff34d6281a15c6de9188

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1939
x-request-id: 199786581
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-793"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Bild02.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17D0 20 KB
20 KB 58ms
56ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild02.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: d73872fea47ecf9e7c96d60a36585037efd6e66e2ecf39e8a4b697a7d64fc14a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 19981
x-request-id: 199786582
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-4e0d"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text02.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17D0 2 KB
2 KB 59ms
57ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text02.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 407326350975c0cba3da334676dab1778131da77cc5b85eeca66f7f87505fac1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2106
x-request-id: 199786583
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-83a"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Bild03.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17D0 21 KB
21 KB 61ms
59ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild03.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e1c6d8e452ac4e0808066929a74847d9e7b269da9100a2f9add5495c60620d9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 21107
x-request-id: 199786584
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-5273"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text03.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17D0 2 KB
2 KB 62ms
61ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text03.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 66648bd12980a88b2e1a17e3772ecacf489072bc3183add3e48b21c1b7cbfe7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1627
x-request-id: 199786585
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-65b"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 BG_Ende.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17D0 3 KB
4 KB 62ms
61ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/BG_Ende.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3cfe699255ca2dd49006f5a200f4dd483032c30691c1a3dbc19b371af1b81571

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 3283
x-request-id: 199786586
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-cd3"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Produkt_Slide.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17D0 47 KB
48 KB 62ms
58ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Produkt_Slide.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: a1ef9c4b3b3adadf00ee533142b95ade92036859a9f4e58b4fc79a4c07aa4c77

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 48242
x-request-id: 199786587
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-bc72"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 CTA01.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17D0 969 B
1 KB 64ms
60ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/CTA01.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: caecfb958ef1a9571585c051bf22deab7f719c629b3b604a160cb8a18903a03e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 969
x-request-id: 199786588
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-3c9"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_blue_end.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17D0 3 KB
3 KB 65ms
61ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_blue_end.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7e87fdd3002e9e43dbd6211bb81b7f4f4e04f42de94b008e167186810572d044

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2965
x-request-id: 199786589
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-b95"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_small.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17D0 1 KB
1 KB 65ms
61ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_small.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3dd8af17c4b149f67ba80b4abbfb16778dac3b410b6c783fe98d4595e2552f7e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1096
x-request-id: 199786590
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-448"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Stoerer.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17D0 2 KB
2 KB 65ms
62ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Stoerer.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3994011b7f2475f47a23ddf0347d5ee7649380677a6b2113c74fa87cde5ca01f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1688
x-request-id: 199786591
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-698"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text04.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17D0 2 KB
2 KB 66ms
63ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text04.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 892a4805cd03f138c65c4536ec6563b09ed3c5b488fa4a44a995a17de22cefc0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2032
x-request-id: 199786592
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-7f0"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 CTA02.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17D0 945 B
1 KB 64ms
63ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/CTA02.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: bf9203363a52ecce705e13cea541d2cf2294533037365ea9d1e1545a1dce8652

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 945
x-request-id: 199786593
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-3b1"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_big.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17D0 2 KB
3 KB 65ms
63ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_big.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 590c9ddbc51f7ed2aa6f06fd9d4100194a40bb8dafae047df242c3b7886e2f73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%3Bcrtbdata%3DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2555
x-request-id: 199786594
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-9fb"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 / Show response
a.gsitrix.com/view/ Frame 2EFC 58 KB
58 KB 55ms
55ms Script
application/javascript 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896bac1627363b82c8ecd9&id=
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%253Bcrtbdata%253DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash: 01b01d80c3c0f05522ac58c1636a160dedf14e6f60be326b5589f5c783c01654

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:21 GMT
access-control-allow-methods: *
p3p: CP="NOI DEVa TAIa OUR BUS UNI"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: *
expires: Sat, 13 Jun 1992 00:00:00 GMT

GET
H2 200 Bild01.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame D52D 24 KB
24 KB 62ms
50ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild01.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7eb67f2752cc00c01d096a432f38903fcd28e19546e54a8398b5c5a94a4c41b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 24324
x-request-id: 199786580
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-5f04"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text01.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame D52D 2 KB
2 KB 67ms
54ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text01.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: eb11aba293f137cd39bf466b01f8de4105d0e5bed6f2ff34d6281a15c6de9188

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1939
x-request-id: 199786581
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-793"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Bild02.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame D52D 20 KB
20 KB 67ms
55ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild02.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: d73872fea47ecf9e7c96d60a36585037efd6e66e2ecf39e8a4b697a7d64fc14a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 19981
x-request-id: 199786582
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-4e0d"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text02.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame D52D 2 KB
2 KB 67ms
55ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text02.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 407326350975c0cba3da334676dab1778131da77cc5b85eeca66f7f87505fac1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2106
x-request-id: 199786583
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-83a"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Bild03.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame D52D 21 KB
21 KB 68ms
56ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild03.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e1c6d8e452ac4e0808066929a74847d9e7b269da9100a2f9add5495c60620d9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 21107
x-request-id: 199786584
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-5273"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text03.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame D52D 2 KB
2 KB 69ms
57ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text03.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 66648bd12980a88b2e1a17e3772ecacf489072bc3183add3e48b21c1b7cbfe7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1627
x-request-id: 199786585
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-65b"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 BG_Ende.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame D52D 3 KB
4 KB 70ms
53ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/BG_Ende.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3cfe699255ca2dd49006f5a200f4dd483032c30691c1a3dbc19b371af1b81571

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 3283
x-request-id: 199786586
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-cd3"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Produkt_Slide.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame D52D 47 KB
48 KB 69ms
52ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Produkt_Slide.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: a1ef9c4b3b3adadf00ee533142b95ade92036859a9f4e58b4fc79a4c07aa4c77

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 48242
x-request-id: 199786587
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-bc72"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 CTA01.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame D52D 969 B
1 KB 69ms
53ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/CTA01.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: caecfb958ef1a9571585c051bf22deab7f719c629b3b604a160cb8a18903a03e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 969
x-request-id: 199786588
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-3c9"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_blue_end.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame D52D 3 KB
3 KB 70ms
55ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_blue_end.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7e87fdd3002e9e43dbd6211bb81b7f4f4e04f42de94b008e167186810572d044

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2965
x-request-id: 199786589
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-b95"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_small.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame D52D 1 KB
1 KB 69ms
54ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_small.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3dd8af17c4b149f67ba80b4abbfb16778dac3b410b6c783fe98d4595e2552f7e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1096
x-request-id: 199786590
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-448"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Stoerer.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame D52D 2 KB
2 KB 70ms
56ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Stoerer.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3994011b7f2475f47a23ddf0347d5ee7649380677a6b2113c74fa87cde5ca01f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1688
x-request-id: 199786591
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-698"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text04.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame D52D 2 KB
2 KB 69ms
56ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text04.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 892a4805cd03f138c65c4536ec6563b09ed3c5b488fa4a44a995a17de22cefc0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2032
x-request-id: 199786592
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-7f0"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 CTA02.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame D52D 945 B
1 KB 69ms
57ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/CTA02.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: bf9203363a52ecce705e13cea541d2cf2294533037365ea9d1e1545a1dce8652

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 945
x-request-id: 199786593
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-3b1"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_big.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame D52D 2 KB
3 KB 70ms
58ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_big.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 590c9ddbc51f7ed2aa6f06fd9d4100194a40bb8dafae047df242c3b7886e2f73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%3Bcrtbdata%3DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2555
x-request-id: 199786594
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-9fb"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame EB1F 0
744 B 58ms
57ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:21 GMT
AN-X-Request-Uuid: 4a08d6e1-dd81-497b-9a14-9ce1f91caa8b
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3156 0
744 B 58ms
57ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:21 GMT
AN-X-Request-Uuid: 28b31f7e-e811-474a-9f7e-b86e3f25686f
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 15C0 0
744 B 57ms
57ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:21 GMT
AN-X-Request-Uuid: 197ef95d-50b9-416f-8669-40a9608ebc30
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
a.gsitrix.com/view/ Frame 0B96 58 KB
58 KB 55ms
54ms Script
application/javascript 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896bac1627363b82c8ecd9&id=
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%253Bcrtbdata%253D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash: 0f0393e1b6105f2e0fdee2b8805c1a45393453852f54ad88c60d1c2451f2a2e9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:21 GMT
access-control-allow-methods: *
p3p: CP="NOI DEVa TAIa OUR BUS UNI"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: *
expires: Sat, 13 Jun 1992 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6712 0
744 B 57ms
56ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:21 GMT
AN-X-Request-Uuid: 6a1d4b5e-7123-4cc7-9777-83606f791187
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 index.html Show response
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 4924 103 KB
41 KB 63ms
62ms Document
text/html 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%253Bcrtbdata%253DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 613e9bc8606361a83d5e6fd53c90fcb3386fc532b31955b2fca66730f7776636

Request headers

Referer: https://mediaintelligence.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: Range
access-control-allow-origin: *
access-control-expose-headers: Content-Length
access-control-max-age: 3600
content-encoding: br
content-type: text/html
date: Fri, 02 Dec 2022 03:06:21 GMT
etag: W/"63764652-19aab"
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cacheable: Cacheable
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-request-id: 195002860

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D55B 0
744 B 62ms
62ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:21 GMT
AN-X-Request-Uuid: 296d6a53-f839-4981-abd1-a028d5770ceb
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 56F9 0
744 B 58ms
58ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:21 GMT
AN-X-Request-Uuid: 0dd8060d-f3b6-4d76-b6b1-a9faaf61a597
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Bild01.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 7F8A 24 KB
24 KB 57ms
55ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild01.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7eb67f2752cc00c01d096a432f38903fcd28e19546e54a8398b5c5a94a4c41b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 24324
x-request-id: 199786580
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-5f04"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text01.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 7F8A 2 KB
2 KB 58ms
54ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text01.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: eb11aba293f137cd39bf466b01f8de4105d0e5bed6f2ff34d6281a15c6de9188

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1939
x-request-id: 199786581
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-793"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Bild02.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 7F8A 20 KB
20 KB 59ms
55ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild02.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: d73872fea47ecf9e7c96d60a36585037efd6e66e2ecf39e8a4b697a7d64fc14a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 19981
x-request-id: 199786582
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-4e0d"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text02.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 7F8A 2 KB
2 KB 59ms
55ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text02.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 407326350975c0cba3da334676dab1778131da77cc5b85eeca66f7f87505fac1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2106
x-request-id: 199786583
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-83a"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Bild03.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 7F8A 21 KB
21 KB 59ms
56ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild03.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e1c6d8e452ac4e0808066929a74847d9e7b269da9100a2f9add5495c60620d9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 21107
x-request-id: 199786584
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-5273"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text03.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 7F8A 2 KB
2 KB 59ms
56ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text03.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 66648bd12980a88b2e1a17e3772ecacf489072bc3183add3e48b21c1b7cbfe7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1627
x-request-id: 199786585
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-65b"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 BG_Ende.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 7F8A 3 KB
4 KB 60ms
57ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/BG_Ende.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3cfe699255ca2dd49006f5a200f4dd483032c30691c1a3dbc19b371af1b81571

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 3283
x-request-id: 199786586
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-cd3"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Produkt_Slide.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 7F8A 47 KB
48 KB 61ms
58ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Produkt_Slide.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: a1ef9c4b3b3adadf00ee533142b95ade92036859a9f4e58b4fc79a4c07aa4c77

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 48242
x-request-id: 199786587
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-bc72"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 CTA01.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 7F8A 969 B
1 KB 61ms
58ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/CTA01.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: caecfb958ef1a9571585c051bf22deab7f719c629b3b604a160cb8a18903a03e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 969
x-request-id: 199786588
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-3c9"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_blue_end.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 7F8A 3 KB
3 KB 61ms
59ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_blue_end.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7e87fdd3002e9e43dbd6211bb81b7f4f4e04f42de94b008e167186810572d044

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2965
x-request-id: 199786589
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-b95"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_small.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 7F8A 1 KB
1 KB 61ms
59ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_small.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3dd8af17c4b149f67ba80b4abbfb16778dac3b410b6c783fe98d4595e2552f7e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1096
x-request-id: 199786590
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-448"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Stoerer.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 7F8A 2 KB
2 KB 62ms
60ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Stoerer.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3994011b7f2475f47a23ddf0347d5ee7649380677a6b2113c74fa87cde5ca01f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1688
x-request-id: 199786591
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-698"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text04.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 7F8A 2 KB
2 KB 63ms
61ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text04.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 892a4805cd03f138c65c4536ec6563b09ed3c5b488fa4a44a995a17de22cefc0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2032
x-request-id: 199786592
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-7f0"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 CTA02.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 7F8A 945 B
1 KB 62ms
61ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/CTA02.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: bf9203363a52ecce705e13cea541d2cf2294533037365ea9d1e1545a1dce8652

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 945
x-request-id: 199786593
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-3b1"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_big.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 7F8A 2 KB
3 KB 63ms
62ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_big.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 590c9ddbc51f7ed2aa6f06fd9d4100194a40bb8dafae047df242c3b7886e2f73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%3Bcrtbdata%3D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896babb43db64c60a6cfc0&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2555
x-request-id: 199786594
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-9fb"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame AF2A 0
744 B 59ms
58ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:21 GMT
AN-X-Request-Uuid: ff51b724-72fd-4a88-9e94-b8499b267881
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame BBC9 0
744 B 58ms
57ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:21 GMT
AN-X-Request-Uuid: d4870fa2-5d20-4d71-a2c3-2e3ab6e20db1
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 index.html Show response
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17CD 103 KB
41 KB 62ms
62ms Document
text/html 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%253Bcrtbdata%253D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 613e9bc8606361a83d5e6fd53c90fcb3386fc532b31955b2fca66730f7776636

Request headers

Referer: https://mediaintelligence.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: Range
access-control-allow-origin: *
access-control-expose-headers: Content-Length
access-control-max-age: 3600
content-encoding: br
content-type: text/html
date: Fri, 02 Dec 2022 03:06:21 GMT
etag: W/"63764652-19aab"
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cacheable: Cacheable
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-request-id: 195002876

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0953 0
744 B 57ms
56ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:21 GMT
AN-X-Request-Uuid: 4a64c2bd-6df2-46e7-a19a-a91bfec51570
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 587B 0
744 B 58ms
57ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:21 GMT
AN-X-Request-Uuid: ada476ce-8cda-4dcf-9d24-1b697aae919b
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 90BA 0
744 B 57ms
56ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:21 GMT
AN-X-Request-Uuid: dd1e0f08-361f-47c8-9e77-071e4023972d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F603 0
744 B 57ms
57ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:21 GMT
AN-X-Request-Uuid: 5df1aa46-67c6-48a4-8ff0-d03f3a976ac6
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4E44 0
744 B 57ms
57ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:21 GMT
AN-X-Request-Uuid: 8520048a-fd34-4ef0-a034-0bb7ed358bef
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame EC0B 0
744 B 57ms
56ms Script
text/html 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 03:06:21 GMT
AN-X-Request-Uuid: f86fe92b-4795-4480-aef7-c6a37d697960
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Bild01.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 4924 24 KB
24 KB 56ms
55ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild01.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7eb67f2752cc00c01d096a432f38903fcd28e19546e54a8398b5c5a94a4c41b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 24324
x-request-id: 199786580
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-5f04"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text01.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 4924 2 KB
2 KB 56ms
55ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text01.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: eb11aba293f137cd39bf466b01f8de4105d0e5bed6f2ff34d6281a15c6de9188

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1939
x-request-id: 199786581
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-793"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Bild02.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 4924 20 KB
20 KB 56ms
55ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild02.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: d73872fea47ecf9e7c96d60a36585037efd6e66e2ecf39e8a4b697a7d64fc14a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 19981
x-request-id: 199786582
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-4e0d"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text02.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 4924 2 KB
2 KB 56ms
55ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text02.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 407326350975c0cba3da334676dab1778131da77cc5b85eeca66f7f87505fac1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2106
x-request-id: 199786583
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-83a"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Bild03.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 4924 21 KB
21 KB 57ms
57ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild03.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e1c6d8e452ac4e0808066929a74847d9e7b269da9100a2f9add5495c60620d9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 21107
x-request-id: 199786584
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-5273"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text03.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 4924 2 KB
2 KB 57ms
57ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text03.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 66648bd12980a88b2e1a17e3772ecacf489072bc3183add3e48b21c1b7cbfe7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1627
x-request-id: 199786585
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-65b"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 BG_Ende.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 4924 3 KB
4 KB 58ms
57ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/BG_Ende.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3cfe699255ca2dd49006f5a200f4dd483032c30691c1a3dbc19b371af1b81571

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 3283
x-request-id: 199786586
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-cd3"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Produkt_Slide.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 4924 47 KB
48 KB 58ms
58ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Produkt_Slide.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: a1ef9c4b3b3adadf00ee533142b95ade92036859a9f4e58b4fc79a4c07aa4c77

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 48242
x-request-id: 199786587
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-bc72"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 CTA01.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 4924 969 B
1 KB 58ms
58ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/CTA01.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: caecfb958ef1a9571585c051bf22deab7f719c629b3b604a160cb8a18903a03e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 969
x-request-id: 199786588
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-3c9"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_blue_end.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 4924 3 KB
3 KB 58ms
58ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_blue_end.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7e87fdd3002e9e43dbd6211bb81b7f4f4e04f42de94b008e167186810572d044

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2965
x-request-id: 199786589
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-b95"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_small.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 4924 1 KB
1 KB 59ms
58ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_small.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3dd8af17c4b149f67ba80b4abbfb16778dac3b410b6c783fe98d4595e2552f7e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1096
x-request-id: 199786590
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-448"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Stoerer.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 4924 2 KB
2 KB 59ms
58ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Stoerer.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3994011b7f2475f47a23ddf0347d5ee7649380677a6b2113c74fa87cde5ca01f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1688
x-request-id: 199786591
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-698"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text04.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 4924 2 KB
2 KB 59ms
58ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text04.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 892a4805cd03f138c65c4536ec6563b09ed3c5b488fa4a44a995a17de22cefc0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2032
x-request-id: 199786592
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-7f0"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 CTA02.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 4924 945 B
1 KB 59ms
59ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/CTA02.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: bf9203363a52ecce705e13cea541d2cf2294533037365ea9d1e1545a1dce8652

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 945
x-request-id: 199786593
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-3b1"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_big.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 4924 2 KB
3 KB 60ms
59ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_big.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 590c9ddbc51f7ed2aa6f06fd9d4100194a40bb8dafae047df242c3b7886e2f73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%3Bcrtbdata%3DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2555
x-request-id: 199786594
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-9fb"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Bild01.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17CD 24 KB
24 KB 57ms
54ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild01.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7eb67f2752cc00c01d096a432f38903fcd28e19546e54a8398b5c5a94a4c41b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 24324
x-request-id: 199786580
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-5f04"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text01.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17CD 2 KB
2 KB 60ms
56ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text01.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: eb11aba293f137cd39bf466b01f8de4105d0e5bed6f2ff34d6281a15c6de9188

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1939
x-request-id: 199786581
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-793"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Bild02.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17CD 20 KB
20 KB 62ms
58ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild02.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: d73872fea47ecf9e7c96d60a36585037efd6e66e2ecf39e8a4b697a7d64fc14a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 19981
x-request-id: 199786582
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-4e0d"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text02.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17CD 2 KB
2 KB 59ms
55ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text02.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 407326350975c0cba3da334676dab1778131da77cc5b85eeca66f7f87505fac1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2106
x-request-id: 199786583
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-83a"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Bild03.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17CD 21 KB
21 KB 61ms
57ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Bild03.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e1c6d8e452ac4e0808066929a74847d9e7b269da9100a2f9add5495c60620d9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 21107
x-request-id: 199786584
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-5273"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text03.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17CD 2 KB
2 KB 57ms
54ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text03.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 66648bd12980a88b2e1a17e3772ecacf489072bc3183add3e48b21c1b7cbfe7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1627
x-request-id: 199786585
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-65b"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 BG_Ende.jpg
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17CD 3 KB
4 KB 60ms
57ms Image
image/jpeg 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/BG_Ende.jpg
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3cfe699255ca2dd49006f5a200f4dd483032c30691c1a3dbc19b371af1b81571

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 3283
x-request-id: 199786586
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-cd3"
access-control-max-age: 3600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Produkt_Slide.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17CD 47 KB
48 KB 58ms
55ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Produkt_Slide.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: a1ef9c4b3b3adadf00ee533142b95ade92036859a9f4e58b4fc79a4c07aa4c77

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 48242
x-request-id: 199786587
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-bc72"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 CTA01.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17CD 969 B
1 KB 62ms
59ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/CTA01.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: caecfb958ef1a9571585c051bf22deab7f719c629b3b604a160cb8a18903a03e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 969
x-request-id: 199786588
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-3c9"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_blue_end.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17CD 3 KB
3 KB 62ms
60ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_blue_end.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7e87fdd3002e9e43dbd6211bb81b7f4f4e04f42de94b008e167186810572d044

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2965
x-request-id: 199786589
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-b95"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_small.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17CD 1 KB
1 KB 61ms
59ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_small.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3dd8af17c4b149f67ba80b4abbfb16778dac3b410b6c783fe98d4595e2552f7e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1096
x-request-id: 199786590
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-448"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Stoerer.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17CD 2 KB
2 KB 62ms
60ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Stoerer.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3994011b7f2475f47a23ddf0347d5ee7649380677a6b2113c74fa87cde5ca01f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 1688
x-request-id: 199786591
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-698"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 Text04.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17CD 2 KB
2 KB 64ms
62ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/Text04.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 892a4805cd03f138c65c4536ec6563b09ed3c5b488fa4a44a995a17de22cefc0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2032
x-request-id: 199786592
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-7f0"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 CTA02.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17CD 945 B
1 KB 64ms
62ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/CTA02.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: bf9203363a52ecce705e13cea541d2cf2294533037365ea9d1e1545a1dce8652

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 945
x-request-id: 199786593
last-modified: Thu, 17 Nov 2022 14:33:53 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764651-3b1"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

GET
H2 200 logo_big.png
data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/ Frame 17CD 2 KB
3 KB 64ms
63ms Image
image/png 46.105.200.240
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/logo_big.png
Requested by: Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 590c9ddbc51f7ed2aa6f06fd9d4100194a40bb8dafae047df242c3b7886e2f73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://data.mediaintelligence.de/min/485_BSH_Blue_Movement_November_2022/BlueMovement_300x600_v100/index.html?clicktag=https://as.ad4m.at/ad/rct?ed=1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p&a=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59619775%3Bcrtbwp%3DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%3Bcrtbdata%3D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%3Badfibeg%3D0%3Bcdata%3DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%3B%3BCREFURL%3Dhttps%253a%252f%252ffriends.in.ua%3BC%3D1%3Bcpdir%3Dhttps%3A%2F%2Fmediaintelligence.de%2Ftrck%2Feclick%2Fb94b7a94526c275d4ccbe07dc4f031d6%26trs=63896bac1627363b82c8ecd9&=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:45:37 GMT
x-cacheable: Matched cache
x-cdn-pop: rbx1
content-length: 2555
x-request-id: 199786594
last-modified: Thu, 17 Nov 2022 14:33:54 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "63764652-9fb"
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: Range
expires: Wed, 28 Dec 2022 14:45:37 GMT

POST
H2 200 ax.php
a.gsitrix.com/js/ Frame 0F1D 0
0 164ms
55ms Fetch 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/js/ax.php
Requested by: Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896bab1627363b82c8ecc9&id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mediaintelligence.de/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mediaintelligence.de
date: Fri, 02 Dec 2022 03:06:21 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 0
access-control-allow-methods: *

POST
H2 200 ax.php
a.gsitrix.com/js/ Frame CAB4 0
0 135ms
107ms Fetch 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/js/ax.php
Requested by: Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896babb43db64c60a6cfc0&id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mediaintelligence.de/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mediaintelligence.de
date: Fri, 02 Dec 2022 03:06:21 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 0
access-control-allow-methods: *

POST
H2 200 ax.php
a.gsitrix.com/js/ Frame F8A8 0
0 71ms
56ms Fetch 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/js/ax.php
Requested by: Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896babb43db64c60a6cfc0&id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mediaintelligence.de/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mediaintelligence.de
date: Fri, 02 Dec 2022 03:06:21 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 0
access-control-allow-methods: *

POST
H2 200 ax.php
a.gsitrix.com/js/ Frame CE47 0
0 97ms
96ms Fetch 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/js/ax.php
Requested by: Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896babb43db64c60a6cfc0&id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mediaintelligence.de/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mediaintelligence.de
date: Fri, 02 Dec 2022 03:06:21 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 0
access-control-allow-methods: *

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame 0F1D 18 B
407 B 59ms
56ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_50-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%253Bcrtbdata%253D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%253Bcrtbdata%253D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:21 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AA_93878F70:01BB_63896BAD_C56882:21AAE
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n1
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame 0F1D 18 B
392 B 64ms
61ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_75-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%253Bcrtbdata%253D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%253Bcrtbdata%253D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:21 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B4_93878F70:01BB_63896BAD_C532F4:21AAF
X-IPLB-Instance: 37714
Content-Type: application/javascript
X-Min-LB: n4
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame 0F1D 18 B
392 B 63ms
60ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_100-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%253Bcrtbdata%253D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%253Bcrtbdata%253D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:21 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AC_93878F70:01BB_63896BAD_C4E1BA:21AB0
X-IPLB-Instance: 37714
Content-Type: application/javascript
X-Min-LB: n4
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame CAB4 18 B
407 B 84ms
82ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_50-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%253Bcrtbdata%253DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%253Bcrtbdata%253DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:21 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B6_93878F70:01BB_63896BAD_C56883:21AAE
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n3
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame CAB4 18 B
407 B 94ms
92ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_75-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%253Bcrtbdata%253DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%253Bcrtbdata%253DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:21 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B0_93878F70:01BB_63896BAD_C4E1BB:21AB0
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n2
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame CAB4 18 B
421 B 103ms
100ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_100-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%253Bcrtbdata%253DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%253Bcrtbdata%253DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:21 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AE_93878F70:01BB_63896BAD_C4E1BC:21AB0
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n1, n2
Keep-Alive: timeout=20
Content-Length: 18

POST
H2 200 ax.php
a.gsitrix.com/js/ Frame 3DF6 0
0 54ms
54ms Fetch 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/js/ax.php
Requested by: Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896babb43db64c60a6cfc0&id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mediaintelligence.de/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mediaintelligence.de
date: Fri, 02 Dec 2022 03:06:22 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 0
access-control-allow-methods: *

POST
H2 200 ax.php
a.gsitrix.com/js/ Frame FE4C 0
0 54ms
54ms Fetch 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/js/ax.php
Requested by: Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896babb43db64c60a6cfc0&id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mediaintelligence.de/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mediaintelligence.de
date: Fri, 02 Dec 2022 03:06:22 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 0
access-control-allow-methods: *

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame CE47 18 B
421 B 103ms
102ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_50-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%253Bcrtbdata%253DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%253Bcrtbdata%253DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AE_93878F70:01BB_63896BAE_C4E1BD:21AB0
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n1, n2
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame CE47 18 B
407 B 60ms
58ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_75-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%253Bcrtbdata%253DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%253Bcrtbdata%253DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B0_93878F70:01BB_63896BAE_C4E1BF:21AB0
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n1
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame CE47 18 B
407 B 86ms
84ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_100-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%253Bcrtbdata%253DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%253Bcrtbdata%253DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B6_93878F70:01BB_63896BAE_C56885:21AAE
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n3
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame F8A8 18 B
392 B 63ms
61ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_50-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%253Bcrtbdata%253DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%253Bcrtbdata%253DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B4_93878F70:01BB_63896BAE_C532F5:21AAF
X-IPLB-Instance: 37714
Content-Type: application/javascript
X-Min-LB: n4
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame F8A8 18 B
407 B 92ms
90ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_75-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%253Bcrtbdata%253DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%253Bcrtbdata%253DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AC_93878F70:01BB_63896BAE_C4E1BE:21AB0
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n2
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame F8A8 18 B
407 B 60ms
58ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_100-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%253Bcrtbdata%253DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%253Bcrtbdata%253DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AA_93878F70:01BB_63896BAE_C56886:21AAE
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n1
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame 3DF6 18 B
407 B 84ms
83ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_50-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%253Bcrtbdata%253DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%253Bcrtbdata%253DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AC_93878F70:01BB_63896BAE_C4E1C0:21AB0
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n3
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame 3DF6 18 B
407 B 83ms
82ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_75-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%253Bcrtbdata%253DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%253Bcrtbdata%253DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B6_93878F70:01BB_63896BAE_C56887:21AAE
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n3
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame 3DF6 18 B
392 B 61ms
61ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_100-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%253Bcrtbdata%253DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%253Bcrtbdata%253DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B4_93878F70:01BB_63896BAE_C532F6:21AAF
X-IPLB-Instance: 37714
Content-Type: application/javascript
X-Min-LB: n4
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame FE4C 18 B
407 B 57ms
56ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_50-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%253Bcrtbdata%253DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%253Bcrtbdata%253DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AE_93878F70:01BB_63896BAE_C4E1C1:21AB0
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n1
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame FE4C 18 B
407 B 57ms
56ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_75-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%253Bcrtbdata%253DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%253Bcrtbdata%253DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AA_93878F70:01BB_63896BAE_C56888:21AAE
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n1
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame FE4C 18 B
407 B 82ms
81ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_100-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%253Bcrtbdata%253DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%253Bcrtbdata%253DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B0_93878F70:01BB_63896BAE_C4E1C2:21AB0
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n3
Keep-Alive: timeout=20
Content-Length: 18

POST
H2 200 ax.php
a.gsitrix.com/js/ Frame 7856 0
0 144ms
143ms Fetch 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/js/ax.php
Requested by: Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896babb43db64c60a6cfc0&id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mediaintelligence.de/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mediaintelligence.de
date: Fri, 02 Dec 2022 03:06:22 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 0
access-control-allow-methods: *

POST
H2 200 ax.php
a.gsitrix.com/js/ Frame 2EFC 0
0 54ms
54ms Fetch 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/js/ax.php
Requested by: Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896bac1627363b82c8ecd9&id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mediaintelligence.de/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mediaintelligence.de
date: Fri, 02 Dec 2022 03:06:22 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 0
access-control-allow-methods: *

POST
H2 200 ax.php
a.gsitrix.com/js/ Frame 0B96 0
0 54ms
54ms Fetch 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/js/ax.php
Requested by: Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896bac1627363b82c8ecd9&id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mediaintelligence.de/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mediaintelligence.de
date: Fri, 02 Dec 2022 03:06:22 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 0
access-control-allow-methods: *

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame 7856 18 B
407 B 58ms
56ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_50-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%253Bcrtbdata%253D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%253Bcrtbdata%253D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B0_93878F70:01BB_63896BAE_C4E1C3:21AB0
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n1
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame 7856 18 B
407 B 84ms
83ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_75-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%253Bcrtbdata%253D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%253Bcrtbdata%253D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AC_93878F70:01BB_63896BAE_C4E1C4:21AB0
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n3
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame 7856 18 B
407 B 83ms
81ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_100-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%253Bcrtbdata%253D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%253Bcrtbdata%253D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B6_93878F70:01BB_63896BAE_C56889:21AAE
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n3
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame 2EFC 18 B
407 B 59ms
57ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_50-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%253Bcrtbdata%253DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%253Bcrtbdata%253DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AC_93878F70:01BB_63896BAE_C4E1C5:21AB0
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n1
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame 2EFC 18 B
392 B 64ms
62ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_75-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%253Bcrtbdata%253DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%253Bcrtbdata%253DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B6_93878F70:01BB_63896BAE_C5688A:21AAE
X-IPLB-Instance: 37714
Content-Type: application/javascript
X-Min-LB: n4
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame 2EFC 18 B
392 B 63ms
61ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_100-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%253Bcrtbdata%253DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%253Bcrtbdata%253DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B0_93878F70:01BB_63896BAE_C4E1C6:21AB0
X-IPLB-Instance: 37714
Content-Type: application/javascript
X-Min-LB: n4
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame 0B96 18 B
421 B 102ms
100ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_50-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%253Bcrtbdata%253D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%253Bcrtbdata%253D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AA_93878F70:01BB_63896BAE_C5688B:21AAE
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n1, n2
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame 0B96 18 B
407 B 84ms
82ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_75-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%253Bcrtbdata%253D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%253Bcrtbdata%253D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AE_93878F70:01BB_63896BAE_C4E1C7:21AB0
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n3
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame 0B96 18 B
421 B 103ms
101ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_100-1&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%253Bcrtbdata%253D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%253Bcrtbdata%253D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B4_93878F70:01BB_63896BAE_C532F7:21AAF
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n1, n2
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame 0F1D 18 B
421 B 101ms
100ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_50-2&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%253Bcrtbdata%253D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gaf0fzkyctdgahtmkv8vmzm3w41pdafd2xc96eyatfp6w775fxhpcazrkqk1tg7ary23f1gkj7e7g4avf9jh4z80v6d26v46rqgvpwammzm53w7adq44j2jrydg2bvgze66nsy3g6zzswngcgkm11z8hnzqbb4t82qpg1newc1d5zp023j0yzyef3f353gzwzgbr52n0kfq080ajdp57adjxhpx25bh1dnhsf87c5yha94q7n1bhh0s9ggxa7efg7nd778%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DKPqSvX_tKARnz5rK8Z9SJWkeqZhva3Vm5XSxyQ%253Bcrtbdata%253D0VDA619hF9LMLL2xsFYYcd-dnKuZsUn81SSOhYtP7bKKo-aNvCP1xNFYe0PfcJPmNAqtq-vFh8H1Bc8jmXMSTiDxZrN4rtWBO2RO19x7FTpwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV6tk8nxetnlpcwMAqDur7RowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzMh8s1qfi2TwxE9k9X0RjGGzrO1AqBY2EuHGIobbBDL-TC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B4_93878F70:01BB_63896BAE_C532F8:21AAF
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n1, n2
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame CAB4 18 B
392 B 61ms
61ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_50-2&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%253Bcrtbdata%253DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k6xyjmqa15z63nxbq7d53a1v38yq6qz2xk9b3jj8p3pjfwwpk9z1tyf3dfgyxvhs2wpcb60frzstmkyc5waeff04839czdynpnemfsdbb6e4eff0zrn1fn8seb82j7y0kt4htrtcq3syezf9qdr87p5rmb1cysamyrrdd6g73sz6z617p7jvxckj1pedvrh3yahjtsfbqmy372jt1gepw3cx03cmrxheaxfwffr422g90tk5585ng4k7vn06hew2gz0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253D_4sxo-epnmatr9gguxfgA8KnbCzABxFvDhxJSw%253Bcrtbdata%253DzRLn5_RjIC3ZRe9DVn7GwPb3pTrEJ-9_dARRpo5B0kHBoGDQ3S-qKg2aq-3hcxeM42J8Cbfm7-hoTeLGloOC6VUvqsTvDw3PIhy3x85KHjJwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBnDyQ70AKBXcwzR2Bj7N8jw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzBOOV3EeFqZcxE9k9X0RjGGBE2ua7otUiqVY6CDWenvMTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:22 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AA_93878F70:01BB_63896BAE_C5688C:21AAE
X-IPLB-Instance: 37714
Content-Type: application/javascript
X-Min-LB: n4
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame CE47 18 B
421 B 101ms
101ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_50-2&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%253Bcrtbdata%253DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grwrfaer9vaeghsr6kjj62ghsmdn9bj9jst64yyse2a5xhfznggxrnn5xh88dmsmhx83cgyskzkkq0hvjpmn46dr4rqxmraq9t4898bce01jv8f4fmvsa2bvh53k56z716f274cskrasv74hch9jak6y22j4cekw61ygs707xsvj2db0pv366x33zqykaknp155d00sbzxa61xtrad43xvzhkrpmm8th2x1nqmrjgdvxmcsaqq6vd88stpesac3yefhqd8%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DnC6sheMJo6dBzLX7OpHDt_GM6prlcRCB2u7RBw%253Bcrtbdata%253DMX5xtGCDPC-NWnKPKKgq0vJgYfP7fn66MO6OStnGt30hmcsgwIsLzjaBHeDq9g4mo8rWVFRPg8RT38NWtkYOhcdkRjADOUImu-A1FqArRTlwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaVcOUaxiZ1Ed_f7MtQTXPMDpUzGm-vlxlDXPRQWRw2PMS_eZOPnirdr_NylYhCPK6yFLkQEhGcNZ3VE10LANBggL5_AIQBuuCPhQW6FXjSrzw2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzHvmyGv0esgSmgGZmizof9Wmqje8ZEhPGfNBBdaBDJxoTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:23 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B4_93878F70:01BB_63896BAF_C532F9:21AAF
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n1, n2
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame F8A8 18 B
421 B 100ms
100ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_50-2&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%253Bcrtbdata%253DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g7kc6mchgnps346mjdta0e8vgqg25c7vwsjg3h9ma705xcb1ctg0txrasq9ewhztq1gbx2yg8036fqb28r361p2es2b78fmk73qefsnwsqsrtda5c3fkpr3q8p9rmn82fj88ypkd4gg8t7k66bseea9g237g1p0avnyn8nwhmp3g39sr8tqnbfkdn0rmne1aaew8d4fab245m54841thdftaarnert10p8wamgj14m7fpxdw2rkv786g8h2n9d2y5be2wr%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253Dx5fubxF5GKn9KbyuxPg3ptHAE0ZdbLvl7O0B3w%253Bcrtbdata%253DYaJbyuIeSLGD6d-RXCF0dxh5wxQSgBZCjAPS1nVjdeq9SBsxMmTYZwN2CKJYLrq7zXU-5zUErEJZELJTjknBpb2BOgA5FgvplOQTDtabKoFwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUxYJPLG9yHmpcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOpto9WmgxDQmgGZmizof9WtbEmgdF3xwhrMmmqrr20iTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:23 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AA_93878F70:01BB_63896BAF_C5688D:21AAE
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n1, n2
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame 3DF6 18 B
407 B 91ms
90ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_50-2&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%253Bcrtbdata%253DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jx0pd6fqy991ede85jvcr5d24pae20yy9xtzbq0ddwmwz85621f9k6jfaq7g68qzm3z4fdx6fesnrk5r7bxn9ebdfy194gf11rmp4qh8rc094wb5xtfwzjb8ytbj3d4x6wn3b77rxxg6gh7099s7e5wtkg2fmk0z70sg1rfdwa6y2fv3vnxx65nfkjbd9aywyvs7kkx62zn0fq2e7g61jvmsyq2k9e67ngpdp5ehfjzn1ncmxhrwczs0vfj1wz9ppcfp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DWcm_UuXG7gsVPaX8wRjNr7x30YsaN93UYWbTmw%253Bcrtbdata%253DGSRrhtYEaBSPqjLTP4ArVEehA8lefcnSb6oJfb67P3hc2Et5ydKy4nqX4GaCczeoDGK2y6sgwe9MqbeY4Ly4qDR88rbaWsccGj5EiiEsGjdwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaUBMshzkvGts4xdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzOO7qLRCokcl8AmImpDFZaaP_PuntyOuf5R8PxHaoKKdTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:23 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B4_93878F70:01BB_63896BAF_C532FA:21AAF
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n2
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame FE4C 18 B
392 B 62ms
61ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_50-2&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%253Bcrtbdata%253DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kwq5gs871xvr0tbw3pyt6gxmnsfv0s8kvgezr2rh3m2cb4gyfnqw4vw1vwft2y9nnftk36jzzxjjpgava4a685enghp7cbh1vw25epgjp6rbmx0b5dc1vcg9pjwhdt6v9d9e2rdeq512s2kknj0fckm2zxv8wtbbcv116qndpmnfa49q8a6gvw95gbp0cj1xdfgysh94wrp04pceh5sstsz4hssb5nnbfpgn9scvdexvvfq7dkjtrabmnzkzvxtebax4%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DDbyZU5jaEarhSLb1Zz2qXavu-82RK68maKby_A%253Bcrtbdata%253DsZf9zIyBjFT4glAYVZCQlx4CMz2vASkcD2dvDp4weAFZ-i1rr51vP43RKP10tuEMC-DmAfD8SLhbPR4DzLrRGse5uLcdy-xue9UxfP5W70pwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXSF01LFsGGcZcwMAqDur7ReaWIqDqBP_83R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwJ6F6h6C83XNk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJEHnODs_4HcxE9k9X0RjGEnBdKjce5dz15bhVyN8biYTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:23 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AA_93878F70:01BB_63896BAF_C5688E:21AAE
X-IPLB-Instance: 37714
Content-Type: application/javascript
X-Min-LB: n4
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame 7856 18 B
407 B 57ms
56ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_50-2&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%253Bcrtbdata%253D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kfkx7nwkgqp421y83y60ywz6vqqqke29rf904pk947esg7j5pb0zx8vgkt2m0tnaf3q3ww2jb9qjd3ktdymg2p63czrv4jmtkwkvy5gqdxx7zpzmx128cy7gcdr18z7dbpbg1d4r5sb89ht8ekzf38dvyrx15tpwgvbv3ytndrsr262d0ka1arkwtwednckmyjn573kahkps768bq5tff3c80wfyw4vcc7vbpfw0nj07twf1b6tb76xam2d4mmn5nwm6%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DGvG_V6IFpf0EbxIf9agTkx8HOCDyp_2NKIBUOA%253Bcrtbdata%253D_xx5qhFjGlV5fuVyE4JSg-b974bGRG4MJoYMz5YRXApHi9J3m8ivPCoPQTuRUUmyougsdnzUMrPqHWea9u0pPXPfE-3CtPzL0_g6wIGqiV9wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaWSRcIc7J41rYxdtuKtiNbiowyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzCdi2FrwpsxvmgGZmizof9XlZp1UTb2jeYiJRJqjBpRPTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:23 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B4_93878F70:01BB_63896BAF_C532FB:21AAF
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n1
Keep-Alive: timeout=20
Content-Length: 18

POST
H2 200 /
track.adform.net/serving/unload/ Frame DFFB 35 B
465 B 71ms
71ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@59619775,3857404985629630782,100|3997|0|0|0|0|0|0|0||375|1|||||1|0|0|UzpsjhVmZcbi5nP9TebYOumn3tQYot-A0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 1070 35 B
465 B 71ms
71ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@59619775,6496114435056239046,100|4008|0|0|0|0|0|0|0||376|1|||||1|0|0|UzpsjhVmZcbi5nP9TebYOumn3tQYot-A0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame D9C4 35 B
465 B 71ms
71ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@59619775,4592672160995560977,100|3998|0|0|0|0|0|0|0||375|1|||||1|0|0|UzpsjhVmZcbi5nP9TebYOumn3tQYot-A0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame 2EFC 18 B
407 B 83ms
82ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_50-2&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%253Bcrtbdata%253DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jjv7efn8cx8yv8ms4by70cvaa4rvcxj1fb496tks83bjd37vcbpn9j0jpy3xdcjhcaj6hp6y4gjzbfg8wz3dctyqsarnza92r8hktdyd722ce4t6d1t3a8xmzf9s46azwpf1hewpy4r1gh6n7gr42m1pb17hjbr1ryq7xvpqczast3rysy00pysb1q3wex7kb7vkzy91wmtr6qx12s96k8rk22z765x1558vjrf7t0krbzwbz41503ah4nm0d1c66ndxj0%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DM9g8Nf62mcFLlVAps0fic8tc1wLks-FbxcKtgw%253Bcrtbdata%253DKaHUAs2XAe6R7EJiSrnWpBgy87jPg_NT7QceL6b6GHd5ZQvBti4CE5sAxJoN0WhR_TnEGORndektwIcgEVLM1rMM_ABIP_mAedGGkfiDP55wGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaXxpN1KN_TfZJcwMAqDur7Rjw2upJmXIVU3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwgosyvk7hlU1k9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzG-qwRpj78WyxE9k9X0RjGFZ9IHgJtpe24J38_HhoAziTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:23 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89B4_93878F70:01BB_63896BAF_C532FC:21AAF
X-IPLB-Instance: 37714
Content-Type: application/javascript; charset=utf-8
X-Min-LB: n3
Keep-Alive: timeout=20
Content-Length: 18

GET
H/1.1 200
OK / Show response
mediaintelligence.de/trck/etp/ Frame 0B96 18 B
392 B 62ms
61ms Fetch
application/javascript 147.135.143.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaintelligence.de/trck/etp/?type=impression_iab_50-2&campaign_id=485&project_id=50003&admedia_id=413212&gs=fetch
Requested by: Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%253Bcrtbdata%253D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.112 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mediaintelligence.de/trck/ehtmlcontent/b94b7a94526c275d4ccbe07dc4f031d6.htm?contentonly=true&log=no&ctrack=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j9vddka15gw3gxfpw91ngf60zxfaaqg0cx5p0q7xjnrwvzc631hr7q7kts3d41gmqysp1bs9c341w0myyrj36m13vdx6f704jwyn1q0wtkhxxvrcz2zf9n7r9cc6zmn29q74f476qdpbzqrwnrq0499k8abnst4vbyjsbyd5a34q1wh06jzx02pes91ndfgtnwvc2gt12daypty5jwsc1zpk8cweep081nfgwvrgegcyh22e1gb0p9tdkez14ybm3w6p%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D59619775%253Bcrtbwp%253DEs49ZTpNFwvwizRvrSHh0Xjg86meW4U7h-dDWA%253Bcrtbdata%253D4jD9QXhWgFB5vSlkqI5v0g1x3zK1ti9XFNNtdO3U4o3QGIGu8rdDFNRtUNUQ4ndnQC1O3XdfVTfdpRC8Fibxmt7qNjX-JAPpLCcIIhpHLodwGBgD7SuiRXJs2Au6YV4u1DbRCiUt3UGDzzknwHOsKTbhNwcXnuDY-qrOL5uxNeKExZl_dKarNApi_1fq5y11Rt99TYhBv1-5iKWeMJY0OU5P7rV17KhXUCM9yZPv9GpUscoIMKhxXGcL0FqLqd8ADkDxOPKp1E3J2BxUiv1eG2CpjEN_zOzqatlbISpPkXwZ14O5Woli4Aq9qaLJFHk9neWtmLZgU-gmR9EHPkOqnSe2YElqTZzd0Avo0jQkYFK41ulVlFu_GVcOtLNy6d6_VwGm5qxUBktJa4Kwx35la5P9YNz06Th_WXjd5oZwAdB9geLCoTtGAdFEFUqjbGfWRSBbKTgjMeSgyQZY3rLtvRSpSakUojjBI3KJVQ3dT-Jfzb0hwpkmYGaynSieMuye3jgaGwLrC-EdEWHQJEOzlJGQCkQHeSZk8sWnue_JYaV3VQT1uQd1BXcwzR2Bj7N8owyCFYRqP6E3R6Yx3QD3bY9Cltl5DFG-HUC1sRZ8WwCRV-QcE45NGwTt46LQImqwoS5UFYKnyTVk9JUJFwE_MQ2%253Badfibeg%253D0%253Bcdata%253DGiDfJ4QoJPNnwf6-tbRCzJE-QOCnM-2UxE9k9X0RjGE81f-OBbi-6hN1sdSytglRTC4hD4-EoHNCOhj0lw8jQkArBVVsR5ERxOP7EGRkIKg1%253B%253BCREFURL%253Dhttps%25253a%25252f%25252ffriends.in.ua%253BC%253D1%253Bcpdir%253D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 03:06:23 GMT
Server: nginx
X-IPLB-Request-ID: 52C78226:89AA_93878F70:01BB_63896BAF_C5688F:21AAE
X-IPLB-Instance: 37714
Content-Type: application/javascript
X-Min-LB: n4
Keep-Alive: timeout=20
Content-Length: 18

POST
H2 200 /
track.adform.net/serving/unload/ Frame E770 35 B
465 B 74ms
73ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@59619775,7265687980519397772,100|4105|0|0|0|0|0|0|0||385|1|||||1|0|0|UzpsjhVmZcbi5nP9TebYOumn3tQYot-A0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame C811 35 B
465 B 72ms
72ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@59619775,6365695654102705715,94|4100|0|0|0|0|0|0|0||361|1|||||1|0|0|UzpsjhVmZcbi5nP9TebYOumn3tQYot-A0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame BCE1 35 B
465 B 71ms
71ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@59619775,7939873898890200094,100|4104|0|0|0|0|0|0|0||385|1|||||1|0|0|UzpsjhVmZcbi5nP9TebYOumn3tQYot-A0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame F8CB 35 B
465 B 72ms
71ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@59619775,1992928432093306122,25|0|0|0|0|0|0|0|0||0|1|||||1|0|0|UzpsjhVmZcbi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame A069 35 B
465 B 71ms
70ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@59619775,7115691116402738163,53|4505|0|0|0|0|0|0|0||223|1|||||1|0|0|UzpsjhVmZcbi5nP9TebYOumn3tQYot-A0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 2AB9 35 B
465 B 73ms
73ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@59619775,2597617558834715331,67|4505|0|0|0|0|0|0|0||281|1|||||1|0|0|UzpsjhVmZcbi5nP9TebYOumn3tQYot-A0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sholke.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://sholke.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 ax.php
a.gsitrix.com/js/ Frame 7856 0
0 55ms
55ms Fetch 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/js/ax.php
Requested by: Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896babb43db64c60a6cfc0&id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mediaintelligence.de/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mediaintelligence.de
date: Fri, 02 Dec 2022 03:06:25 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 0
access-control-allow-methods: *

POST
H2 200 ax.php
a.gsitrix.com/js/ Frame 0F1D 0
0 54ms
54ms Fetch 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/js/ax.php
Requested by: Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896bab1627363b82c8ecc9&id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mediaintelligence.de/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mediaintelligence.de
date: Fri, 02 Dec 2022 03:06:25 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 0
access-control-allow-methods: *

POST
H2 200 ax.php
a.gsitrix.com/js/ Frame CAB4 0
0 54ms
54ms Fetch 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/js/ax.php
Requested by: Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896babb43db64c60a6cfc0&id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mediaintelligence.de/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mediaintelligence.de
date: Fri, 02 Dec 2022 03:06:25 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 0
access-control-allow-methods: *

POST
H2 200 ax.php
a.gsitrix.com/js/ Frame F8A8 0
0 54ms
54ms Fetch 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/js/ax.php
Requested by: Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896babb43db64c60a6cfc0&id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mediaintelligence.de/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mediaintelligence.de
date: Fri, 02 Dec 2022 03:06:25 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 0
access-control-allow-methods: *

POST
H2 200 ax.php
a.gsitrix.com/js/ Frame CE47 0
0 54ms
54ms Fetch 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/js/ax.php
Requested by: Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896babb43db64c60a6cfc0&id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mediaintelligence.de/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mediaintelligence.de
date: Fri, 02 Dec 2022 03:06:25 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 0
access-control-allow-methods: *

POST
H2 200 ax.php
a.gsitrix.com/js/ Frame 3DF6 0
0 54ms
54ms Fetch 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/js/ax.php
Requested by: Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896babb43db64c60a6cfc0&id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mediaintelligence.de/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mediaintelligence.de
date: Fri, 02 Dec 2022 03:06:25 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 0
access-control-allow-methods: *

POST
H2 200 ax.php
a.gsitrix.com/js/ Frame FE4C 0
0 54ms
54ms Fetch 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/js/ax.php
Requested by: Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896babb43db64c60a6cfc0&id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mediaintelligence.de/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mediaintelligence.de
date: Fri, 02 Dec 2022 03:06:25 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 0
access-control-allow-methods: *

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 521B 88 KB
29 KB 56ms
56ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Dec 2022 03:06:26 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4676 15 KB
6 KB 61ms
61ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 2040788
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 521B 89 KB
29 KB 70ms
69ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Dec 2022 03:06:26 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4676
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=0&topUrl=friends.in.ua&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=rSUrn3w5d0tzWElSR1ZNZmpOSXU5dVI1aUxsd2FpSkFYRFhsK3VqUlBRYXd0b0YzU3JXaXF4cTZPV2s3akF5TVNNRHl1MFhPdVZLd0tDanp1aG9rNjJQYkNLU3BQMHNSQTNHVEd5UzNibC9PUGI4ZVU1RllaMFh3MkhLNU...

431 B
654 B

50ms
50ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=rSUrn3w5d0tzWElSR1ZNZmpOSXU5dVI1aUxsd2FpSkFYRFhsK3VqUlBRYXd0b0YzU3JXaXF4cTZPV2s3akF5TVNNRHl1MFhPdVZLd0tDanp1aG9rNjJQYkNLU3BQMHNSQTNHVEd5UzNibC9PUGI4ZVU1RllaMFh3MkhLNUJPQzZ5TDdnSXhHalp3R1NSU29yMFZEVFpGNndGUHRXZS9XVzBNb2pBVWtVdi9EeVpINzBnNXRkc21NU1BZc0NCdjZuSmZucnBSKzRzZFRzQ2dEc0Q3MW1jcHJGK083SFN5MTA4eU8za283c04wMDBZb1ZvQVJpSE5mckIzTHlROGlmcnBjbGtQdlNRVno2VU9UdUhGQ25JYkExNmlOVVoycExzbEhvS2hjT0trcndacTFXYz18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0023baff164a533fc32865aff9bb900f86ef7ecda4627bd547997b14b9b3c2b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:25 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1462276
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:25 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=rSUrn3w5d0tzWElSR1ZNZmpOSXU5dVI1aUxsd2FpSkFYRFhsK3VqUlBRYXd0b0YzU3JXaXF4cTZPV2s3akF5TVNNRHl1MFhPdVZLd0tDanp1aG9rNjJQYkNLU3BQMHNSQTNHVEd5UzNibC9PUGI4ZVU1RllaMFh3MkhLNUJPQzZ5TDdnSXhHalp3R1NSU29yMFZEVFpGNndGUHRXZS9XVzBNb2pBVWtVdi9EeVpINzBnNXRkc21NU1BZc0NCdjZuSmZucnBSKzRzZFRzQ2dEc0Q3MW1jcHJGK083SFN5MTA4eU8za283c04wMDBZb1ZvQVJpSE5mckIzTHlROGlmcnBjbGtQdlNRVno2VU9UdUhGQ25JYkExNmlOVVoycExzbEhvS2hjT0trcndacTFXYz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 441756
content-length: 0
expires: 0

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 7233 88 KB
29 KB 58ms
57ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Dec 2022 03:06:26 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 462B 15 KB
6 KB 59ms
58ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 1594344
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 86A1 88 KB
29 KB 70ms
70ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Dec 2022 03:06:26 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 041E 88 KB
29 KB 78ms
77ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Dec 2022 03:06:26 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 462B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=fu_rrF93NzRQbk5lalVEa0dyNGFUWnJDalFpZlRzeEl4WDlzQVVmMDVKczhGWUZtTE9UOW5OVzl...
https://mug.criteo.com/sid?cpp=k4S7pXxqQVR2a2hqcGhZNk5QZ3ZNaHFmVWNJYVhkTUxrSW5Kbnk5WkVwTjJmNXoxL0JFcDlRMWZmNkFkN2pqSForRWUwOVNXM3hTdnVKRG1tbmdwTmIvNzY3RDBYNy9yUnpWSWx5MzFKYzdVWDJIWkF5VzVqSHJIY1pFej...

422 B
646 B

49ms
49ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=k4S7pXxqQVR2a2hqcGhZNk5QZ3ZNaHFmVWNJYVhkTUxrSW5Kbnk5WkVwTjJmNXoxL0JFcDlRMWZmNkFkN2pqSForRWUwOVNXM3hTdnVKRG1tbmdwTmIvNzY3RDBYNy9yUnpWSWx5MzFKYzdVWDJIWkF5VzVqSHJIY1pFejcvTFZqR3pkUThzMFJTekt2U2ZPUTNvV0hTSTBzODdnWlJEZkQ4SnlRWkwzbnJvNGdpUEJaN1k4dDA2Uk1wcUMzaTFFMER5SU5mYzNCMVhad0hvS29adWFCK3dHTnRrVklmV3FtdXpzNlo4My93QUFpUVRBbUFFbWhSOWcvZ1RvYzVEL2ZLZ2tpdVlQQ3Y3clc4endjcnlhL1JldFRLUFVhWmtsYXJYb1Z1RmVzTjVoV0ttST18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

291dce3ebf338bc1153550e8f211a9c6d0260127bdc6f62f52fdedcf3a2637ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 859071
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=k4S7pXxqQVR2a2hqcGhZNk5QZ3ZNaHFmVWNJYVhkTUxrSW5Kbnk5WkVwTjJmNXoxL0JFcDlRMWZmNkFkN2pqSForRWUwOVNXM3hTdnVKRG1tbmdwTmIvNzY3RDBYNy9yUnpWSWx5MzFKYzdVWDJIWkF5VzVqSHJIY1pFejcvTFZqR3pkUThzMFJTekt2U2ZPUTNvV0hTSTBzODdnWlJEZkQ4SnlRWkwzbnJvNGdpUEJaN1k4dDA2Uk1wcUMzaTFFMER5SU5mYzNCMVhad0hvS29adWFCK3dHTnRrVklmV3FtdXpzNlo4My93QUFpUVRBbUFFbWhSOWcvZ1RvYzVEL2ZLZ2tpdVlQQ3Y3clc4endjcnlhL1JldFRLUFVhWmtsYXJYb1Z1RmVzTjVoV0ttST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 520496
content-length: 0
expires: 0

POST
H2 200 ax.php
a.gsitrix.com/js/ Frame 2EFC 0
0 54ms
54ms Fetch 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/js/ax.php
Requested by: Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896bac1627363b82c8ecd9&id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mediaintelligence.de/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mediaintelligence.de
date: Fri, 02 Dec 2022 03:06:26 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 0
access-control-allow-methods: *

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame FB7F 88 KB
29 KB 72ms
72ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Dec 2022 03:06:26 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5774 15 KB
6 KB 56ms
55ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 1715474
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3987 15 KB
6 KB 55ms
55ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 968022
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5774
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=fu_rrF93NzRQbk5lalVEa0dyNGFUWnJDalFpZlRzeEl4WDlzQVVmMDVKczhGWUZtTE9UOW5OVzl...
https://mug.criteo.com/sid?cpp=-6vKpnxXanE3UGdCUzJrSHNrVzFwWHIyM0VnNmdtYjN0V0hnUjJKQTAyZzFZd2dDamViYXE5Y0d6c3BQZkw0QzJjaW1LM1pmWk82TTVrcjdjNkFEcG52eVRzMWZMYUR5aEMycE5acy9oeGVIREtXbDRERUdTY2JhNzBrYm...

427 B
663 B

51ms
50ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=-6vKpnxXanE3UGdCUzJrSHNrVzFwWHIyM0VnNmdtYjN0V0hnUjJKQTAyZzFZd2dDamViYXE5Y0d6c3BQZkw0QzJjaW1LM1pmWk82TTVrcjdjNkFEcG52eVRzMWZMYUR5aEMycE5acy9oeGVIREtXbDRERUdTY2JhNzBrYmp3ZkxLSVVFMWYxbEkrK2JpL3hQbGZnbUxZUFlaMXhJeDhOUE9vMUE2eGo5bDdicTUrMWpXM284Nksza3pnRHBQNWRDckVpbVRZdERsZ1BackJrTGFmWC9hU1R1NktxcktuV24wbFNLUmFJc3pqRHBGVGF6Q3d0K2taaFV5UE5mL2JvT0p2enQ3Mjg5Rk9SODZMbHdpY0lkamFieWlCMjh4Um9DTlFHd25zbUFEVFdFdm1ucz18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

55e2f3d548aafd379e1f399e702307f7e11eb04d8d93f1207ef3cd37690a288e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1509680
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:25 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=-6vKpnxXanE3UGdCUzJrSHNrVzFwWHIyM0VnNmdtYjN0V0hnUjJKQTAyZzFZd2dDamViYXE5Y0d6c3BQZkw0QzJjaW1LM1pmWk82TTVrcjdjNkFEcG52eVRzMWZMYUR5aEMycE5acy9oeGVIREtXbDRERUdTY2JhNzBrYmp3ZkxLSVVFMWYxbEkrK2JpL3hQbGZnbUxZUFlaMXhJeDhOUE9vMUE2eGo5bDdicTUrMWpXM284Nksza3pnRHBQNWRDckVpbVRZdERsZ1BackJrTGFmWC9hU1R1NktxcktuV24wbFNLUmFJc3pqRHBGVGF6Q3d0K2taaFV5UE5mL2JvT0p2enQ3Mjg5Rk9SODZMbHdpY0lkamFieWlCMjh4Um9DTlFHd25zbUFEVFdFdm1ucz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 662363
content-length: 0
expires: 0

POST
H2 200 ax.php
a.gsitrix.com/js/ Frame 0B96 0
0 54ms
54ms Fetch 85.195.93.95
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.gsitrix.com/js/ax.php
Requested by: Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896bac1627363b82c8ecd9&id=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mediaintelligence.de/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://mediaintelligence.de
date: Fri, 02 Dec 2022 03:06:26 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 0
access-control-allow-methods: *

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame ABC6 15 KB
6 KB 56ms
56ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 1738267
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3987
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=fu_rrF93NzRQbk5lalVEa0dyNGFUWnJDalFpZlRzeEl4WDlzQVVmMDVKczhGWUZtTE9UOW5OVzl...
https://mug.criteo.com/sid?cpp=K3BUhnxaNDVEaHFjL1Iwc0RtQ2NNWXJXZG9TK3RUeWJYSFNGb1k5dzRxWTBZc2VOTG9SWG9ycS9VOHU4TTNFdDRWNEhtM2VoWVdCRXFJRFBVMmVadDFYVWhZLytjeXpZaDZUSHVnM2NZajR4d1l4Y3RZei81QTIxcVNjVW...

438 B
652 B

50ms
50ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=K3BUhnxaNDVEaHFjL1Iwc0RtQ2NNWXJXZG9TK3RUeWJYSFNGb1k5dzRxWTBZc2VOTG9SWG9ycS9VOHU4TTNFdDRWNEhtM2VoWVdCRXFJRFBVMmVadDFYVWhZLytjeXpZaDZUSHVnM2NZajR4d1l4Y3RZei81QTIxcVNjVWF2enpHLytwRCtWV2p1NVVBL2xJcjkvcFlGWlBrZDRsK1grYVBYM0ovYXdCRUcyZTZkbGVBblVVVWRoS3RBSlUrUkZVbXc4enhycnJxbU9Sb0RlL1ZDbERNL0J2MWR1M1dmdVd4RTdJMlRFRktpSzFsZmJsaVlwTHptdnlnUmE1WGoyOXdZQUFsU25Nd29mczh6NUV3TjJpNnNIckU3ZDRFbmJrYlRlell1N212MG45dTljUT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9f1135eea206ef2621430b20c2115a12968a73188f27b8d8b8f20310a07e7a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:25 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1367405
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:25 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=K3BUhnxaNDVEaHFjL1Iwc0RtQ2NNWXJXZG9TK3RUeWJYSFNGb1k5dzRxWTBZc2VOTG9SWG9ycS9VOHU4TTNFdDRWNEhtM2VoWVdCRXFJRFBVMmVadDFYVWhZLytjeXpZaDZUSHVnM2NZajR4d1l4Y3RZei81QTIxcVNjVWF2enpHLytwRCtWV2p1NVVBL2xJcjkvcFlGWlBrZDRsK1grYVBYM0ovYXdCRUcyZTZkbGVBblVVVWRoS3RBSlUrUkZVbXc4enhycnJxbU9Sb0RlL1ZDbERNL0J2MWR1M1dmdVd4RTdJMlRFRktpSzFsZmJsaVlwTHptdnlnUmE1WGoyOXdZQUFsU25Nd29mczh6NUV3TjJpNnNIckU3ZDRFbmJrYlRlell1N212MG45dTljUT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 529436
content-length: 0
expires: 0

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame C812 88 KB
29 KB 72ms
72ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Dec 2022 03:06:26 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 3B3E 88 KB
29 KB 56ms
56ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Dec 2022 03:06:26 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame C1D7 88 KB
29 KB 64ms
64ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Dec 2022 03:06:26 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 5865 88 KB
29 KB 65ms
64ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Dec 2022 03:06:26 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 178D 88 KB
29 KB 85ms
85ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Dec 2022 03:06:26 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame DA6F 88 KB
29 KB 87ms
87ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Dec 2022 03:06:26 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame ABC6
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=fu_rrF93NzRQbk5lalVEa0dyNGFUWnJDalFpZlRzeEl4WDlzQVVmMDVKczhGWUZtTE9UOW5OVzl...
https://mug.criteo.com/sid?cpp=xqlp3XxndzBtcWMwZ2kxVHd1SGgvQjBZOHVxaG1ldHJsUHJ3S3p2ZEdlS3A4azcwN2lFemg0a0FTVUd1aDFnaTlxTWl5Z1NsN0pKU3liV2dROVJEZVluMFA2TDI1eERnZXMvQzQrM2orZkpjcnBNdGZkNkpkOXhTRWZLMG...

435 B
653 B

50ms
50ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=xqlp3XxndzBtcWMwZ2kxVHd1SGgvQjBZOHVxaG1ldHJsUHJ3S3p2ZEdlS3A4azcwN2lFemg0a0FTVUd1aDFnaTlxTWl5Z1NsN0pKU3liV2dROVJEZVluMFA2TDI1eERnZXMvQzQrM2orZkpjcnBNdGZkNkpkOXhTRWZLMGRORCtRSThRWU42ZGQ3R1c1Y292cWlGWm9uR3NhK3ljWFM1dXBVL1VCcU12QmwrNGVYWGl0ZzR5QnNyM3dva1VZN2loSlFNWkJtTktJYkoxK2o0ZXJoMG1JWFN3cTVDNjR2bFJscHJtNEJqY1ZpTFRFMTJkZGoxQklxRFFzNnljeTRic0hLejlvUlRUc2VYZHlsM25BM1NVYW1LUmw2eTdHYzJQY2VLTFpTcCtGZExuRlBIYz18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0edd558409d8a1993fdccbf07c8e361aba03c8c70d920fce0f7f45c09656dd88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:25 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1011242
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=xqlp3XxndzBtcWMwZ2kxVHd1SGgvQjBZOHVxaG1ldHJsUHJ3S3p2ZEdlS3A4azcwN2lFemg0a0FTVUd1aDFnaTlxTWl5Z1NsN0pKU3liV2dROVJEZVluMFA2TDI1eERnZXMvQzQrM2orZkpjcnBNdGZkNkpkOXhTRWZLMGRORCtRSThRWU42ZGQ3R1c1Y292cWlGWm9uR3NhK3ljWFM1dXBVL1VCcU12QmwrNGVYWGl0ZzR5QnNyM3dva1VZN2loSlFNWkJtTktJYkoxK2o0ZXJoMG1JWFN3cTVDNjR2bFJscHJtNEJqY1ZpTFRFMTJkZGoxQklxRFFzNnljeTRic0hLejlvUlRUc2VYZHlsM25BM1NVYW1LUmw2eTdHYzJQY2VLTFpTcCtGZExuRlBIYz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 456252
content-length: 0
expires: 0

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame EA57 88 KB
29 KB 64ms
64ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Dec 2022 03:06:26 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9C0E 15 KB
6 KB 58ms
57ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 2285701
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 3730 88 KB
29 KB 57ms
56ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Dec 2022 03:06:26 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 1092 88 KB
29 KB 61ms
61ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sholke.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 03:06:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Dec 2022 03:06:26 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 09A6 15 KB
6 KB 57ms
56ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:25 GMT
server: Kestrel
server-processing-duration-in-ticks: 1985020
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D813 15 KB
6 KB 64ms
64ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 1780792
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7D30 15 KB
6 KB 55ms
55ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 968081
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 2DB4 15 KB
6 KB 56ms
56ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 1738578
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 10C2 15 KB
6 KB 56ms
56ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 1778425
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9C0E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=0Stu_F93NzRQbk5lalVEa0dyNGFUWnJDalFxVWRJNyUyRmVBb3dvenBVU0FPWEdpMks5dEhMMkJ...
https://mug.criteo.com/sid?cpp=YBESJ3xUWVFmaEJOeW5Za3BiVXlRMEg4TzZEVnlqYUc5Y0ZXWlpGVDgzSkRXdmozZHowZnpVdkc4aHJMb1RaZDVPN3NCMkkwNEU2Z3BzSXdpZEVzaldhem8vc0t6ZnAzRjl3WWUzcDRFRWJzWXZoaDFJMmdiOHZpREEra1...

428 B
652 B

50ms
50ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=YBESJ3xUWVFmaEJOeW5Za3BiVXlRMEg4TzZEVnlqYUc5Y0ZXWlpGVDgzSkRXdmozZHowZnpVdkc4aHJMb1RaZDVPN3NCMkkwNEU2Z3BzSXdpZEVzaldhem8vc0t6ZnAzRjl3WWUzcDRFRWJzWXZoaDFJMmdiOHZpREEra1JjZDJmRDRrUDRmQlFLeTF3WHVMYS9NUUZyU3ZudEpQcDBBeFlwVUhJZEFBdFhZMnhiUUlQcGM5aUJKMkhoTDlEc1JSbkNRUFl0RlV1d0RzVWFsL2NJMGJlV3h1d3NpbFVVVTdoQk41OE1qcG1KV2dMU3lKZGF3dnBKalR0Z29WUUVIZnNXemVEazkyTlNtM0JQZS9FRU12elBZeDVvaGNKeUpaeWVqd1o3RjlBQVRvRlpCND18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

846086949f69274c8dfec4c18760080f66fdf9cb7f1054ce53ff541020e7278e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1374323
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:25 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=YBESJ3xUWVFmaEJOeW5Za3BiVXlRMEg4TzZEVnlqYUc5Y0ZXWlpGVDgzSkRXdmozZHowZnpVdkc4aHJMb1RaZDVPN3NCMkkwNEU2Z3BzSXdpZEVzaldhem8vc0t6ZnAzRjl3WWUzcDRFRWJzWXZoaDFJMmdiOHZpREEra1JjZDJmRDRrUDRmQlFLeTF3WHVMYS9NUUZyU3ZudEpQcDBBeFlwVUhJZEFBdFhZMnhiUUlQcGM5aUJKMkhoTDlEc1JSbkNRUFl0RlV1d0RzVWFsL2NJMGJlV3h1d3NpbFVVVTdoQk41OE1qcG1KV2dMU3lKZGF3dnBKalR0Z29WUUVIZnNXemVEazkyTlNtM0JQZS9FRU12elBZeDVvaGNKeUpaeWVqd1o3RjlBQVRvRlpCND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 624411
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 09A6
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=bXy1vV93NzRQbk5lalVEa0dyNGFUWnJDalFsRklhekxDeFV5TEdWZnlqVGoxQUJWMVc3ZWdTemV...
https://mug.criteo.com/sid?cpp=VytuNHxxQUVERjUyNmd4ZlR6Q1BvOC9FK3UxR0RhZE95WUF4UGtldFg2ZVZtb3o5QlZuS1pDOFJZeXRIelU1bllpaERydURpdVdINnBwTHFiZEZTcGVGdDBheENaTG9tTFVnaDJUU0hPT0FEekh3OFpNOVJla0VOMHlrTG...

436 B
658 B

50ms
50ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=VytuNHxxQUVERjUyNmd4ZlR6Q1BvOC9FK3UxR0RhZE95WUF4UGtldFg2ZVZtb3o5QlZuS1pDOFJZeXRIelU1bllpaERydURpdVdINnBwTHFiZEZTcGVGdDBheENaTG9tTFVnaDJUU0hPT0FEekh3OFpNOVJla0VOMHlrTGFoaU81T1J1N1labG54dWorN3RJSitQVmZtZXFFSndrSUFpYXU0R1FXRkovRis0ZWtZeUhxbUFGeHNBTW1hTnYvMmZxQk9SY0VEaFAxL2h2cUpRT2dVM0o3VjU5UEZKUHhOMCtHTS91UVVRQU1EejhKUFdpaVpnb3YyZWg2VDBuUTRzdXR1d0FrU0pGd2Q4QXRVU1F5eVM2U0loWFRSc0w4YkVHN2JNMTFJOW5rcXJKRk5BMD18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cc061536cf4e44b82f18a0e541811bf0a705af2b944ac68feea812965c603b09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1438022
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=VytuNHxxQUVERjUyNmd4ZlR6Q1BvOC9FK3UxR0RhZE95WUF4UGtldFg2ZVZtb3o5QlZuS1pDOFJZeXRIelU1bllpaERydURpdVdINnBwTHFiZEZTcGVGdDBheENaTG9tTFVnaDJUU0hPT0FEekh3OFpNOVJla0VOMHlrTGFoaU81T1J1N1labG54dWorN3RJSitQVmZtZXFFSndrSUFpYXU0R1FXRkovRis0ZWtZeUhxbUFGeHNBTW1hTnYvMmZxQk9SY0VEaFAxL2h2cUpRT2dVM0o3VjU5UEZKUHhOMCtHTS91UVVRQU1EejhKUFdpaVpnb3YyZWg2VDBuUTRzdXR1d0FrU0pGd2Q4QXRVU1F5eVM2U0loWFRSc0w4YkVHN2JNMTFJOW5rcXJKRk5BMD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 587388
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9EAA 15 KB
6 KB 59ms
58ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 1731903
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E62F 15 KB
6 KB 63ms
63ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 1619670
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame D813
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=bXy1vV93NzRQbk5lalVEa0dyNGFUWnJDalFsRklhekxDeFV5TEdWZnlqVGoxQUJWMVc3ZWdTemV...
https://mug.criteo.com/sid?cpp=TFUnwnx2Ti9RYVRNc2ExUlQ4aWFwUitIT0JmbW9RdWVYRVkvR1lNVUwrVGxGSndFdHFMMldiQXdBZTNFeTVsL3RObElWNHR2QVYrbTlIanR0bFZtZzJ5RTNyakFuT25LbE4wam5HMFZ1eGRzMUlSMmRXQWkxQjFUKy8zNz...

417 B
642 B

51ms
50ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=TFUnwnx2Ti9RYVRNc2ExUlQ4aWFwUitIT0JmbW9RdWVYRVkvR1lNVUwrVGxGSndFdHFMMldiQXdBZTNFeTVsL3RObElWNHR2QVYrbTlIanR0bFZtZzJ5RTNyakFuT25LbE4wam5HMFZ1eGRzMUlSMmRXQWkxQjFUKy8zNzJJQit2NWpza3g5VlVtb1plVzAyR3FXWmhuTndsdjR5ay9SN2o1ajRLSDZ2S0FJaGJBbkdueUp5akRlQzJUYlBZRW1YendPYjZSZC9MdlFuTUtYVW1WUVZDTElWUlQ0OWRrV3ZRb2dBM1kyaDRvMmQ0RENBQ1A5eHI5OTRTS0dpaWtiQkNta1RaVmtZUFBqWU9kdFUzTk4va0MwRGxDVlpnZzhEMCtNdUpSbEt5cmhPOFY5az18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

efa59a5506e919f719482da4bbc9f71a039e56be2642d27662edba7759bd1ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1596021
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=TFUnwnx2Ti9RYVRNc2ExUlQ4aWFwUitIT0JmbW9RdWVYRVkvR1lNVUwrVGxGSndFdHFMMldiQXdBZTNFeTVsL3RObElWNHR2QVYrbTlIanR0bFZtZzJ5RTNyakFuT25LbE4wam5HMFZ1eGRzMUlSMmRXQWkxQjFUKy8zNzJJQit2NWpza3g5VlVtb1plVzAyR3FXWmhuTndsdjR5ay9SN2o1ajRLSDZ2S0FJaGJBbkdueUp5akRlQzJUYlBZRW1YendPYjZSZC9MdlFuTUtYVW1WUVZDTElWUlQ0OWRrV3ZRb2dBM1kyaDRvMmQ0RENBQ1A5eHI5OTRTS0dpaWtiQkNta1RaVmtZUFBqWU9kdFUzTk4va0MwRGxDVlpnZzhEMCtNdUpSbEt5cmhPOFY5az18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 564909
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7410 15 KB
6 KB 70ms
70ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=friends.in.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://sholke.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 03:06:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 1651758
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7D30
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=bXy1vV93NzRQbk5lalVEa0dyNGFUWnJDalFsRklhekxDeFV5TEdWZnlqVGoxQUJWMVc3ZWdTemV...
https://mug.criteo.com/sid?cpp=zeMlInw0cXVUUTZuOWpPc0h3K2FJdVhMeFdRdUp4dFV1TDQrbER1dFg2YmVHVDVFcm9LNXlJMldqOGhLOEozQ0duOUI3MG1taW9naGJNTXdOcUxhenNMN3UzQTE5NW9WZWVkTm15OFNCRGtrZG0zRlRlRE9xWmZEZjJ5aV...

422 B
666 B

50ms
49ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=zeMlInw0cXVUUTZuOWpPc0h3K2FJdVhMeFdRdUp4dFV1TDQrbER1dFg2YmVHVDVFcm9LNXlJMldqOGhLOEozQ0duOUI3MG1taW9naGJNTXdOcUxhenNMN3UzQTE5NW9WZWVkTm15OFNCRGtrZG0zRlRlRE9xWmZEZjJ5aVZvMDYrMVArVm1MSnQ5MERsVDhXMUdqZUhkcTF4UGw5RDBwSzBmN1NKOTk2QmxGdFZkek1XNGk1WTdqWTBaY01EUlJvMzZTRU9rK21OeEFkaUZqVVBPVTNOM3JvU01SZHZKQTd6blFTQW00ZHhWNUFQbEREMWk5YnovNGRXdUIxckp6MTJvWW9sb2UwQkRXRlZBRTZQZEZiaGtnb0phczlpNlM1RzlvL1M1cldQRjg2aFdqWT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

06299529eb787787738a6d9db8bb6ea085b523d11da63d2d218a08ee4219490e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1014027
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=zeMlInw0cXVUUTZuOWpPc0h3K2FJdVhMeFdRdUp4dFV1TDQrbER1dFg2YmVHVDVFcm9LNXlJMldqOGhLOEozQ0duOUI3MG1taW9naGJNTXdOcUxhenNMN3UzQTE5NW9WZWVkTm15OFNCRGtrZG0zRlRlRE9xWmZEZjJ5aVZvMDYrMVArVm1MSnQ5MERsVDhXMUdqZUhkcTF4UGw5RDBwSzBmN1NKOTk2QmxGdFZkek1XNGk1WTdqWTBaY01EUlJvMzZTRU9rK21OeEFkaUZqVVBPVTNOM3JvU01SZHZKQTd6blFTQW00ZHhWNUFQbEREMWk5YnovNGRXdUIxckp6MTJvWW9sb2UwQkRXRlZBRTZQZEZiaGtnb0phczlpNlM1RzlvL1M1cldQRjg2aFdqWT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 358655
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 2DB4
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=bXy1vV93NzRQbk5lalVEa0dyNGFUWnJDalFsRklhekxDeFV5TEdWZnlqVGoxQUJWMVc3ZWdTemV...
https://mug.criteo.com/sid?cpp=aZnc73x2S1ZFZStWUEM5QVJKQjZuSnVqenZBUlhlaTEyQzZ2bmZMR3Z2UnJ2VG9VeE02ZHNHQm8rdExxZ1JKNWkxMktZV1VWZktHeTF5Nno1NUg2elFkVlV3RHZOM1p4bUhhbXZ2empqUTVpU0x2Ymx5c3dGaS80V2dwZH...

428 B
653 B

51ms
51ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=aZnc73x2S1ZFZStWUEM5QVJKQjZuSnVqenZBUlhlaTEyQzZ2bmZMR3Z2UnJ2VG9VeE02ZHNHQm8rdExxZ1JKNWkxMktZV1VWZktHeTF5Nno1NUg2elFkVlV3RHZOM1p4bUhhbXZ2empqUTVpU0x2Ymx5c3dGaS80V2dwZHcxVEhoZHNIbjBFbnZxTE1FVzFzd21NUFVnNkFQL3NROFluK2RHUGFNdEl6cG02VEV6dzUxeTNhL0lyeWVYSnRHT2ozK1dWZVlwOWtQd0gvZkZEU25mVW8zZHVBV1FxVEpDMkxIaG1keHNIRXlEVnYxelNhc2s3QlNmcDh2cXFCUXRIb3lXNU9sZlRrTWlxRTdhek50LysrNVJHd3lySGt6akt4S3k5dnk1Tmh0WGRYWXlIaz18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c1d4bc7179b223883c15ddaea521882d390854f534180881f542cc46d24b896b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1678145
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=aZnc73x2S1ZFZStWUEM5QVJKQjZuSnVqenZBUlhlaTEyQzZ2bmZMR3Z2UnJ2VG9VeE02ZHNHQm8rdExxZ1JKNWkxMktZV1VWZktHeTF5Nno1NUg2elFkVlV3RHZOM1p4bUhhbXZ2empqUTVpU0x2Ymx5c3dGaS80V2dwZHcxVEhoZHNIbjBFbnZxTE1FVzFzd21NUFVnNkFQL3NROFluK2RHUGFNdEl6cG02VEV6dzUxeTNhL0lyeWVYSnRHT2ozK1dWZVlwOWtQd0gvZkZEU25mVW8zZHVBV1FxVEpDMkxIaG1keHNIRXlEVnYxelNhc2s3QlNmcDh2cXFCUXRIb3lXNU9sZlRrTWlxRTdhek50LysrNVJHd3lySGt6akt4S3k5dnk1Tmh0WGRYWXlIaz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 474551
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 10C2
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=bXy1vV93NzRQbk5lalVEa0dyNGFUWnJDalFsRklhekxDeFV5TEdWZnlqVGoxQUJWMVc3ZWdTemV...
https://mug.criteo.com/sid?cpp=XjAqtHxvZXJweUN3Vlhia1UxSkxhMVcwVDhwTy9lY0VYS08rTCtiODhlRHcvVi95WkNWTGJrSmtYblI0V09oZVNMVkFNZ3dLY04zdDBNTDNnNjl2eHozWWxiaUpnanN6NVJZOGo0ZTZIOUtkVzBmQ1VvWVo5UC9udEtldE...

441 B
657 B

51ms
50ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=XjAqtHxvZXJweUN3Vlhia1UxSkxhMVcwVDhwTy9lY0VYS08rTCtiODhlRHcvVi95WkNWTGJrSmtYblI0V09oZVNMVkFNZ3dLY04zdDBNTDNnNjl2eHozWWxiaUpnanN6NVJZOGo0ZTZIOUtkVzBmQ1VvWVo5UC9udEtldEN2WE1TWnB6VGZMcGRPSkFVVjRzT01iTFBna2JlVDNsVWgxV1RJb0Z2cDI4alRvVXdoZ0ZZMmdPaHNGd2ZhRGlqbXVnNVZLaXU3UkhrRU4raXVhWHB5dGdkaWdnQUxQNitraExoVGtRYTlBWTNqbkNDRFpyZkJRS1ZYUXlFWkVETGlTZTR3ZEV5bkFNTWNUTTZLZTlvMXRIdnRjakhQanFlVjR1c09WT0FPSzRyS0NFbkVEWT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fe2e009b0d02a78386e6b6b748f569a7dc01195f99e3989493527ad15239d082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1857266
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=XjAqtHxvZXJweUN3Vlhia1UxSkxhMVcwVDhwTy9lY0VYS08rTCtiODhlRHcvVi95WkNWTGJrSmtYblI0V09oZVNMVkFNZ3dLY04zdDBNTDNnNjl2eHozWWxiaUpnanN6NVJZOGo0ZTZIOUtkVzBmQ1VvWVo5UC9udEtldEN2WE1TWnB6VGZMcGRPSkFVVjRzT01iTFBna2JlVDNsVWgxV1RJb0Z2cDI4alRvVXdoZ0ZZMmdPaHNGd2ZhRGlqbXVnNVZLaXU3UkhrRU4raXVhWHB5dGdkaWdnQUxQNitraExoVGtRYTlBWTNqbkNDRFpyZkJRS1ZYUXlFWkVETGlTZTR3ZEV5bkFNTWNUTTZLZTlvMXRIdnRjakhQanFlVjR1c09WT0FPSzRyS0NFbkVEWT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 579245
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9EAA
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=bXy1vV93NzRQbk5lalVEa0dyNGFUWnJDalFsRklhekxDeFV5TEdWZnlqVGoxQUJWMVc3ZWdTemV...
https://mug.criteo.com/sid?cpp=eB0XAXxwNDIzMUdIL3k4TTZ0d29OZmZaYlk0NTh4MjBXUDFCWjFlYk9rSXBnM3NaUVlkU1QzZGFXeVpJckQ2Qlc1ajZvdCtTeFBxbkcwb0k3dTNOMnMyVll1L1BwUHhJV0toZSt4UkZiNEU2SDBLbXFBWTBxZnBYOWdsVW...

433 B
653 B

51ms
50ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=eB0XAXxwNDIzMUdIL3k4TTZ0d29OZmZaYlk0NTh4MjBXUDFCWjFlYk9rSXBnM3NaUVlkU1QzZGFXeVpJckQ2Qlc1ajZvdCtTeFBxbkcwb0k3dTNOMnMyVll1L1BwUHhJV0toZSt4UkZiNEU2SDBLbXFBWTBxZnBYOWdsVW4rYk1zelhMTktXWmlnbVpXd2dvTXZOdEdWQVY4MkdqOTZBQnJaNnJDck5XRUt5a3NzaE1hUHRYbEFlcFVMRVBrSWVGSTdiTDFWUjZEVTA2ZFY5QzFaeit6WjdYQUlDYkR6cnZUYVVKWE00eWs0MjJqK0FrYW5aZ2todjV1dEN5NTlGL2FEYTFoR3NaS2ZRUWduNnhXZnZQNTQzZ1hqWUhHUUFYSGUrT1BVQ0lYOGN2VEN3UT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1c2c88f68991733fff461bb5e7ec095a815cf73532d40227114d52b3072b0018

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:27 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1616435
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=eB0XAXxwNDIzMUdIL3k4TTZ0d29OZmZaYlk0NTh4MjBXUDFCWjFlYk9rSXBnM3NaUVlkU1QzZGFXeVpJckQ2Qlc1ajZvdCtTeFBxbkcwb0k3dTNOMnMyVll1L1BwUHhJV0toZSt4UkZiNEU2SDBLbXFBWTBxZnBYOWdsVW4rYk1zelhMTktXWmlnbVpXd2dvTXZOdEdWQVY4MkdqOTZBQnJaNnJDck5XRUt5a3NzaE1hUHRYbEFlcFVMRVBrSWVGSTdiTDFWUjZEVTA2ZFY5QzFaeit6WjdYQUlDYkR6cnZUYVVKWE00eWs0MjJqK0FrYW5aZ2todjV1dEN5NTlGL2FEYTFoR3NaS2ZRUWduNnhXZnZQNTQzZ1hqWUhHUUFYSGUrT1BVQ0lYOGN2VEN3UT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 301056
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame E62F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=rrhE6V93NzRQbk5lalVEa0dyNGFUWnJDalFqZ1RhY2NPaiUyQiUyRk9JNW5DRHhURExrR2ZwOGw...
https://mug.criteo.com/sid?cpp=QJkISHx1SjZMTVJ3OVgyZkpURVExYnBzR0VHYkJJVmtDUm14OHg2bjhwU01uQ1hWTUZTa21PY1VpTmpZa0h0WUVWRFNydFdiREw2Tjc4cFVXMmtVWW5IbGNrbitUNHc0VEZBRXVINlVrSHlIamp2RGpYSjRlV1hWZjVFTH...

433 B
656 B

51ms
51ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=QJkISHx1SjZMTVJ3OVgyZkpURVExYnBzR0VHYkJJVmtDUm14OHg2bjhwU01uQ1hWTUZTa21PY1VpTmpZa0h0WUVWRFNydFdiREw2Tjc4cFVXMmtVWW5IbGNrbitUNHc0VEZBRXVINlVrSHlIamp2RGpYSjRlV1hWZjVFTHpzS1JOVnhaMDV3RkRqWjdHNGI1Vld6WHhLOEJWczMrK2ZhWG04K285L09qVFJFSDZEV1RIZ1pDcFlJM0RoUWlkMVhTcllXd3JvNzFpUXd2eGVGcUs1cTM5djBFcENUTEZZNW8wcjl4Wk1RUUJxd3NKUGU2MCtiRXZOUHF6Smk3eXQraFVodzhpejVxbjhoRkxxVGZqU1U0VkFPS0grZ25YM1lNcVBtNm91NUpGVFJYV3Myaz18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7f30c56164ded85349e3193721cddaa22a075dd267870abd0160fbde3ad0858f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:27 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2119264
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=QJkISHx1SjZMTVJ3OVgyZkpURVExYnBzR0VHYkJJVmtDUm14OHg2bjhwU01uQ1hWTUZTa21PY1VpTmpZa0h0WUVWRFNydFdiREw2Tjc4cFVXMmtVWW5IbGNrbitUNHc0VEZBRXVINlVrSHlIamp2RGpYSjRlV1hWZjVFTHpzS1JOVnhaMDV3RkRqWjdHNGI1Vld6WHhLOEJWczMrK2ZhWG04K285L09qVFJFSDZEV1RIZ1pDcFlJM0RoUWlkMVhTcllXd3JvNzFpUXd2eGVGcUs1cTM5djBFcENUTEZZNW8wcjl4Wk1RUUJxd3NKUGU2MCtiRXZOUHF6Smk3eXQraFVodzhpejVxbjhoRkxxVGZqU1U0VkFPS0grZ25YM1lNcVBtNm91NUpGVFJYV3Myaz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 624988
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7410
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=sholke.com&sn=ChromeSyncframe&so=2&topUrl=friends.in.ua&bundle=rrhE6V93NzRQbk5lalVEa0dyNGFUWnJDalFqZ1RhY2NPaiUyQiUyRk9JNW5DRHhURExrR2ZwOGw...
https://mug.criteo.com/sid?cpp=J8_RqXxTV3ZndzFwcjFWcHZRVmlVeFo2OXdZZlhJbjB2UmZack5XZUtxYThSanVBWlBwcEppYkhKbGduR2VvQjFLNmpza250QUdNb3Z4ZExEczRUaHFYVkxqMFRIbkoxbmF0N09YQmtPN0N6NUZOUCtvZmNHeDkyNDFQTV...

420 B
650 B

50ms
50ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=J8_RqXxTV3ZndzFwcjFWcHZRVmlVeFo2OXdZZlhJbjB2UmZack5XZUtxYThSanVBWlBwcEppYkhKbGduR2VvQjFLNmpza250QUdNb3Z4ZExEczRUaHFYVkxqMFRIbkoxbmF0N09YQmtPN0N6NUZOUCtvZmNHeDkyNDFQTVZZSkQwNnZwdHFlL3BpaVdnSkxaekd6SGdBaDNMc1h0bi9xaFl1Q3d1bXRockpyR1dleUlmUCt3Rzc1TjNwQ2VqRm9xSFhKdzNQVmhiazJCMjJ1cUNNTlEvSEQybCtpTjZxdWp5eHNPMi9WdWllb09LeTBZZk5jekRnYVFWUm1UbkZ3ZEZuK2lmSmJ3dFJFa3NxSFpEdmlKYURaSlZCYWF5RVo0Tit4ZU1mN3AvLy9lU0grTT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

35a8ce2ea9e149966d40b4235a6db4f18f01ed04739f3ec53ef0a7297f6c1519

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:27 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1703220
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Dec 2022 03:06:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=J8_RqXxTV3ZndzFwcjFWcHZRVmlVeFo2OXdZZlhJbjB2UmZack5XZUtxYThSanVBWlBwcEppYkhKbGduR2VvQjFLNmpza250QUdNb3Z4ZExEczRUaHFYVkxqMFRIbkoxbmF0N09YQmtPN0N6NUZOUCtvZmNHeDkyNDFQTVZZSkQwNnZwdHFlL3BpaVdnSkxaekd6SGdBaDNMc1h0bi9xaFl1Q3d1bXRockpyR1dleUlmUCt3Rzc1TjNwQ2VqRm9xSFhKdzNQVmhiazJCMjJ1cUNNTlEvSEQybCtpTjZxdWp5eHNPMi9WdWllb09LeTBZZk5jekRnYVFWUm1UbkZ3ZEZuK2lmSmJ3dFJFa3NxSFpEdmlKYURaSlZCYWF5RVo0Tit4ZU1mN3AvLy9lU0grTT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 605047
content-length: 0
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: test.takedwn.ws
URL: https://test.takedwn.ws/ping

Domain: mc.yandex.ua
URL: https://mc.yandex.ua/sync_cookie_image_check

Verdicts & Comments Add Verdict or Comment

204 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
friends.in.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7lchh8q3si0usltf1eolbtrrk5
franecki.net/	1970-01-20 10:02:06	Name: CM_redirector Value: 248ee93da
.friends.in.ua/	1970-01-20 17:28:30	Name: _ga Value: GA1.3.1554725003.1669950374
.friends.in.ua/	1970-01-20 07:53:56	Name: _gid Value: GA1.3.134330287.1669950374
.friends.in.ua/	1970-01-20 07:52:30	Name: _gat_gtag_UA_60815340_5 Value: 1
.friends.in.ua/	1970-01-20 07:52:30	Name: _gat Value: 1
friends.in.ua/	1970-01-20 08:02:35	Name: hideModal Value: true
franecki.net/	1970-01-20 10:02:06	Name: ADWUID Value: 42a0872bef3364e3484ecd91a6996b1e
.franecki.net/	1970-01-20 10:02:06	Name: ADWUID Value: 42a0872bef3364e3484ecd91a6996b1e
franecki.net/	1970-01-20 16:38:06	Name: CPOOL Value: 1
franecki.net/	1970-01-20 16:38:06	Name: BNR_109268 Value: 1670036774%7C1%7C1669950374
.friends.in.ua/	1970-01-20 17:14:06	Name: __gpi Value: UID=00000b8b5ac5fb55:T=1669950374:RT=1669950374:S=ALNI_MbxJSZ3jy7MqHMtT8EM71NmDmLQig
.aidata.io/	1970-01-20 17:28:30	Name: __upin Value: ERjBqPFO/Ml2WZymwihJGQ
.aidata.io/	1970-01-20 17:28:30	Name: __upints Value: 1669950374
.friends.in.ua/	1970-01-20 07:52:30	Name: _gat_gtag_UA_57015589_1 Value: 1
.friends.in.ua/	1970-01-20 16:38:06	Name: _ym_uid Value: 1669950375958593397
.friends.in.ua/	1970-01-20 16:38:06	Name: _ym_d Value: 1669950375
x01.aidata.io/	1970-01-20 07:56:49	Name: livin Value: 1
.mc.yandex.com/	1970-01-20 07:52:30	Name: sync_cookie_csrf Value: 3587626495fake
.mc.yandex.ru/	1970-01-20 07:52:30	Name: sync_cookie_csrf Value: 382828148fake
.friends.in.ua/	1970-01-20 07:53:42	Name: _ym_isad Value: 2
.adnxs.com/	1970-01-20 10:02:06	Name: uuid2 Value: 7992288424505389082
.doubleclick.net/	1970-01-20 17:14:06	Name: IDE Value: AHWqTUla29O5aeU9b_i8ERMFFrgRPmEHmn3kXb_FOQ4DkWLCcJVL-rxd0I9GQH_3ts8
.adnxs.com/	1970-01-20 10:02:06	Name: icu Value: ChgIx6J5EAoYBCAEKAQwqNelnAY4BEAESAQQqNelnAYYAw..
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1781913461669950376
.yandex.com/	1970-01-20 17:28:30	Name: i Value: 9T/n33qdhfz90xdZGJtGTtvuHWja6iTkQusIceglpyabhZ7gO4dqRjiGMmPsDxU2PsEm4mEZS/4N2xBVTupke2HsOtQ=
.yandex.com/	1970-01-20 16:38:06	Name: yandexuid Value: 1007775701669950376
.yandex.com/	1970-01-20 16:38:06	Name: yuidss Value: 1007775701669950376
.yandex.com/	1970-01-20 16:38:06	Name: ymex Value: 1701486376.yc.1669950376#1701486376.yrts.1669950376#1701486376.yrtsi.1669950376
.friends.in.ua/	1970-01-20 17:14:06	Name: __gads Value: ID=83058ef49f46dcc0-22fd419257b400aa:T=1669950374:S=ALNI_MZ6siQP5FEwI5JeE1PZ5Z2_7MZOTA
.connextra.com/	1970-01-20 16:38:06	Name: CxtId Value: 94124b51-5d9e-419d-8d30-e623882e0a72
.connextra.com/	1970-01-20 16:38:06	Name: FIFA Value: A%7Cpostimpression%7C1%7C202212020306%7C7%7CDDM_APN_SB_BRA_DE_300x600%7CDDM_SB_BRA_DE_FifaWorldCupNov2022_300x600%7C%7C%7CctD3Z44ZSwegj_ERqEBzDA
.criteo.com/	1970-01-20 17:14:06	Name: uid Value: 9daff02a-9343-4089-906b-ef1e2113ee7c
.friends.in.ua/	1970-01-20 17:14:06	Name: cto_bundle Value: 8Sfvol9XNTJrVWcwYnFoaTJHRUlCUkxBVGdtSyUyQm1uMzF1eSUyRkpHaUtNT3M2SUJYZGdQZDAwYlJXVjl3V3JkS05DV3hrc0dWJTJGbm9FOG9rdFJwQ3p3THJkUlVRVmx0OCUyRjZSRHVqY1hRcnBxd1B6JTJCN2RDMksyTzhRQkpFZVJLVzZJUUtvUiUyRlVQY0o3ZHhSQ0YyNktDcFplempsYkElM0QlM0Q
mediaintelligence.de/	1970-01-20 16:38:06	Name: trs Value: 63896bac1627363b82c8ecd9
mediaintelligence.de/	1970-01-20 16:38:06	Name: emid Value: 63896baf1627363b82c8ed61

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.ua/sync_cookie_image_check Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9839.7ikry0vRFE5rJIa5MWT26PYjy9YGZm_vnvS5smskfJkJSKirrPQBwq6R4ajc_-3qJy22jxG6MzvLMDIxp_EZRdbyldvVYfjsRq9lTVxdhOc%2C.9bgfeftB3fdppcT00XOGTeubTZo%2C Message: Failed to load resource: the server responded with a status of 400 ()
rendering	warning	URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896bac1627363b82c8ecd9&id=(Line 39) Message: WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering	warning	URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896bac1627363b82c8ecd9&id=(Line 39) Message: WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering	warning	URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=413212&ca=485&p=523-50003&av=99&pu=50003&as=4120&uv=63896bac1627363b82c8ecd9&id=(Line 39) Message: WARNING: Too many active WebGL contexts. Oldest context will be lost.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.gsitrix.com
acdn.adnxs-simple.com
acdn.adnxs.com
ad4m.at
adservice.google.com
adservice.google.de
ajax.googleapis.com
apps.sascdn.com
as.ad4m.at
aurabom.ru
bidder.criteo.com
cdn.adnxs.com
ced-ns.sascdn.com
connect.facebook.net
counter.yadro.ru
data.mediaintelligence.de
eus.rubiconproject.com
euw2.smartadserver.com
f273649fde4f53042c4e20b74d050e27.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
franecki.net
friends.in.ua
googleads.g.doubleclick.net
gum.criteo.com
hb.adpone.com
i.clean.gg
ib.adnxs.com
kodir2.github.io
mc.yandex.com
mc.yandex.ru
mc.yandex.ua
mediaintelligence.de
mug.criteo.com
mxtads.com
pagead2.googlesyndication.com
partner.googleadservices.com
prebid-eu.creativecdn.com
prg.smartadserver.com
s1.adform.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
shb.richaudience.com
sholke.com
ssl.connextra.com
static.criteo.net
stats.myangular.life
sync.richaudience.com
test.takedwn.ws
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.megastock.ru
www8.smartadserver.com
x01.aidata.io
mc.yandex.ua
test.takedwn.ws
108.138.17.83
138.201.204.111
147.135.143.112
151.101.1.108
151.101.193.108
157.90.0.13
157.90.211.246
178.250.2.146
178.32.210.227
185.184.8.90
185.86.139.59
2.18.232.130
212.224.112.249
213.196.39.165
217.182.178.224
23.1.110.85
23.203.77.3
23.79.149.219
2606:4700:20::681a:b19
2606:4700:20::681a:bd1
2606:50c0:8002::153
2a00:1450:4001:801::2001
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2004
2a02:2638:1::13
2a02:2638:1::1a
2a02:2638:1::3
2a02:26f0:3500:12::1730:17a3
2a02:26f0:3500:12::1730:17ba
2a02:6b8::1:119
2a03:2880:f02d:12:face:b00c:0:3
34.95.69.49
37.157.2.238
37.157.6.234
37.252.171.22
37.252.173.215
46.105.200.240
69.173.144.139
85.195.93.95
88.212.201.204
89.108.120.76
89.149.200.234
91.227.52.186
91.240.20.7
0023baff164a533fc32865aff9bb900f86ef7ecda4627bd547997b14b9b3c2b8
00ac6ba4c7cd386ce2f692f45e7718b866bb00af4a14be2efab8e49a90b3df01
00caed03f7da2eca64c51bfcbe0d41e2cabe4a6f555b6b94b73386a6120367ae
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01b01d80c3c0f05522ac58c1636a160dedf14e6f60be326b5589f5c783c01654
01f460e02afed4fa122618a31212b246ecb7004961851dce17a42500dc4e0442
02a58acbc441082afffc279ae739aa8359c1e3b39ec18621647611b1e93809a4
0312e1f30bf4a79a90bead6d2cd681c2049e8a51d9e4a55249f21b2300da09c5
0462c90aa69c24ecb90cfb59024b71fb99c89c911432d5ad21c7cbf18ef7ea6e
06299529eb787787738a6d9db8bb6ea085b523d11da63d2d218a08ee4219490e
068f7a5fdfe9a914fe5b39aed0b11e2a54a02462dea2484184ea4ca0ea0178a6
0914444836fae2f430d7c42f27b07a536508197a35aa9e4c8294bc5f7978d08b
09fd4b3ee4c7076bbbda64f207e83829876b33b7fbb4a0638d102a0d6c1f3ba9
0a38062a76227e5634cd6420c2b870edc5d9e1f09a80f051127e830348c97e64
0ab672e8803f3066115faa22fd7df03f0f235e0276d7e0d220c71516170de8fe
0bb75f6e07ec4d6d4e3ae2039822690b7d71e52c0208b63e5f34529d975db744
0be21eecf298f76f0150a10f8197b1aa93fcb5ff114577aff0c6231e5c972e4e
0c24d5868a3003ccf924ab3d528967219e03d6c93d46da648dc7e15b7d0b005d
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0c871245ef87d9515da7c1ee988827607b7f38acfeddc6af0a6f7799ee187eec
0caf2f9b5a4368c80a761076c051fe3d88ea575d140069f538643487bb6b42a5
0cbd829caf6481245426144a1f2d5d27ebc85834e6ce21a7d9feb53bd1cf1f71
0edd558409d8a1993fdccbf07c8e361aba03c8c70d920fce0f7f45c09656dd88
0f0393e1b6105f2e0fdee2b8805c1a45393453852f54ad88c60d1c2451f2a2e9
101967ae20b4ae6668c9417ecd33752510bbf2c7d3f50619f83b8a23c862262e
12dbd0e6de6f91fce74cfcb3eee8e3468c94ae49a0424b495f41fcbb5452d84a
13f8275cbf4e7c804ad0f9bff131ac159811afe0c5405e965b1b3c8c1f2de945
164331299d8714c825f8579119570c0281762fd67567e32cfa7e95cfa0516a22
1817c15871aa7e09f322db51285517ab8344467c21b0012a69c70accd5f69441
191f89ea7eacd2b0a10107c7f3eee4e35d43e53c33c3de37b68e527a3078943b
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19a504af35c5c86859ecc31d7c9851dfc96dfe7828484998fdfd544d45fe6add
19bcad5c32c05a87eeecac5ae6a3398dc2b3d2a0409a32f32c4824b4a0ca9459
1bd63a8052943e4648444083f347b8fa9454ed2cb907ff0f530b6c4b5de429df
1c2c88f68991733fff461bb5e7ec095a815cf73532d40227114d52b3072b0018
1cdfec4471965cdc07a0a4fff3c5d65c624d201dd2d30772d1fa40adff2d9e4e
1dd030e2797f617856d7eddb0af5a43b2de17251b4b5480305ea96078f8999bc
1e7e6b59a5b05255178c9b9acfc303fe2c35a16534e61076c8bfe37a16ec8e51
1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d
1f497d7bd08c7267512137e490ef6d5e5bd7f722211df2b26d4e53779102cc2c
216d9fd8badd63ea3ea54b2f8f857b6c385f114669bb111fbe9abc364d5520f1
234f3d9ead3cd9d229f47bbc7829aec54325e0d32f0ac4845dc2caafdce2dafb
23c83e5555864a994bbfdff51901ff7da42c694568af8d38c3a96301b659a965
291dce3ebf338bc1153550e8f211a9c6d0260127bdc6f62f52fdedcf3a2637ca
2971bae205271275280c9a2a71dcd2cb604459ed6a9104b5df9bf400da564533
2979899ff0e0d7252b21e06101a094d9a1f26d738a4ef10b2b0d288144ca0444
29d5b5ce2e9dc4ac1b5a1c0b0a59171ca6f6a489766cf04f1709172b7db4dea9
3148b2bff9ff38f61cd17324a0b2401d8ebaff539f4cd5d2f044da868acbb42d
35a8ce2ea9e149966d40b4235a6db4f18f01ed04739f3ec53ef0a7297f6c1519
371bd1007ecc50fdb3474537fd2a65516483e547bd0a552e0c51770c5c4e5952
3994011b7f2475f47a23ddf0347d5ee7649380677a6b2113c74fa87cde5ca01f
39980b315eb62a1631c5f4016ab4b3e6cf632996def0434b91cec6077ec9bb64
3cfe699255ca2dd49006f5a200f4dd483032c30691c1a3dbc19b371af1b81571
3d49508dd0138a36ce38733bacb139489669212d365b7a2cf460d0b8c45bc2f4
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dd8af17c4b149f67ba80b4abbfb16778dac3b410b6c783fe98d4595e2552f7e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1
3ef4992026593e0ea951ba520ff9eca88a7ea12712aca5daba6c181031ac6ab4
3f39147206a051246d91727ceaca78422a4b65e6732c8e2441e508bab1a5a812
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407326350975c0cba3da334676dab1778131da77cc5b85eeca66f7f87505fac1
407ab6cda49213e3f563632338251c4b87d9b79571dc2058bb0f2c845325532f
41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e
425d14466d34dbb0acaa9cac644d5508c96124e36c0f233b365dff87a6e37874
42dfe980f39c2fa9c3305ff3651e283f7bc3d5fa70aae11eb43eb309b7b0b2a4
440c80877bb1610d47f3e3af0f19a0a04635209ee419c8cc58f265367e31c5c2
442284eabbe832cc0149146779708e568a120a7099e5c3b21fb73af61749b1d7
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655
46663c08dc42f22f8418baf4c0046629db113c619713a4d8db2500bb575ce392
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46967c5357950663d5b99cea4a1646982f8cc90467f8d2fcd5d7c5e38d0f96dd
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b
480e671f35917348ea232ffe01e2d759469f630f3b4045689e60d2edf69b63e0
4838d99caca263728bafafda941a3217c3a346ab04d316c64f40c8e2a5acdb8c
486cf8923081a57175e52763b3ecaf24fa6c3c2338770f3ae07064e5161865d9
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4f8c566f2cc5e60ddec29774fddf017646b0d814eb25c6132d89c5c7cebd4cc3
4fbdc876e2ca2d8a15da14df894f7e3beb94ad3f032e76e87ca4d9cf67d45e22
5348ec191818bec0f4d0d58f387d0e90b5deb79ced308c39ad7a60317cd95d5c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ca6f74ffc244e6f6e9463db93c5fcb60cf249e8e5520b30205b1354da9ce3c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e2f3d548aafd379e1f399e702307f7e11eb04d8d93f1207ef3cd37690a288e
568d7d013e4ed656e5aaf5a307f05ccbf8c8d988475e881430c939822de1a88a
57747d0c58d8a960164c63f821b3132b813318f97d34fe74ed61ff679158ede4
590c9ddbc51f7ed2aa6f06fd9d4100194a40bb8dafae047df242c3b7886e2f73
5c3c5b8c4015ae50c8b6e0feab18c737d7440f5b3384cbb8e979f265b87e9667
5ce0bbe89a521f471b2e1dcac3dfde2fa5532200acc9d5d3c8a450f363a2c54e
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5db1fee4b5703808c48078a76768b155b421b210c0761cd6a5d223f4d99f1eaa
5f1a3a89f85d7d8fea248137111c5030e521d9efa3da80f95eaa2bf8ac3b6836
5fa11e5637a791ad848dc897de7de1bb1304446fd3c1514003fa0e9819119117
5fd74f661bff898e35a15ee20244a22c9f4f6517a01ad4f62e752f7b40e92e57
613e9bc8606361a83d5e6fd53c90fcb3386fc532b31955b2fca66730f7776636
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62298b3c0bebba797fe5720908a0e0dd1f83367e44403041cc0d992c2e722bc3
62a90d8e9e32738ac8556ab3ac318e8e4756d3439024901b0292adad1780a53c
64cc6d9db3528249fa7ad50508a34b0b744a4211e4520089c751803b380c347f
64d746754c5ba6667be8c7032aefad188f3020e04ae2d860633939e6681228be
66648bd12980a88b2e1a17e3772ecacf489072bc3183add3e48b21c1b7cbfe7f
6a31512c422cac068ecfe6d4d00ff74b777f47a3aafa62d5e2a1873033b33d0f
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6ae00a39afaf598a6448c8ace5d2fe1a55ba6ee259dd103ce7f95992b0bc0db8
6b5f93fcba0cae2cf7d63478302e219b922d252bca9925061e733d5494da52ac
6b64809d2582058d4a3c20246175017702c19cc81f133991440291cb5012d309
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c298c7796b872b6caa387178a0089923ed809b663bc5584601ec7c2182eb2bc
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
6fa0a971b176457437c61793137feed7b69111a113edb6fdbd48f27426c59a36
701c28ef325fdff27112c37449bc456998da9ea1b1020cf980872bac5b5ff6dc
7299c1b4670f68075ab7f2ecd08613a203bfc6f09791fa04788978e0b4e91077
74ebb114f46025f4c0986580d59f9313b9d932abe8755aeddf35f6ecb3a01d2f
77b923d6fd76d50e9728f2786c10de9ab04d7853b863244de8f4f9ab612f8bd3
7b5391d445d99ff7cd6916b249736f15cbd748c861afe04854008a43e69fff5b
7d6dcba35ce9dc1f66fa87185f1886cd8ae8b236d2618fb28f65ba96479cd9bb
7e87fdd3002e9e43dbd6211bb81b7f4f4e04f42de94b008e167186810572d044
7eb67f2752cc00c01d096a432f38903fcd28e19546e54a8398b5c5a94a4c41b9
7f30c56164ded85349e3193721cddaa22a075dd267870abd0160fbde3ad0858f
8078f97416dbfbb2b24d6a2ae82d6130ace453db0199a80746dfac32ac1040b8
825190bc39f5380a2a05980aa17f0503dceaa0704081a20b97f43afb180ca5ed
82bfe3602a4316b1840cccabb274a15d6950519634165d6b4f550d43dc6b915e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833bf0ec37d8a8c48ee876d0eb3d4c140fa7436d272d693097f005606f288e66
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
846086949f69274c8dfec4c18760080f66fdf9cb7f1054ce53ff541020e7278e
84f9e55423a6e74d0fc05bdf28b1010e51fc3ce420d47a4a096a7e7a12dd4f75
855cf138941573cf3dd1daf6ea12a15122e115c9145d809c8e3556f73668e254
85c45cee9b4f8d8d287c0911094cdacc9cf64fbd1c7f163415d7b5706b61a1bc
85c94e325af24b4fbc965162e86e9a959215c97c6bf6e989e5484838b8f8dac0
887639a83275571d5df6e4e7024c7e69f86fbb47800f5e219f28ff96df9606ef
892a4805cd03f138c65c4536ec6563b09ed3c5b488fa4a44a995a17de22cefc0
892cb57a1eeb3e07a75462120d3b8429f2cf28d1f57aba1d7933395a9043bb7b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b28a6c0486f3ec6e7ce50318a8f548bac97f197586712ee6ecdabc18424d0dc
8b297024f28bf7c02f796c5c55280dd53fd0047fa2e52c9d8c315c6128edb295
8d4b9d561703235b44c824408370d4405e2c2c7ba7da310af7f40fc094da283e
8f20e91dbd741fe6d49dc2c0db08cff9aca01e9f07aecf8af3bb997167962daf
8f7e830ead0183c0cb0cb00ee80f0168123b5b233a5e24556692904127d3afe8
8fbef915c39b670da441a27a7ac28cfbd480a921ee6ec1ec0d325aec3d074914
8fef6c7728b57a1d5ab79290a1d0eeca78ddb972d5904917014ca8804f828f53
93e6639c3f07cb77467754907778fc49a74b1194368a93923c824ebec4d78298
94d7aa346974c2fb89458181777b05db520c81fefd53220dd124f064b08e6866
961ffeb4261664d4b8fb9cbdd65afa9290174e1045f1cdc8f193a3a3c31336ef
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
969206035dc158b1d13f2629e3eda2130c5ba6b58731171da22aa1faa489632e
999808e0c710f238290331d80dec5f1a2828dc0ec5b6e7fa52441b123ca2678d
99fa1a22eb84b8ab59977b633e35e1b88a5655b4085a92101b7c437a86106631
9a210f208afe7d94673898071f42e05c6040ae0d98aff80c0dd2770a18da62d7
9a320a9d03f0e5da1cba1723aa068858b57577592e75fa1d3d452cd20f9b112d
9a49365a0972e0978e6bb697a7f2f6916fcc47c6482b994b69e16122589964f8
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9eb072d3bb656e5d9d661bc0f0a4bca93adf7e2d916cb7fcbdceb926010abdbb
9f1135eea206ef2621430b20c2115a12968a73188f27b8d8b8f20310a07e7a95
9f98178c172ee2c1b0a3f4c38d2b1e2bd51ea772fcdaf16c23bf5556183fd030
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1ef9c4b3b3adadf00ee533142b95ade92036859a9f4e58b4fc79a4c07aa4c77
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a35d3d9cee3477f8fd80add926065d2141d82dcc4a8155bbb55970023c21ce50
a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7
a472ce20c2c4ab1907fedde9d44b4f0d09e295d22603d26bc392233ba4a4448a
a47f0acbfac22ba56e7f163f70ee3d00e7eed490969b683d6a5dbd7adaba1e10
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a57acc7776143c4260462075f7ee06df650c3ea5969900f63f1246b0fb76cff4
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27
a695b09d12dc140f99887cd23d333b5fdf0682b1f44557273a486d2c7c16aa72
a9f6b15742c22af02f9aa660127b7c551aa7b00682c2e1464ef60c64e8771d5d
ab508518c3900bd62b4db9267cba1c87b581fc79cf8344baccbe6c960543ee1b
ab8b6924619317a40378b8e6300d982eed7212151048bc43bd2f3706ca428621
abfcb01141c43c34a551f34901fe76e4f84dcfba3d998098142ad14264e3fc7d
ada010ff26dcf50d70711d8d9d35a597d1f7dbeec8d7972cd7c198f5f6176fc9
ae667f9c3a748739ea15139d817849bca484b29d00bdbdb3c5c6c318a87951b2
af38edd2b55598c29544e9fb87533f8e7881f1a1c3a6645564941689a97dcb09
af979fb22443f5e45d9e166bbc7a049202c7a8c7c9b5e5b0323a80a7d0e3bc16
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b147907747673ed17920d157551394a7b0f9825874bf09a5e6baf552e50c4a33
b1cfd3919b372790a78351ed88e8df02e241d2b8028f70ff7db4419f7dfad30f
b1eb7cf0cd5ad4c0546c148673cae8fd4a1bbb2c210893a975cf43e387d33867
b27dac1362a907e10e84987c6e2ba5f5fbb716f095bd646f85de1d1927750b3c
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b3096b857e86eab973eddc159c3f9233154423c62eee6470df746d66b93a7a92
b39089f86c5a91e4ace07afe8c1b939c3c4b4cd43e7d2c0c8f84fd3e244436d1
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4ad7371dfc345075752b74a0e82afcccf2b2d7df83dd9bdb911599c1a5b8f59
b501542cfbefe3c6690454ceeb1a625dce5d1dac9c075f79e5e31bded6cb1937
b6fa50ad4dd55c55cd90a64441a81c427cea26135af2327fcd89fbc06638b937
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
b9132ab54c6e1bc9d6c1fd6b66b93c77894cda13b87cc8fdb3fabb1d4222ee0e
b9b55eda4118e5fda9876af796e33d19cbb2661da9e0594f2d7837039f0e0ac1
ba596ee2020ea5cd3eb5a6356a5604dedba161599b0d7b2001f0509f588733d3
ba6ad3d5f2e4f812f189159634422ef4595e1efecc67ac79f5bd484fba3e3a46
bab5ce7c7073c85f122783a4ea77abacb08645a251381852f584f39d17e172a7
be7fc75536eff1afeafe89c471e191c21cf4520180a0602be2255d95fec1d79e
bf9203363a52ecce705e13cea541d2cf2294533037365ea9d1e1545a1dce8652
c0b815b24999b9247906f92aab02a04b01e4b75fe75440c6466442a2db6f20e7
c0ec2f990fddecd9804e96e022c258e6ec3960a6d47144df58bcb83f0a3cbd7b
c1d4bc7179b223883c15ddaea521882d390854f534180881f542cc46d24b896b
c24bbcb3112da75415103f764163f3d510440abe4f3916e601ae6c1fa894eb4f
c26b8a70f92035adae17882779c83869226d7ab70ad3c55eaf366c165c744fc5
c2899b0932bdf27ca8d24ffefabe2892045f7dd8bcb3d45ba2c81f683578f308
c3a17655f21a096a023f55d4e720605b05dcda1501daaa7377f3b04772580bab
c3c6da7d2c1b3f54a0b6b70e706fddd7fac5dcebb28dc4b4b3eaef6d1f8d3637
c4a69f5f1de2dcf7fc9834dbc5d95701623e89ca25702dd981af33ebd7a3ef97
c56e7a5a0d46c97aad190fb2b2b8e1fbcd19a24ca7bf87fa7bc1a173f3c48617
c6002842e5f7cd5d7898ccd55452049240e2014e283191fb63770bfe3ec49973
c8e415f1f00ee16b5a176e75036c9f9630f1ac4e07c5ec4b2ceb1dd22aba9506
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c9ce265ce2b48d817939e2bf23231279055d2ca8943fc89d0e95adac38ef27e6
ca706f7070b55f04ad7e61bcd28ddf780ca341464cd42a329400101f0b01e423
caecfb958ef1a9571585c051bf22deab7f719c629b3b604a160cb8a18903a03e
cc061536cf4e44b82f18a0e541811bf0a705af2b944ac68feea812965c603b09
cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1
cee490fdb12f5a7b47e3c3cb6c07082dbb80d36bac565762799456fde264424d
cf7831c6f7020ad1fe08bcd7ebc754fce36b9d583df02795c71f3b0d28040dbf
d0e641dde8d7e6695dd34925b9777784c31994054729a217a358c7aafd407151
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d1a6f1a3318a1a4bee3b13bd4c93c229915b58b75c5a7ffad4e54636c2632859
d541aa62c506c4ff9167e15f7c9e9e967b1bdf8f92118237ad55a6a3864f67a9
d61211db4c5b6571434938770721be10d58117857a195414b23d401bdd403ece
d73872fea47ecf9e7c96d60a36585037efd6e66e2ecf39e8a4b697a7d64fc14a
d83c8c684c71b22436e90b2de30f4346a6691d1a40e93a19285864ee5725108a
d9f7eb7abd8c938bdd86975d382911f93580a1a4622b2b816fb920f93e9a66ee
db4a2b60b546fb7631a59b8e6edcab335bd6de1f6bf23ca42c21da40564bd085
dbf4d7abfc0934fa3c0e37a2c5136d3fa428fd4be4c9502d68eb04def3db9bd0
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
defd1ddb5e6e34159db098e3821f303578bb67764367d9477f2b1dc58906e944
e1c6d8e452ac4e0808066929a74847d9e7b269da9100a2f9add5495c60620d9c
e25b1807f6285a992305a2a993e7894c56c8864b20d7627f8956c454a8a84824
e379a2d041fb3a6209377c16290698752facddde5ddf527a75dc8a56afd4a82e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f92a27f7ad39ce1008cfaab2cb20ff2cc79314cd0fbc94952741e35d32a373
e9d04b52142cb63af955d167a62bc412e280b01a17648994aa4b838e0c979c52
eb11aba293f137cd39bf466b01f8de4105d0e5bed6f2ff34d6281a15c6de9188
ec2647bc2820df7d8d20d1b41c2e28654947a92bf62d1d747284a0ad315b6580
ec745d98e0660fe0fc5ccbf5b66d7cb9381b708f5276b1d133a613f085e21ec3
ec7c7704dff96cefde09d463320858879f5d02567828c3e3c1480527cd23f012
ece1396d2793d15de84e18a6a5527b7e52bf44bc6e56901e7e5e35d5093b8a0c
ed4a6bfc2ee3e531be78b7330cbdbf23b564fa5144975bca472d60c3b03212b3
ed7650d92891f78ed522c5551444dd32ee65d9abc9da25d3b2a3ec079e2bae3c
ee8c7a171fae56ccd6fa2c4795beeca609c1845bc5d70cc77c9040be096abbbc
eef1e87a90a2a3a05465a552f948571869322806a434af522b5392bc94ba57b5
ef873eff64fdbf3aad9ff01b9c6769486adb6f8a6913b7798158d206a2c71da9
efa59a5506e919f719482da4bbc9f71a039e56be2642d27662edba7759bd1ce0
f0890052c64e6ebeb30ce1522f4b4255ec1e28acd020f57ed371134d4cf06801
f252dbd82ab06b1186225d8814613c9d34c7d2d22c435034c35a0b9b5f274e40
f4d6fa15792bf2316634e30547b58982f70779af811f4f4612d78d4af4525a3d
f51da656e75209593e6e829ac4939ff91d105abf0bae88be7fc8fad921342bfe
f60dae7119e9a426e1d780c4975d6bcc5a86ee60638a8bd0588324ed29905438
f66ff6eeb1deb5c8dfe3f5f35e6632398ca41245519b40394cb585404ee201d1
f800e06dd0a06d26695ce311bdd13904916ae3e280481842cb5ffec4ddccc9a5
f83aba329a813f09369e5835393cf80f17235983b5933dcd51b8a8f3d95aac73
f9d4b9988ba256c2bd4b37ca52857f847e68d79f17493869897579d4a982e433
fa8d0f708854fa8176787962412fd62da9f35b52e2df11209f5fd946663ce895
faa69d639d56fc49b0d21c556a95ba925a57fed658c13af51a9706cd525e79c5
fb335728f8fce433087e47181a2037351faf9ecaafbb13e827cd4df8a691a84e
fbf57c32e5ca6f599320b99c079cbf1a33a5d0eecccb14be414e46d7f8792df8
fdd997b8d0a45a366bafcb635743428f7cfcf77f031f6a89fc5c8b190169b8d6
fe2e009b0d02a78386e6b6b748f569a7dc01195f99e3989493527ad15239d082

friends.in.ua Open in urlscan Pro 91.240.20.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

774 Requests

97 %HTTPS

43 %IPv6

40 Domains

59 Subdomains

53 IPs

7 Countries

9947 kBTransfer

20710 kBSize

36 Cookies

0 Outgoing links

Page URL History

Redirected requests

774 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

friends.in.ua Open in urlscan Pro
91.240.20.7 Public Scan

Screenshot
Live screenshot

Full Image

774
Requests

97 %
HTTPS

43 %
IPv6

40
Domains

59
Subdomains

53
IPs

7
Countries

9947 kB
Transfer

20710 kB
Size

36
Cookies

774 HTTP transactions
1 data transactions