stud.com.ua Open in urlscan Pro
5.45.72.163 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://stud.com.ua/
Effective URL:
https://stud.com.ua/
Submission: On November 20 via api (November 20th 2022, 2:49:47 am UTC) from GB — Scanned from GB

Summary HTTP 375 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 81 IPs in 15 countries across 87 domains to perform 375 HTTP transactions. The main IP is 5.45.72.163, located in Dronten, Netherlands and belongs to SCALAXY-AS, NL. The main domain is stud.com.ua.
TLS certificate: Issued by R3 on October 23rd 2022. Valid for: 3 months.

This is the only time stud.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	5.45.72.163 5.45.72.163	58061 (SCALAXY-AS) (SCALAXY-AS)
19	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	5.45.73.237 5.45.73.237	58061 (SCALAXY-AS) (SCALAXY-AS)
16	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
4	45.133.44.3 45.133.44.3	7018 (ATT-INTER...) (ATT-INTERNET4)
19	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
7	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
3	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6	188.42.189.231 188.42.189.231	7979 (SERVERS-COM) (SERVERS-COM)
37	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
1	34.149.50.64 34.149.50.64	15169 (GOOGLE) (GOOGLE)
1 7	146.0.227.109 146.0.227.109	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
1 4	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	2a02:2638::24 2a02:2638::24	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1	18.158.77.24 18.158.77.24	16509 (AMAZON-02) (AMAZON-02)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	54.38.197.123 54.38.197.123	16276 (OVH) (OVH)
2	62.149.1.122 62.149.1.122	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
33	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
36	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 4	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1 1	35.157.182.139 35.157.182.139	16509 (AMAZON-02) (AMAZON-02)
4 19	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
5 5	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
6 7	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
6 6	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:d786:ef20:82e3:39f7	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6 6	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
4 4	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2	88.99.63.132 88.99.63.132	24940 (HETZNER-AS) (HETZNER-AS)
3 5	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:7e05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
3	18.133.151.109 18.133.151.109	16509 (AMAZON-02) (AMAZON-02)
1	144.76.87.156 144.76.87.156	24940 (HETZNER-AS) (HETZNER-AS)
2	18.66.147.41 18.66.147.41	16509 (AMAZON-02) (AMAZON-02)
3	13.32.121.66 13.32.121.66	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
10 11	3.66.124.166 3.66.124.166	16509 (AMAZON-02) (AMAZON-02)
4 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	178.63.43.235 178.63.43.235	24940 (HETZNER-AS) (HETZNER-AS)
2 2	194.190.76.45 194.190.76.45	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	151.236.118.146 151.236.118.146	204720 (CDNETWORKS) (CDNETWORKS)
6	3.11.224.13 3.11.224.13	16509 (AMAZON-02) (AMAZON-02)
3 4	37.157.3.28 37.157.3.28	198622 (ADFORM) (ADFORM)
2 2	213.155.156.164 213.155.156.164	1299 (TWELVE99 ...) (TWELVE99 Arelion)
6	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
11	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	52.95.126.138 52.95.126.138	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 3	54.195.228.204 54.195.228.204	16509 (AMAZON-02) (AMAZON-02)
1 1	54.243.58.43 54.243.58.43	14618 (AMAZON-AES) (AMAZON-AES)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	35.214.223.115 35.214.223.115	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	5.161.54.172 5.161.54.172	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
2 2	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	141.94.242.204 141.94.242.204	16276 (OVH) (OVH)
2 2	141.94.171.215 141.94.171.215	16276 (OVH) (OVH)
2 2	54.77.35.234 54.77.35.234	16509 (AMAZON-02) (AMAZON-02)
2 2	52.57.54.93 52.57.54.93	16509 (AMAZON-02) (AMAZON-02)
3	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	141.94.170.64 141.94.170.64	16276 (OVH) (OVH)
1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	51.68.39.188 51.68.39.188	16276 (OVH) (OVH)
1	2a05:d018:d29... 2a05:d018:d29:3602:574e:c78f:197:6bf7	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	159.65.197.210 159.65.197.210	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.102.253.54 34.102.253.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	35.210.53.219 35.210.53.219	15169 (GOOGLE) (GOOGLE)
3 3	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	89.108.119.28 89.108.119.28	197695 (AS-REG) (AS-REG)
1 2	2a02:6b8::90 2a02:6b8::90	() ()
1 1	23.1.110.85 23.1.110.85	() ()
2	104.109.78.125 104.109.78.125	() ()
1	69.173.144.165 69.173.144.165	() ()
375	81

13 5.45.72.163 (Dronten, Netherlands) 1 redirects

ASN58061 (SCALAXY-AS, NL)
PTR: mx.ebrary.net

stud.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

chart.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.45.73.237 (Dronten, Netherlands)

ASN58061 (SCALAXY-AS, NL)
PTR: mx.studlancer.net

studlancer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb2.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
63e2d93e744c9c06e92c1b9162c1ca0e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.42.189.231 (Luxembourg)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 146.0.227.109 (Ascension Island) 1 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prebid-inv-eu.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.180 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.77.24 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-77-24.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.38.197.123 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.149.1.122 (Vyshhorod, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.182.139 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-182-139.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 216.58.212.130 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 72.246.169.24 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.189.115 (United Kingdom) 6 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.64.154.237 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:d786:ef20:82e3:39f7 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.230 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.63.132 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.239.217 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.133.151.109 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-151-109.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.87.156 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.156.87.76.144.clients.your-server.de

tm.simptrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-41.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-66.fra60.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 3.66.124.166 (Frankfurt am Main, Germany) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-124-166.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.43.235 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.235.43.63.178.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.76.45 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.236.118.146 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.11.224.13 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-224-13.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.28 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.164 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.244 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.126.138 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Tuttlingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.195.228.204 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-228-204.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.243.58.43 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-58-43.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.161.54.172 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.172.54.161.5.clients.your-server.de

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.45 (United Kingdom) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.242.204 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: bixel-10.cloudy.ovh

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.171.215 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.35.234 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-35-234.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.54.93 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-54-93.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.170.64 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.39.188 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu

dsp.nrich.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:574e:c78f:197:6bf7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.25 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.197.210 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.82 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.158 (Frankfurt am Main, Germany) 3 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.28 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (None, ) 1 redirects

ASN- ()

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.1.110.85 (None, ) 1 redirects

ASN- ()

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (None, )

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136 63e2d93e744c9c06e92c1b9162c1ca0e.safeframe.googlesyndication.com	558 KB
52	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 203 ad.doubleclick.net — Cisco Umbrella Rank: 173	427 KB
42	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 28280 ad4m.at — Cisco Umbrella Rank: 9541 assets.ad4m.at — Cisco Umbrella Rank: 36321	2 MB
42	yahoo.com 4 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1118 ups.analytics.yahoo.com — Cisco Umbrella Rank: 280 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416	5 KB
30	pubmatic.com 6 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449 image6.pubmatic.com — Cisco Umbrella Rank: 662 ads.pubmatic.com — Cisco Umbrella Rank: 458 image2.pubmatic.com — Cisco Umbrella Rank: 882 simage2.pubmatic.com — Cisco Umbrella Rank: 671 image4.pubmatic.com — Cisco Umbrella Rank: 822 simage4.pubmatic.com	48 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 353	326 KB
13	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 6186 ghb.adtelligent.com — Cisco Umbrella Rank: 6055 ghb1.adtelligent.com — Cisco Umbrella Rank: 7046 ghb2.adtelligent.com — Cisco Umbrella Rank: 9463 sync.adtelligent.com — Cisco Umbrella Rank: 4017	140 KB
13	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	4 KB
13	stud.com.ua 1 redirects stud.com.ua	327 KB
12	bidswitch.net 10 redirects grid.bidswitch.net — Cisco Umbrella Rank: 899 x.bidswitch.net — Cisco Umbrella Rank: 281	4 KB
9	admixer.net 1 redirects inv-nets.admixer.net — Cisco Umbrella Rank: 2481 prebid-inv-eu.admixer.net — Cisco Umbrella Rank: 253133 cdn.admixer.net — Cisco Umbrella Rank: 46950	91 KB
8	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 17892 api.webgains.io — Cisco Umbrella Rank: 57986	63 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	96 KB
7	rubiconproject.com 4 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 307 secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	13 KB
7	betweendigital.com ads.betweendigital.com — Cisco Umbrella Rank: 1902 cache.betweendigital.com — Cisco Umbrella Rank: 18426	5 KB
6	casalemedia.com 6 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418	5 KB
6	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 99097 static-de.ad4mat.net — Cisco Umbrella Rank: 135123	11 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	284 KB
6	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 691 gum.criteo.com — Cisco Umbrella Rank: 390 mug.criteo.com — Cisco Umbrella Rank: 2725 dis.criteo.com — Cisco Umbrella Rank: 631	2 KB
6	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 209 acdn.adnxs.com — Cisco Umbrella Rank: 579 secure.adnxs.com — Cisco Umbrella Rank: 426	39 KB
4	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 582	2 KB
4	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 15574	3 KB
4	addthis.com 4 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1487	3 KB
4	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 615	2 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 8709	1 KB
4	googleapis.com chart.googleapis.com — Cisco Umbrella Rank: 21033 fonts.googleapis.com — Cisco Umbrella Rank: 43	4 KB
3	bumlam.com 3 redirects sync.bumlam.com — Cisco Umbrella Rank: 3348	2 KB
3	onaudience.com 3 redirects pixel-eu.onaudience.com — Cisco Umbrella Rank: 13081 pixel.onaudience.com — Cisco Umbrella Rank: 3206	1 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 341	793 B
3	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 465	2 KB
3	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 57421	27 KB
3	webgains.com track.webgains.com — Cisco Umbrella Rank: 45190	6 KB
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 1473	620 B
3	lijit.com ap.lijit.com — Cisco Umbrella Rank: 599	1018 B
2	yandex.ru 1 redirects an.yandex.ru	666 B
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 14868	1 KB
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 4467	748 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 559	946 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 693	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 714	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 519	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 745 s.tribalfusion.com — Cisco Umbrella Rank: 1840	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 533	744 B
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 915	2 KB
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 446	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4495	562 B
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 15974	825 B
2	lead-alliance.net 2 redirects www.lead-alliance.net — Cisco Umbrella Rank: 74155	685 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 73310	442 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 623	57 KB
2	adpartner.pro 2 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 8982	517 B
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 723	358 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
2	studlancer.net studlancer.net	100 KB
1	playground.xyz 1 redirects ads.playground.xyz — Cisco Umbrella Rank: 3659	465 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1949	534 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 708	518 B
1	dotomi.com pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3009	104 B
1	nrich.ai 1 redirects dsp.nrich.ai — Cisco Umbrella Rank: 2774	526 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 752	610 B
1	erne.co 1 redirects green.erne.co — Cisco Umbrella Rank: 16063	367 B
1	iprom.net core.iprom.net — Cisco Umbrella Rank: 5822	279 B
1	truffle.bid matching.truffle.bid — Cisco Umbrella Rank: 6159
1	loopme.me csync.loopme.me — Cisco Umbrella Rank: 840
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 665	613 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1442	524 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 16082	70 B
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 480	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 479	621 B
1	simptrack.com tm.simptrack.com — Cisco Umbrella Rank: 89682	939 B
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 85917	517 B
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 62594	638 B
1	zenaps.com 1 redirects www.zenaps.com — Cisco Umbrella Rank: 19106	699 B
1	blau.de partner.blau.de — Cisco Umbrella Rank: 106057	1 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 80510	1 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1472	297 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 929	356 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 621	763 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 339	140 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6054	174 B
1	seedtag.com s.seedtag.com — Cisco Umbrella Rank: 6153	403 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	699 B
1	adtcdn.com player.adtcdn.com — Cisco Umbrella Rank: 30205	97 KB
1	google.com.ua 1 redirects www.google.com.ua — Cisco Umbrella Rank: 20905	325 B
0	tns-counter.ru Failed www.tns-counter.ru Failed
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
0	admanmedia.com Failed cs.admanmedia.com Failed
375	87

	Domain	Requested by
37	c2shb.ssp.yahoo.com	player.adtcdn.com
33	tpc.googlesyndication.com	googleads.g.doubleclick.net stud.com.ua a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
19	cm.g.doubleclick.net	4 redirects a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com stud.com.ua
19	securepubads.g.doubleclick.net	stud.com.ua securepubads.g.doubleclick.net cdn.admixer.net www.googletagservices.com
19	pagead2.googlesyndication.com	stud.com.ua pagead2.googlesyndication.com a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
18	assets.ad4m.at	as.ad4m.at
15	cdn.ampproject.org	securepubads.g.doubleclick.net
13	stud.com.ua	1 redirects stud.com.ua
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	stud.com.ua a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com as.ad4m.at ad4m.at
11	simage2.pubmatic.com	ads.pubmatic.com
11	x.bidswitch.net	10 redirects stud.com.ua
8	www.google.com	1 redirects stud.com.ua a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com tpc.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net stud.com.ua
7	image6.pubmatic.com	6 redirects ads.pubmatic.com
6	image2.pubmatic.com	ads.pubmatic.com
6	api.webgains.io	analytics.webgains.io
6	ad.doubleclick.net	6 redirects
6	ssum-sec.casalemedia.com	6 redirects
6	www.googletagservices.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net stud.com.ua a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
6	ads.betweendigital.com	player.adtcdn.com ads.betweendigital.com stud.com.ua
5	ghb.adtelligent.com	player.adtelligent.com player.adtcdn.com
5	adservice.google.com	stud.com.ua pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	c1.adform.net	3 redirects ads.pubmatic.com
4	ups.analytics.yahoo.com	4 redirects
4	www.awin1.com	2 redirects as.ad4m.at
4	e.dlx.addthis.com	4 redirects
4	cms.quantserve.com	1 redirects a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
4	ib.adnxs.com	1 redirects player.adtcdn.com acdn.adnxs.com
4	inv-nets.admixer.net	1 redirects player.adtcdn.com cdn.admixer.net
4	a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	player.adtelligent.com	stud.com.ua player.adtelligent.com player.adtcdn.com
4	www.gstatic.com	stud.com.ua googleads.g.doubleclick.net
3	sync.bumlam.com	3 redirects
3	match.adsrvr.org	ads.pubmatic.com
3	match.prod.bidr.io	2 redirects ads.pubmatic.com
3	cdn.track.production.webgains.team	as.ad4m.at
3	track.webgains.com	as.ad4m.at
3	static-de.ad4mat.net	as.ad4m.at
3	pixel.rubiconproject.com	3 redirects
3	rtb.openx.net	a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
3	prod-rtb.ad4mat.net	stud.com.ua
3	prebid-inv-eu.admixer.net	securepubads.g.doubleclick.net cdn.admixer.net
3	fonts.googleapis.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net
3	ap.lijit.com	player.adtcdn.com stud.com.ua
2	eus.rubiconproject.com	cache.betweendigital.com eus.rubiconproject.com
2	an.yandex.ru	1 redirects stud.com.ua
2	x01.aidata.io	2 redirects
2	pool.admedo.com	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	pm.w55c.net	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	pixel-eu.onaudience.com	2 redirects
2	sync.1rx.io	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	sync.mathtag.com	2 redirects
2	d5p.de17a.com	2 redirects
2	px.adhigh.net	2 redirects
2	ads.pubmatic.com	player.adtcdn.com ads.pubmatic.com
2	mug.criteo.com	stud.com.ua
2	gum.criteo.com	1 redirects
2	analytics.webgains.io	track.webgains.com
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	static.criteo.net	player.adtcdn.com static.criteo.net
2	cdn.admixer.net	prebid-inv-eu.admixer.net
2	sync.adtelligent.com	stud.com.ua
2	a4p.adpartner.pro	2 redirects
2	onetag-sys.com	player.adtcdn.com
2	www.google-analytics.com	stud.com.ua www.google-analytics.com
2	studlancer.net	stud.com.ua
1	token.rubiconproject.com	eus.rubiconproject.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	secure-assets.rubiconproject.com	1 redirects
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	ad.turn.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	dsp.nrich.ai	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	pixel.onaudience.com	1 redirects
1	green.erne.co	1 redirects
1	core.iprom.net	ads.pubmatic.com
1	matching.truffle.bid	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	csync.loopme.me	ads.pubmatic.com
1	sync.srv.stackadapt.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	cache.betweendigital.com	ads.betweendigital.com
1	sync.dmp.otm-r.com	ads.betweendigital.com
1	stags.bluekai.com	1 redirects
1	acdn.adnxs.com	player.adtcdn.com
1	id5-sync.com	player.adtcdn.com
1	tm.simptrack.com	as.ad4m.at
1	banner.congstar.de	as.ad4m.at
1	www.conrad.de	as.ad4m.at
1	www.zenaps.com	1 redirects
1	partner.blau.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	63e2d93e744c9c06e92c1b9162c1ca0e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ag.innovid.com	a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
1	odr.mookie1.com	a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
1	d.agkn.com	1 redirects
1	eb2.3lift.com	player.adtelligent.com
1	grid.bidswitch.net	player.adtcdn.com
1	bidder.criteo.com	player.adtcdn.com
1	prebid-eu.creativecdn.com	player.adtcdn.com
1	ghb2.adtelligent.com	player.adtcdn.com
1	ghb1.adtelligent.com	player.adtcdn.com
1	s.seedtag.com	player.adtcdn.com
1	hbopenbid.pubmatic.com	player.adtcdn.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	player.adtcdn.com	stud.com.ua
1	www.google.com.ua	1 redirects
1	chart.googleapis.com	stud.com.ua
0	www.tns-counter.ru Failed	stud.com.ua
0	googlecm.hit.gemius.pl Failed	a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
0	cs.admanmedia.com Failed	player.adtelligent.com
375	126

This site contains links to these domains. Also see Links.

Domain
studlancer.net
bank.gov.ua

Subject Issuer	Validity	Valid
stud.com.ua R3	`2022-10-23` - `2023-01-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
studlancer.net R3	`2022-09-11` - `2022-12-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-16` - `2023-06-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
player.adtelligent.com R3	`2022-11-18` - `2023-02-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-10-04` - `2023-01-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-28` - `2023-04-28`	a year	crt.sh
*.admixer.net Sectigo ECC Domain Validation Secure Server CA	`2021-11-16` - `2022-12-17`	a year	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-10-07` - `2023-01-05`	3 months	crt.sh
ghb2.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-10-07` - `2023-01-05`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-10-15` - `2023-01-13`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
simptrack.com R3	`2022-10-10` - `2023-01-08`	3 months	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-24` - `2023-02-24`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-07-20` - `2023-07-19`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
loopme.com R3	`2022-09-26` - `2022-12-25`	3 months	crt.sh
truffle.bid R3	`2022-10-03` - `2023-01-01`	3 months	crt.sh
*.iprom.net R3	`2022-09-13` - `2022-12-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh

This page contains 58 frames:

Primary Page: https://stud.com.ua/
Frame ID: 2FAF82F47A5004B9F823CE6D5B7B8EF5
Requests: 106 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: F8DF79AA96F90966BF738920AC9815B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9237573666471195&output=html&adk=1812271804&adf=3025194257&lmt=1668855603&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fstud.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668912580232&bpp=4&bdt=371&idt=332&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=49064145484&frm=20&pv=2&ga_vid=1876514594.1668912580&ga_sid=1668912581&ga_hid=1053111039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070924%2C31061690&oid=2&pvsid=1822966521601445&tmod=1688213269&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=351
Frame ID: B4ABC76E1FAB11535CCDBE4FC58D17F0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5656744916850703&output=html&h=624&slotname=1742221966&adk=154644959&adf=2205867349&pi=t.ma~as.1742221966&w=330&cr_col=1&cr_row=7&lmt=1668855603&rafmt=9&format=330x624&url=https%3A%2F%2Fstud.com.ua%2F&crui=pub_control_text_card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668912580311&bpp=18&bdt=449&idt=275&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=49064145484&frm=20&pv=2&ga_vid=1876514594.1668912580&ga_sid=1668912581&ga_hid=1053111039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070924%2C31061690&oid=2&pvsid=1822966521601445&tmod=1688213269&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=X6nhPleLZa&p=https%3A//stud.com.ua&dtd=280
Frame ID: 94099A60A7F2CC313F857534F3AC953B
Requests: 12 HTTP requests in this frame

Frame: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 80F73E97AE82669A058E34F4F064200F
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
Frame ID: AD9A4037973C916CF3D1BE0560452DF2
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D738167%26extuid%3D%24UID
Frame ID: 3610F8043B8B3DFCCF29FB87EA3BDC0E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3BF8DF7B61521B57F65D51B535537854
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5z0a6z9IPm36jkjL2GkIv3nR1aY6mY0KjsuMZOA2STx18wMPcwh0OjiyDhGN79W-xeavRD9iwkcafQpOu2tRGhhDAiiofgg6ce0YGyDT5hdCcdJT8lbhBJpJ7zgYuBNp0kJouVOXOeZcSkGsoNeKX4E31uq7OaI14MsAF_orMGOJBb5A5ntbeTaEigBBuBvr8Uy5UpsKGHxjgT4oAJttDa3rcAA_6a8BAiSlq98bhbhuoHUn97aajfuSZ6WD0WVPwsepCi-rGuu8ZPCbtgz476-mtwrLRtfrE_TkzlZkNVrA1Qy2eYs6i-QLBKLU9&sai=AMfl-YRtJX9rsRScrBlanJIlyy5Dx1DyiY4cEKmwL-eOvAg9axS6BnDQV376Dr6t_3F8radZeeT9F0O0tXzuuDEGL6cTVKns6CkEI-W_RV286KbFWeBfRPEZAXyZjrNNM8fv_w&sig=Cg0ArKJSzPX4QqKam92MEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B9FC23DBCFBDD5F5DE54B5EAD9A80483
Requests: 21 HTTP requests in this frame

Frame: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 84FAAACB8D72C54CD0B23BF7798A053A
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: FFBC3FC690967B40BED7A70F89BA4881
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 3D9E75C9036CE63D6E4D4B2EB22EDA1F
Requests: 12 HTTP requests in this frame

Frame: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1E9021293ACBACAE8EDC9945A1B331A6
Requests: 10 HTTP requests in this frame

Frame: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1A8784B5391C9F1A49121DF5339D5C09
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Frame ID: 5CF68ADA7473700FB6694A14F18AC9F8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CIV8NxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5a1M332_wgYTz9-XrvhE7G8dAC68cPMl_u4sqxRZKJBOnPjFqcV2A4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi01NjU2NzQ0OTE2ODUwNzAzGOOCdg&sigh=2F38AqZENks&uach_m=[UACH]&cid=CAQSPADq26N9pegLCE9LZ53PInXCKfwNxbjB2WuemT8ByHVZDHmNV_bGuylNYIxfep4Fl-WRI8Q9ESQOqdSswxgBIBM
Frame ID: F42D4863A7DFF905570B519FE2F823E0
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g7gswr6wacda6gpfeeaffxjbmk1bm3c83tdd6ev6ea2hxqaqkbwwf6mjs83fq7kg7gfq1d8h7k0n8tthhczf0hpqbsegkv6z2r3emy976k87j2ry55exzbm8bnywm8jbkybdqfs68trkwz88pxb8jd160efqwbznzn1qhy29y1f27s2ym4c29tqr6qn0j1tgvxwjzys5btxhr10pr4e3r2cym5zn7b0wwz28myy7mptmjbayvvt95g6ew61v6vwsb0m25bahns5vtawm334dy3qhp1nqm76tazrypxxcpnqn4dezt2qzjexbbx842rbh7xq2gbfza24r2tx6kvhytmpqr80hgbhewztge3jzacjpvkbn8rmmyymq8w2gpkr4vev42nz4z1qm1cxrbcdkg0vkz9x0xyw48bkayf000y7t63d1chjt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%26client%3Dca-pub-5656744916850703%26adurl%3D
Frame ID: D004DD3E435A3757FB4EB3EDDEDE04BC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3DEB443EE2BE30A38BD1F7CD319FF615
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hdj3td32524rengg48d978xv1nz1mvc787n018phnenpr482x1n30th41n5ehragpe5wvcgdmvtt3xb02v9frazfjwzszhg90fhzwmm12q0v0vz84xezwyxr3fds0e172whwp395771n51rckz5xz77x5v7q4w098cfv036a1tqht4k8z4nswyttazbwbj48cj0vtp1xjz4g4ygpvvqafr642vgdthz39fft70fhfhkswqht14pj7vmr6d5ftjzgm15yvvn4xdshpz8jsh26pfa5h8atg1yhpmdhjt5nf6vqawy37z1ggf9pzv2wkvrpmre647nfzcvymypk9kqggwg25jg308j7ctpgk66fdyf03wwrvs2ffmk42pfqb94072ktp3vb9ncyd6rpwf723d2b8q17ry569vqhm95y3qxxb7zy27at&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6cR6xZV5Y9boFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QLlFjLt_e4prmFPY670_2GRiO70xFJa0D_zRJgWwLkXeA6VXXFwrlvXgA1upWM7Mo3KJHwaUNQrIwRemFde4n6jy_46IeXyRFJk2x_5S4-8m8_lvzrKnNFK60j1PhVeFm-JZDNCmpBTObVzWSRGcRtHW6Mdx-U-h2-shNVUGenIJDuUFwMlmZlnto-R9ZYmh9p0wxxoCmEaltR3OtvWhCr9pYgeS9Z8_Xe3mXxEyY5oD6Qqouu6Xqls25OF4X3O8Bx7SxGFbmwwlToML1qBTvPMeYkH70sNtMMDnKueWreO7PmiIT4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2sjpVT0Npgt8eSmMT--TJp4i320g%26client%3Dca-pub-5656744916850703%26adurl%3D
Frame ID: ED1482423153F4A7B6417CB49BD75273
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 05D2BBB4D552AFAB16BF583F9D698948
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jm2s4k3d4qt7kxhayw6adsx9ta8wb7jbw48mwxffbp8wqec0p0bjbwtcqbnr5ke00b4a107dkx2w2hgvxc34byq99kmmt17yzxawpbzvsvynxtxg62z9pw1p9bepx0ck35gm6cyb8wnkt1snwyvr5pyqf0cx4tv7y03pbp8y7xcmr081806cbz4d1nxwq0dktk11wbstkwd81a4jc604y65tyj706m8nn3hg5wtp40ryknvjeec2qmxaehe8fp5mrwncje8ah5ex5zk0p8mvd3pvan4cq2mt504y78kqahmp8582kz3tj8z3mpk004tf2ng8ctx6hwgyz6ydy8a96se3j527fwzgesh4sk2rsf0tybqxbv7dt9ye6552a5m66ezs874y2s0y6j17xqzxby9dfvk2xnnn5fefy5wex551vdd6kng&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzsU1xZV5Y9PoFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTlAU_QMN5MNQR70gJgYk5dQkp7gUjULVPJ3-CmLz-c_6bKQNIGAx6gFqORWCmnL3zCfTFC986v8uJXToJwStGM1V5Qkv0lHEhY1KRIAszlYRcWK1cRcr-zx4Xz_rk7AH_XLJ4SiKzQagPlbBlMIiMo3HjykvfP9Lyb6bc4QGAw-QlxncSCLZs72Ukv0-xqWCxH3A_v5VKCe7ttAzEYFM0nQQjl3JsTCRLCrAwTrDdHVrWIqeIIg1JcN7L6Pe3h1cwEfbVrBClpG2g9-Wa_soJZX3Owl-HTEKQZwG4X-TzmUFQLoZAPdkvgBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_02GgLx0NQTP470NJmL_LKeKBQ-Kw%26client%3Dca-pub-5656744916850703%26adurl%3D
Frame ID: B14D221BD1CC5CD7CBAC044300F0CDBE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D9A7657AC3E8B09D52875E79DFA5215C
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C90FB702F39BF69689236165E01F0F7C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 89A70135E4D3261C94E0E90CBE1095B5
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 7BC022452D477364E19A47C2F33E0F84
Requests: 1 HTTP requests in this frame

Frame: https://63e2d93e744c9c06e92c1b9162c1ca0e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4E3C4113B2B3701AF80F8B64A13F86BE
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=5d7d6fc5258d4152588eae1ee10f7c9d%2F2366318031751671155&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582768&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k46fgj5makt184hbkvh3fyjf73thv51mfwwmesm6hwjw8dzeecr2d37xmyjt8cwg6rmkva40hrx9g3h8y98c7q8ym17zz65m09csyzt09ga0ac6b5rr047wkpcj403d9wvs9re6dz1jdpkgmhwgh2twccy55336d4q85vse2p91fxw9nmak7y1j7jqke9w7nmbqd6sd6hdqwjzafx2966sknnr7vy7qbjb2rymep6z7mcfstd7ze6qv0g04h8f3rkjwxpkfjtt56tg5nyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzsU1xZV5Y9PoFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTlAU_QMN5MNQR70gJgYk5dQkp7gUjULVPJ3-CmLz-c_6bKQNIGAx6gFqORWCmnL3zCfTFC986v8uJXToJwStGM1V5Qkv0lHEhY1KRIAszlYRcWK1cRcr-zx4Xz_rk7AH_XLJ4SiKzQagPlbBlMIiMo3HjykvfP9Lyb6bc4QGAw-QlxncSCLZs72Ukv0-xqWCxH3A_v5VKCe7ttAzEYFM0nQQjl3JsTCRLCrAwTrDdHVrWIqeIIg1JcN7L6Pe3h1cwEfbVrBClpG2g9-Wa_soJZX3Owl-HTEKQZwG4X-TzmUFQLoZAPdkvgBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_02GgLx0NQTP470NJmL_LKeKBQ-Kw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Frame ID: 13D9856336F7F69EA94B5E381244B011
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=c56db4298109cedb481d5e3bc0459c87%2F14067477401601687808&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582771&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka5eascsdpeda1bz0v6pv8y5vma3583kacng097nfjbzg10heq1fbdj0s1afchm08sy27dkgb2z21ave6z2pgnz2g50xmawbxxxs0q6wxvp6g9h9wwk2vxaaej735qm97b72adr8935d1rj9ffztvvc44jj1861rn47fjzzyccm3nzc7ekse4v5aq0wq6ks38fsb6ccsc43mnwvy4kjjx1camyy2p44nnb6jsqr384m5ab20ahzje2dcfe9z4brtbaz8dj0m2jm07rfq36g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cR6xZV5Y9boFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QLlFjLt_e4prmFPY670_2GRiO70xFJa0D_zRJgWwLkXeA6VXXFwrlvXgA1upWM7Mo3KJHwaUNQrIwRemFde4n6jy_46IeXyRFJk2x_5S4-8m8_lvzrKnNFK60j1PhVeFm-JZDNCmpBTObVzWSRGcRtHW6Mdx-U-h2-shNVUGenIJDuUFwMlmZlnto-R9ZYmh9p0wxxoCmEaltR3OtvWhCr9pYgeS9Z8_Xe3mXxEyY5oD6Qqouu6Xqls25OF4X3O8Bx7SxGFbmwwlToML1qBTvPMeYkH70sNtMMDnKueWreO7PmiIT4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2sjpVT0Npgt8eSmMT--TJp4i320g%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Frame ID: E581DE611ACE00DFABB5B20EE17235BB
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=160&d=600&e=&g=56974894a167a25b01b904da8bb1bfae%2F7331761722778322746&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8bemtw96879y3egrnqn9yf45b76tnvd9a3d61cxsd83kpdwa77mqj7052zqqhbsqw420yd02exykfcfx35b0z7f1xj20gbp1khhx82m83npn832gysvw363km82frzc2bw1f192tq3pd4mnd28mmaw0y062ahkcwz2b2avkxr77svy5j2vsmzpb8m0zck2keyt26pz9fa3rkvxvxns9d80ha7mjg6s1v1p7zhpajbewywww77cj0gchcqwqbxye9pb6wbb3gg2h64wqreg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Frame ID: 4844B44F198806A32AA79294CF0C6EF8
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3CC992533331B7147CB3112AFF19941B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1AEF4399006C6C6755549B3FC186256E
Requests: 2 HTTP requests in this frame

Frame: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Frame ID: 0B7C69D65CEE50063AD1431F47AD1076
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 0D77FF9CFA22A1CBA54374B6C1F79E74
Requests: 16 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 683CF1FD929F29D875B526C0AB34C634
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Frame ID: 6CA8873A3FCF9BAB0C64DBAF41BA74F6
Requests: 19 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13459965
Frame ID: 726BD1758A83C26C3D747392C58221B7
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1668912581037&gdpr=0
Frame ID: 909842A031391EBBE8389F9DB351713B
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 5E9DAB61F891778A8332F8D89ECE5A1E
Requests: 5 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=9652bf11-dbc1-5244-b63f-f1cdd5466408&CACHEBUSTER=88197
Frame ID: CD136FA44BC51FE1E7133786BD3B4144
Requests: 4 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=295B3ABB-CBEA-4159-A204-987F7E93F87C&gdpr=0&gdpr_consent=
Frame ID: 129E7410B07DA9461CD69424A2DA6E30
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5948669038099671985
Frame ID: 72A50419C2659E7CCBB8FEDD4684DC67
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f59f6379-95c8-4400-ac47-61a9064532f6&gdpr=0&gdpr_consent=
Frame ID: 29DC9E6ACB76ED088925E9F5D66FECDE
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 06F73316E009A1E74A951D2ACCD24A9B
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=295B3ABB-CBEA-4159-A204-987F7E93F87C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: BF0E70FC28792E2FF6A0029A79BBB210
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6908932938425473278&gdpr=0&gdpr_consent=
Frame ID: 970F7474E85BEFC020F51F4B0EFC5BA6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=c3akAnxw8A1ocPYDdia-XnQm9wNocqUIcyP-wlLz
Frame ID: 34FEAD224141AB670626A1658EFF4AB6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7167924968180611211&gdpr=0&gdpr_consent=
Frame ID: E0C70DA5BC4EAF54E4A29F960AD303F3
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 039D0D8BE948DC640C209C7CC2DBE742
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=DI4zSDP_Q2Rz-4PN7vrnOVLHgiY
Frame ID: E1208619F489E83953D7EFCE2CACEF4B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3mVyAAAAT_zlQAO&gdpr=0&gdpr_consent=&_test=Y3mVyAAAAT_zlQAO
Frame ID: BDD870B136AD3B75AC0CCAAB259E0452
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: D044679AD713EE69E0642883E6FF6FC2
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: B48E6C414CE8339655F8AC577DC47242
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 7AB775B3165D8A562B0FDE337321908A
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 0118FBF4FFF1AA7DB4CB5BD60D847432
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4263734806
Frame ID: 736360055DD22C9DC5435755C971D613
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaQXaRjUTMSVaXVVb
Frame ID: 15DD10A7039B12290EA4979229F61C88
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:w4pbqrbn1OWAoV5&gdpr=0&gdpr_consent=
Frame ID: 4F9F80D83BC433733280E889AA136D95
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: C126F555A53527D276A665A0DD88B372
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Підручники для студентів онлайн

Page URL History Show full URLs

http://stud.com.ua/ HTTP 301
https://stud.com.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Page Statistics

375
Requests

89 %
HTTPS

31 %
IPv6

87
Domains

126
Subdomains

81
IPs

15
Countries

4576 kB
Transfer

9594 kB
Size

131
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://studlancer.net/index.php?utm_source=studua&utm_medium=banner&utm_content=left_slide&utm_campaign=order#order

Search URL Search Domain Scan URL

URL: https://bank.gov.ua/ua/about/support-the-armed-forces

Search URL Search Domain Scan URL

URL: http://studlancer.net/
Title: by Studlancer

Search URL Search Domain Scan URL

URL: https://studlancer.net/ua/role/
Title: політикою обробки персональних даних

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://stud.com.ua/ HTTP 301
https://stud.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://www.google.com.ua/coop/cse/brand?form=cse-search-box&lang=uk HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 93

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=60779ea3-80b3-40af-9c9e-d679f9723e56

Request Chain 190

https://d.agkn.com/pixel/2175/?google_gid=CAESEDjiXXE3tx-fneOnZEPBvuA&google_cver=1&google_push=ASkJ3FYT2jV9F-tSVjcj7C-2bP6lq0gA9KfxqcPtX39fdo0IHDO2SjrtwzwKgF7gMNrHUPNi0tuxJq1utSvUjT9Ve3mK_hSjIbDF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYT2jV9F-tSVjcj7C-2bP6lq0gA9KfxqcPtX39fdo0IHDO2SjrtwzwKgF7gMNrHUPNi0tuxJq1utSvUjT9Ve3mK_hSjIbDF&google_hm=Q0FFU0VEamlYWEUzdHgtZm5lT25aRVBCdnVB

Request Chain 191

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FacIzoM5uwIXWepGkt7sBroS0gpAXGnTgeyfIlUOeEWqoDu_ZmrpMKVuHRSCA5x8Oh0hsYEfF71XUkbuZOlMRNRxxYWQSbq&google_gid=CAESEFqMIbbWHQKlWnaDpnMThzo&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FacIzoM5uwIXWepGkt7sBroS0gpAXGnTgeyfIlUOeEWqoDu_ZmrpMKVuHRSCA5x8Oh0hsYEfF71XUkbuZOlMRNRxxYWQSbq&google_gid=CAESEFqMIbbWHQKlWnaDpnMThzo&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjAwMjQ5NDIwMDAxMjMzMjMxMzQ1MA%3D%3D&google_push=ASkJ3FacIzoM5uwIXWepGkt7sBroS0gpAXGnTgeyfIlUOeEWqoDu_ZmrpMKVuHRSCA5x8Oh0hsYEfF71XUkbuZOlMRNRxxYWQSbq

Request Chain 193

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKZjxnTHBa6efOA6d5lCRGk&google_cver=1&google_push=ASkJ3FbMD6J7AumreHph7Ddvrp4NEx7Swl483ml6g4IyzoYmReqgAhymhqOyRH4eAWtWCXS7nKzQgkP1wZPVg2Oqi5BszK4_iBnu HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKZjxnTHBa6efOA6d5lCRGk&google_cver=1&google_push=ASkJ3FbMD6J7AumreHph7Ddvrp4NEx7Swl483ml6g4IyzoYmReqgAhymhqOyRH4eAWtWCXS7nKzQgkP1wZPVg2Oqi5BszK4_iBnu&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-FW5FqJLT7Sr-4YVB_mOkg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbMD6J7AumreHph7Ddvrp4NEx7Swl483ml6g4IyzoYmReqgAhymhqOyRH4eAWtWCXS7nKzQgkP1wZPVg2Oqi5BszK4_iBnu

Request Chain 194

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIpfn_amBzKEZdvttrUFwFY&google_cver=1&google_push=ASkJ3FadGNyyy0VvLBGotGvNU-Yl3IxEPSCnS56awTdj4S-maF1Su9G-yd5X_qzLIOyb6AuHksNTwToaBvtjDLz7sF7JOh3SHmch HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPUkdNNU4tMjItSkRPSw==&google_push=ASkJ3FadGNyyy0VvLBGotGvNU-Yl3IxEPSCnS56awTdj4S-maF1Su9G-yd5X_qzLIOyb6AuHksNTwToaBvtjDLz7sF7JOh3SHmch

Request Chain 195

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_cver=1&google_push=ASkJ3FazgUlpNL3xAukMI1nsGP_Csm2Z0taKt9IoFuyfrcUD7FsgZS1IyFMoR_eK4sMT2eYj0GXf-LoAcGXsVTJX2cbEP8C9Zlf- HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_push=ASkJ3FazgUlpNL3xAukMI1nsGP_Csm2Z0taKt9IoFuyfrcUD7FsgZS1IyFMoR_eK4sMT2eYj0GXf-LoAcGXsVTJX2cbEP8C9Zlf-&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_hm=Y3mVxu0ej_Lv8WuN8yHpSgAAByEAAAAB&google_nid=index&google_push=ASkJ3FazgUlpNL3xAukMI1nsGP_Csm2Z0taKt9IoFuyfrcUD7FsgZS1IyFMoR_eK4sMT2eYj0GXf-LoAcGXsVTJX2cbEP8C9Zlf-

Request Chain 207

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKZjxnTHBa6efOA6d5lCRGk&google_cver=1&google_push=ASkJ3FaTGcjgAEJHhnuc9yoA-hEEXhJ9Cp-XCrBEoBUrwb5tt1mojNpbFMbOITlIvxxlWl5lVmKA204id9huwX27VQvS_4SSg1c HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKZjxnTHBa6efOA6d5lCRGk&google_cver=1&google_push=ASkJ3FaTGcjgAEJHhnuc9yoA-hEEXhJ9Cp-XCrBEoBUrwb5tt1mojNpbFMbOITlIvxxlWl5lVmKA204id9huwX27VQvS_4SSg1c&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GZMItyK5RCCVrd1-IQjMLA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaTGcjgAEJHhnuc9yoA-hEEXhJ9Cp-XCrBEoBUrwb5tt1mojNpbFMbOITlIvxxlWl5lVmKA204id9huwX27VQvS_4SSg1c

Request Chain 208

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIpfn_amBzKEZdvttrUFwFY&google_cver=1&google_push=ASkJ3FZxBXsQqN6H7DjpKHZ5SXjKZAiV-V6qlraBlY0WOMohJ05x4SARqZs4N3bDI2CCtyA_RMKyfdgtmnpurm3OQq2MrHSAio8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPUkdNNzQtMVUtNk1TOA==&google_push=ASkJ3FZxBXsQqN6H7DjpKHZ5SXjKZAiV-V6qlraBlY0WOMohJ05x4SARqZs4N3bDI2CCtyA_RMKyfdgtmnpurm3OQq2MrHSAio8

Request Chain 209

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_cver=1&google_push=ASkJ3FYGvo0Z9JWb4FCPmOq7eyOMAkO04xD1bYZHRnQpxhOd_GROrRqBEShE4ySTOcqF329NOOYG0xIbUruFOXNjVtJbbSQnI0o HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_push=ASkJ3FYGvo0Z9JWb4FCPmOq7eyOMAkO04xD1bYZHRnQpxhOd_GROrRqBEShE4ySTOcqF329NOOYG0xIbUruFOXNjVtJbbSQnI0o&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_hm=Y3mVxu0ej_Lv8WuN8yHpSgAAByEAAAAB&google_nid=index&google_push=ASkJ3FYGvo0Z9JWb4FCPmOq7eyOMAkO04xD1bYZHRnQpxhOd_GROrRqBEShE4ySTOcqF329NOOYG0xIbUruFOXNjVtJbbSQnI0o

Request Chain 214

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FbwydQI08tLnqGjf_S-FVy5tcPwJ8NCEp6ZyP4HX1N64wzKNlhp3qDUCgjQktCMpidQ3E-336tSHwqiBipI4Tsm1WEtzQwl&google_gid=CAESEFqMIbbWHQKlWnaDpnMThzo&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FbwydQI08tLnqGjf_S-FVy5tcPwJ8NCEp6ZyP4HX1N64wzKNlhp3qDUCgjQktCMpidQ3E-336tSHwqiBipI4Tsm1WEtzQwl&google_gid=CAESEFqMIbbWHQKlWnaDpnMThzo&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjAwMjQ5NDIwMDAzOTUwODU2Njc3Nw%3D%3D&google_push=ASkJ3FbwydQI08tLnqGjf_S-FVy5tcPwJ8NCEp6ZyP4HX1N64wzKNlhp3qDUCgjQktCMpidQ3E-336tSHwqiBipI4Tsm1WEtzQwl

Request Chain 216

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKZjxnTHBa6efOA6d5lCRGk&google_cver=1&google_push=ASkJ3FYFe13VMdMKUD-fojL9oUYzDVh-TZMh4fbHOJLMK9GqoyZZAHsDbC7E7Y1dL3pzh45-c6cqkoQFHRR_vJQY_nZWOZyIM6Lz HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKZjxnTHBa6efOA6d5lCRGk&google_cver=1&google_push=ASkJ3FYFe13VMdMKUD-fojL9oUYzDVh-TZMh4fbHOJLMK9GqoyZZAHsDbC7E7Y1dL3pzh45-c6cqkoQFHRR_vJQY_nZWOZyIM6Lz&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KVs6u8vqQVmiBJh_fpP4fA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYFe13VMdMKUD-fojL9oUYzDVh-TZMh4fbHOJLMK9GqoyZZAHsDbC7E7Y1dL3pzh45-c6cqkoQFHRR_vJQY_nZWOZyIM6Lz

Request Chain 217

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIpfn_amBzKEZdvttrUFwFY&google_cver=1&google_push=ASkJ3FaWUenVfwXRMdTm_ZAOrLhQ2Ilsq6vR5DJHbkwSL1vyxcILtndJj2b5qn88E5nALgGDqtAg9EQa1mF-tUAHOwbXIx1Ojeaw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPUkdNNzUtWi0xUzhK&google_push=ASkJ3FaWUenVfwXRMdTm_ZAOrLhQ2Ilsq6vR5DJHbkwSL1vyxcILtndJj2b5qn88E5nALgGDqtAg9EQa1mF-tUAHOwbXIx1Ojeaw

Request Chain 218

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_cver=1&google_push=ASkJ3FaA83jEejUHvspAVPytQHb6TOgg61cO7NEP1lK8hG8PxbZtAsUq2fWx2KtJaL4q8KBET4JXT8Gs-fteX5aUlI8IX9NKoUZ8 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_push=ASkJ3FaA83jEejUHvspAVPytQHb6TOgg61cO7NEP1lK8hG8PxbZtAsUq2fWx2KtJaL4q8KBET4JXT8Gs-fteX5aUlI8IX9NKoUZ8&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_hm=Y3mVxu0ej_Lv8WuN8yHpSgAAByEAAAAB&google_nid=index&google_push=ASkJ3FaA83jEejUHvspAVPytQHb6TOgg61cO7NEP1lK8hG8PxbZtAsUq2fWx2KtJaL4q8KBET4JXT8Gs-fteX5aUlI8IX9NKoUZ8

Request Chain 223

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 255

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKfYsu3fu_sCFVnsEQgdbK8Oyw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022112003494378703702139X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022112003494378703702139X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218

Request Chain 258

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CMfXsu3fu_sCFdR64AodQmkN8g;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022112003494378703702137X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0

Request Chain 261

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.zenaps.com/cshow.php?pvr=fc442b00-687d-11ed-bfbc-22342ff4a6f7&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&pv=1&gdpr=0&gdpr_consent= HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1668912583_fc442b00-687d-11ed-bfbc-22342ff4a6f7&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 275

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CIKYs-3fu_sCFRjBEQgdtiIIHQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1668912583_fc712e70-687d-11ed-adce-2234a4c513ba

Request Chain 317

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fstud.com.ua%2F&domain=stud.com.ua&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=badk4Xw3SGtZcmhPYWZEZHkvU3FiTUc5YzgxbjF6M2hrcDRsbE84RXpzVGRER3haaGdjTEo3VjdpWGxrcGRXSWFhVk13WlhDMC8wZHAvcDBFMEh5QVlSdjJONENSMTY5OS9LMndScXVFZG1BbU5Ncjhubyt1VDhRMEpvcVowdkdERUlxZ3BIME9iNW5MMVFkYmVkdlgzdUNreWt3SFZBbHdPRUFIUzlway9UdzhmYjZtaENXbG1hS3pkQ2N2Z0JUbnozV0N3VFhldHVrL016d0xUd2VrV1laRGI3ZnVBK01qN2E4djk3K2xKTVRjbkZnPXw&cppv=2

Request Chain 324

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=60779ea3-80b3-40af-9c9e-d679f9723e56

Request Chain 325

https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0 HTTP 302
https://stags.bluekai.com/site/92145?id=6e3c42f1-2e98-45e8-ac41-3bb51ac6257f&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D452%26ssp%3Dthemediagrid%26user_id%3D&limit=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=

Request Chain 326

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dbetween%26bsw_param%3D6e3c42f1-2e98-45e8-ac41-3bb51ac6257f%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=ff1d34b81fb14484add670617e083d36&ssp=between&bsw_param=6e3c42f1-2e98-45e8-ac41-3bb51ac6257f&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=3bb24fd5-348b-4b8d-ba5a-eebaecba2ecb

Request Chain 327

https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=&verify=true HTTP 302
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1Wd0loeE1oRTJ1RUhqbTZLdkVlb3haMGRwM3AuMXp6Z0thRnpsT1UtfkE%3D&gdpr=0&gdpr_consent=

Request Chain 329

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=5kUwGCQNAZF.AikABlGEkvEY1w

Request Chain 340

https://c1.adform.net/serving/cookie/match?party=14&cid=295B3ABB-CBEA-4159-A204-987F7E93F87C&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=295B3ABB-CBEA-4159-A204-987F7E93F87C&gdpr=0&gdpr_consent=

Request Chain 341

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5948669038099671985

Request Chain 342

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f59f6379-95c8-4400-ac47-61a9064532f6&gdpr=0&gdpr_consent=

Request Chain 344

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=295B3ABB-CBEA-4159-A204-987F7E93F87C&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=295B3ABB-CBEA-4159-A204-987F7E93F87C&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 345

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6908932938425473278&gdpr=0&gdpr_consent=

Request Chain 346

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=c3akAnxw8A1ocPYDdia-XnQm9wNocqUIcyP-wlLz

Request Chain 347

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7167924968180611211&gdpr=0&gdpr_consent=

Request Chain 348

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFLb3JFN0c4eXdBQUNFRmh0MWs1UQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 349

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=DI4zSDP_Q2Rz-4PN7vrnOVLHgiY

Request Chain 350

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y3mVyAAAAT_zlQAO HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3mVyAAAAT_zlQAO&gdpr=0&gdpr_consent=&_test=Y3mVyAAAAT_zlQAO

Request Chain 352

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 355

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1668912584962 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4263734806

Request Chain 356

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JaQXaRjUTMSVaXVVb HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JaQXaRjUTMSVaXVVb HTTP 302
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=3d49aa6e1bc89c27b8806a3b81b6e4e5&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D39puKE4JaQXaRjUTMSVaXVVb HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaQXaRjUTMSVaXVVb

Request Chain 357

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:w4pbqrbn1OWAoV5&gdpr=0&gdpr_consent=

Request Chain 358

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KVs6u8vqQVmiBJh_fpP4fA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 359

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4aba6379-95c8-4000-8c21-3fbe2c10f61a

Request Chain 360

https://pixel.onaudience.com/?partner=214&mapped=295B3ABB-CBEA-4159-A204-987F7E93F87C&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

Request Chain 361

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mjk1QjNBQkItQ0JFQS00MTU5LUEyMDQtOTg3RjdFOTNGODdD&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 362

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGy6CXryBHScwOsKQtCHkJ4&google_cver=1

Request Chain 364

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2191524053000893781

Request Chain 366

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3bb24fd5-348b-4b8d-ba5a-eebaecba2ecb&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=791a4f9b-3d49-4f4e-ace6-8f73c557362e&expires=1&user_group=5&ssp=pubmatic&bsw_param=3bb24fd5-348b-4b8d-ba5a-eebaecba2ecb HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3bb24fd5-348b-4b8d-ba5a-eebaecba2ecb&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 368

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=295B3ABB-CBEA-4159-A204-987F7E93F87C&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=295B3ABB-CBEA-4159-A204-987F7E93F87C&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-c9V8XoBE2uV2z9Fruu48tBV5PycUvtM-~A&gdpr=0&gdpr_consent=

Request Chain 370

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ece10878-e20d-496d-a0d2-e3c65d070045-637995c8-4348&gdpr=0&gdpr_consent=

Request Chain 371

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3830597427083284717&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 372

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d4a79a51-91bd-4014-9002-d5facd85cffb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 373

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6908932938425473278

Request Chain 375

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=6e3c42f1-2e98-45e8-ac41-3bb51ac6257f HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=6e3c42f1-2e98-45e8-ac41-3bb51ac6257f HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=b08c533a-6fc8-45d8-be80-a73d97bdce67&user_group=1&ssp=between&bsw_param=6e3c42f1-2e98-45e8-ac41-3bb51ac6257f HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=3bb24fd5-348b-4b8d-ba5a-eebaecba2ecb

Request Chain 376

https://sync.bumlam.com/?src=aid0 HTTP 302
https://sync.bumlam.com/?src=aid0&s_data=CAIQARjJq-abBqIBEP3gkJhofRHtqxUAJZDIJDc* HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=fde09098-687d-11ed-ab15-002590c82437 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=fde09098-687d-11ed-ab15-002590c82437&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=dRJ9aJVFa2s88Q6SHiD%2BWw& HTTP 302
https://an.yandex.ru/mapuid/adsniperis/fde09098-687d-11ed-ab15-002590c82437 HTTP 302
https://an.yandex.ru/mapuid/adsniperis/fde09098-687d-11ed-ab15-002590c82437?redir-setuniq=1

Request Chain 379

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

375 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
stud.com.ua/
Redirect Chain

http://stud.com.ua/
https://stud.com.ua/

131 KB
36 KB

234ms
114ms

Document
text/html

5.45.72.163
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stud.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS: mx.ebrary.net
Software: nginx / PHP/5.5.38
Resource Hash: 217a3009b7c0a4ee6dec4e9e7a7799142eeee105aff81073af16a2fa63d43945

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=WINDOWS-1251
date: Sun, 20 Nov 2022 02:49:39 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat, 19 Nov 2022 11:00:03 GMT
pragma: no-cache
server: nginx
x-powered-by: PHP/5.5.38

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sun, 20 Nov 2022 02:49:39 GMT
Location: https://stud.com.ua:443/
Server: nginx

GET
H2 200 normalize.css
stud.com.ua/templates/agrid/css/ 2 KB
964 B 57ms
57ms Stylesheet
text/css 5.45.72.163
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stud.com.ua/templates/agrid/css/normalize.css
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS: mx.ebrary.net
Software: nginx /
Resource Hash: 9ec0f64e5dbe89db69c74e916f36c0172a2d99ad6f6f2b22ca48e4493f2b3091

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:39 GMT
content-encoding: gzip
last-modified: Sat, 11 Apr 2020 15:13:34 GMT
server: nginx
etag: W/"5e91de9e-701"
content-type: text/css
cache-control: max-age=864000, max-age=864000
expires: Wed, 30 Nov 2022 02:49:39 GMT

GET
H2 200 agrid.css
stud.com.ua/templates/agrid/css/ 11 KB
4 KB 58ms
57ms Stylesheet
text/css 5.45.72.163
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stud.com.ua/templates/agrid/css/agrid.css?1665682626
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS: mx.ebrary.net
Software: nginx /
Resource Hash: 110f9df01faaf1c095e17387e051c04eaff94428f9603886ef807e24d9915819

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:39 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 17:37:06 GMT
server: nginx
etag: W/"63484cc2-2c87"
content-type: text/css
cache-control: max-age=864000, max-age=864000
expires: Wed, 30 Nov 2022 02:49:39 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 209ms
83ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9237573666471195

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2dd91b75a8f29450eb47a384fcd94cd88826405557df434dfbf6fd2ab168abcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stud.com.ua/
Origin: https://stud.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49145
x-xss-protection: 0
server: cafe
etag: 13512459940629627139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 02:49:40 GMT

GET
H2 200 logo.png
stud.com.ua/templates/agrid/images/ 15 KB
15 KB 61ms
58ms Image
image/png 5.45.72.163
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stud.com.ua/templates/agrid/images/logo.png
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS: mx.ebrary.net
Software: nginx /
Resource Hash: a77ddd6e1f9a51be62ecf6fe0ac747f0e24420bb72cf4c1bc7421b7faddccf5c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:39 GMT
last-modified: Tue, 14 Apr 2020 16:14:55 GMT
server: nginx
etag: "5e95e17f-3b07"
content-type: image/png
cache-control: max-age=864000, max-age=864000
accept-ranges: bytes
content-length: 15111
expires: Wed, 30 Nov 2022 02:49:39 GMT

GET
H2 200 chart
chart.googleapis.com/ 818 B
1 KB 391ms
258ms Image
image/png 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chart.googleapis.com/chart?cht=qr&chs=150x150&chl=https://stud.com.ua/

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GoogleChartAPI/1.0 /

Resource Hash

633fb954e4c608aff445328431b5b0e37bc4ee62c11c110793906913f1923561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 May 2018 18:35:04 GMT
server: GoogleChartAPI/1.0
age: 0
x-frame-options: ALLOWALL
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 818
x-xss-protection: 1; mode=block
expires: Sat, 19 Nov 2022 02:40:55 GMT

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

https://www.google.com.ua/coop/cse/brand?form=cse-search-box&lang=uk
https://www.gstatic.com/prose/brandjs.js

14 KB
6 KB

180ms
56ms

Script
text/javascript

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 21:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5807
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 20 Nov 2022 21:50:42 GMT

Redirect headers

date: Sun, 20 Nov 2022 02:40:07 GMT
x-content-type-options: nosniff
server: sffe
age: 573
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/prose/brandjs.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Sun, 20 Nov 2022 03:10:07 GMT

GET
H2 200 share42.js Show response
stud.com.ua/share/ 3 KB
1 KB 57ms
57ms Script
application/javascript 5.45.72.163
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stud.com.ua/share/share42.js
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS: mx.ebrary.net
Software: nginx /
Resource Hash: 6bc7ca08b6253d3467f7ac4b7038dc93fc1078af79cc2783b28175701ab9d44a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:39 GMT
content-encoding: gzip
last-modified: Thu, 22 Nov 2018 09:55:07 GMT
server: nginx
etag: W/"5bf67cfb-a2e"
content-type: application/javascript
cache-control: max-age=864000, max-age=864000
expires: Wed, 30 Nov 2022 02:49:39 GMT

GET
H2 200 print_adv.png
stud.com.ua/images/ 13 KB
13 KB 61ms
59ms Image
image/png 5.45.72.163
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stud.com.ua/images/print_adv.png
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS: mx.ebrary.net
Software: nginx /
Resource Hash: 563e2f1f30883d0d6f38af0a3ab53d70f4ad62ac986381da22770808dec525ee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:39 GMT
last-modified: Tue, 22 Sep 2015 10:07:08 GMT
server: nginx
etag: "5601284c-340f"
content-type: image/png
cache-control: max-age=864000, max-age=864000
accept-ranges: bytes
content-length: 13327
expires: Wed, 30 Nov 2022 02:49:39 GMT

GET
H2 200 min_adv2.gif
stud.com.ua/images/ 16 KB
16 KB 64ms
61ms Image
image/gif 5.45.72.163
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stud.com.ua/images/min_adv2.gif
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS: mx.ebrary.net
Software: nginx /
Resource Hash: 379d12bc18d8f62fce29f2e976cc9a2f242cf5587489023a82877d465205bb2b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:39 GMT
last-modified: Tue, 22 Sep 2015 10:07:06 GMT
server: nginx
etag: "5601284a-3e47"
content-type: image/gif
cache-control: max-age=864000, max-age=864000
accept-ranges: bytes
content-length: 15943
expires: Wed, 30 Nov 2022 02:49:39 GMT

GET
H2 200 zsu_help.png
stud.com.ua/images/ 202 KB
202 KB 64ms
62ms Image
image/png 5.45.72.163
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stud.com.ua/images/zsu_help.png
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS: mx.ebrary.net
Software: nginx /
Resource Hash: f716e51a722e337c511181483abd9bc0d21b9b80a0ce1878949d691cf84fcbb2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:39 GMT
last-modified: Mon, 28 Mar 2022 13:22:15 GMT
server: nginx
etag: "6241b687-327fe"
content-type: image/png
cache-control: max-age=864000, max-age=864000
accept-ranges: bytes
content-length: 206846
expires: Wed, 30 Nov 2022 02:49:39 GMT

GET
H2 200 studlancer_form.js Show response
studlancer.net/images/chat/ 254 KB
88 KB 209ms
58ms Script
application/javascript 5.45.73.237
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://studlancer.net/images/chat/studlancer_form.js
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.45.73.237 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS: mx.studlancer.net
Software: nginx /
Resource Hash: 869802b0676ae800709c65ef9d689d7c2bc3693247ecae342431a8cb5caf4d23

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
content-encoding: gzip
last-modified: Fri, 09 Sep 2022 10:32:28 GMT
server: nginx
etag: W/"631b163c-3f691"
content-type: application/javascript
cache-control: max-age=864000, max-age=864000
expires: Wed, 30 Nov 2022 02:49:40 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 207ms
64ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 hb_307789_6902.js Show response
player.adtcdn.com/prebidlink/452998/ 328 KB
97 KB 333ms
229ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 273de9ace5c4e83c3d0e5d2c04140ad012e8a83c36b5bd1a78e709fe699f64ad

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 21 Oct 2022 12:24:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63528f93-51e32"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7yRialywKXkIHsx3GN9Oy4gP5u1baVQvPuAHr%2BN%2BSTlObyQ0ALRdAGP49kXtH%2BWujrfXn%2FfltYET9CxGOkOcqGcg21NebThcUL9qCFhkqjmKpvf02aKabckrOEca%2FUFVt4zC6R5NCZmr%2B2%2BvE%2F4rqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 76cddfa95af17783-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 20 Nov 2022 03:04:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 181ms
56ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 20 Nov 2022 01:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5626
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 20 Nov 2022 03:15:54 GMT

GET
H2 200 hb_307789_6902.js Show response
player.adtelligent.com/prebidlink/463586/ 328 KB
100 KB 241ms
112ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/463586/hb_307789_6902.js
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: f9aa32f54935801cd898f3b9dddf31d089f79ee8c32dd065e9ef2da000b738b3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Tue, 22 Nov 2022 02:49:40 GMT
date: Sun, 20 Nov 2022 02:49:40 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 12:24:51 GMT
server: nginx
etag: W/"63528f93-51e32"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 12 KB
5 KB 227ms
63ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e8df00ca4316220add7106763cd4045d2e7cdb23cc3503223281f9a78f2fefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4918
x-xss-protection: 0
server: sffe
etag: "1397 / 919 of 1000 / last-modified: 1668522029"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 20 Nov 2022 02:49:40 GMT

GET
H2 200 wrapper_hb_307789_6902.js Show response
player.adtelligent.com/prebidlink/463586/ 2 KB
1 KB 325ms
196ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/463586/wrapper_hb_307789_6902.js
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 9abd094046fa97cc586eb240ff157b0dac4061ae7e0f5149282c285c083e547b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Tue, 22 Nov 2022 02:49:40 GMT
date: Sun, 20 Nov 2022 02:49:40 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 16:00:28 GMT
server: nginx
etag: W/"63765a9c-6c4"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 branding_overheader.png
stud.com.ua/templates/agrid/_adv/ 22 KB
22 KB 63ms
62ms Image
image/png 5.45.72.163
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stud.com.ua/templates/agrid/_adv/branding_overheader.png
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/templates/agrid/css/agrid.css?1665682626
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS: mx.ebrary.net
Software: nginx /
Resource Hash: 2a2e7a9db175f0bb293280acdeca9691ebdd13f07d4e4bbd5eae58296e38432e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/templates/agrid/css/agrid.css?1665682626
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:39 GMT
last-modified: Sun, 12 Apr 2020 22:12:36 GMT
server: nginx
etag: "5e939254-57e7"
content-type: image/png
cache-control: max-age=864000, max-age=864000
accept-ranges: bytes
content-length: 22503
expires: Wed, 30 Nov 2022 02:49:39 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
204 B 61ms
61ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1053111039&t=pageview&_s=1&dl=https%3A%2F%2Fstud.com.ua%2F&ul=en-us&de=windows-1251&dt=%D0%9F%D1%96%D0%B4%D1%80%D1%83%D1%87%D0%BD%D0%B8%D0%BA%D0%B8%20%D0%B4%D0%BB%D1%8F%20%D1%81%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%82%D1%96%D0%B2%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=801309287&gjid=1534138516&cid=1876514594.1668912580&tid=UA-160007486-1&_gid=788317036.1668912580&_r=1&_slc=1&z=1539589142

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://stud.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/ 79 KB
26 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt.js?gmeid=31070895

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07d90eb50e725a6351f6d54f81dc6c2285ea5bd838941f8d642c6aa7a927ac18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26063
x-xss-protection: 0
server: cafe
etag: 590 / 19316 / m202211140101 / config-hash: 6293650363292995516
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 02:49:40 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/ 354 KB
116 KB 199ms
89ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9237573666471195&plah=stud.com.ua&bust=31070924

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9237573666471195

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02afd1162542e3ac4fa9e3a3cd7b3c9b552f30a274e34fd5da7b2533192b9c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119220
x-xss-protection: 0
server: cafe
etag: 1999672339182797297
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 02:49:40 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame F8DF 10 KB
5 KB 170ms
53ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9237573666471195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stud.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 42844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 14:55:36 GMT
etag: 10353107486223812946
expires: Sat, 03 Dec 2022 14:55:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/ 381 KB
119 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt.js?gmeid=31070895

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0911114c06f36fc0ea55a0128370fda466aa9191178fe2e0a68c10b76af0d6b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 18:30:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29932
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121895
x-xss-protection: 0
server: cafe
etag: 2218797150741291170
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 19 Nov 2023 18:30:48 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 210 B
127 B 179ms
63ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=stud.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt.js?gmeid=31070895

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039916483235401902b27c593c789ecd8bb22e991c73bfc660bdabf5002d825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102
x-xss-protection: 0
expires: Sun, 20 Nov 2022 02:49:40 GMT

GET
H2 200 hbw_master_307789_6902.js Show response
player.adtelligent.com/prebidlink/19316/ 157 KB
33 KB 63ms
62ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/19316/hbw_master_307789_6902.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/463586/wrapper_hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 443836f1788048fb1f5b855fac8935b6abf7437af73f1203466032e9e63ca587

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Tue, 22 Nov 2022 02:49:40 GMT
date: Sun, 20 Nov 2022 02:49:40 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 16:00:28 GMT
server: nginx
etag: W/"63765a9c-27354"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/uk/ 1 KB
2 KB 179ms
56ms Image
image/png 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/uk/branding.png

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

977182d44117dcbc0b90e30401c67661f3ed69e442d20e4a91244fca5fa62324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 09:44:44 GMT
x-content-type-options: nosniff
age: 61496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1500
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 19 Nov 2023 09:44:44 GMT

GET
H2 200 icons.png
stud.com.ua/share/ 3 KB
4 KB 57ms
57ms Image
image/png 5.45.72.163
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stud.com.ua/share/icons.png
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS: mx.ebrary.net
Software: nginx /
Resource Hash: d690786187fce6782d9d8fd0cbf3bb49dd2859084aea2e4c4507df3637686ac0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
last-modified: Mon, 15 Oct 2018 13:17:56 GMT
server: nginx
etag: "5bc49384-dc8"
content-type: image/png
cache-control: max-age=864000, max-age=864000
accept-ranges: bytes
content-length: 3528
expires: Wed, 30 Nov 2022 02:49:40 GMT

GET
H2 200 back_order.png
stud.com.ua/images/ 3 KB
3 KB 57ms
57ms Image
image/png 5.45.72.163
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stud.com.ua/images/back_order.png
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS: mx.ebrary.net
Software: nginx /
Resource Hash: 4676429835a2b8c9f18b8ac4f303fed85374c183999e7b6d3a0817b85bb56f0c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
last-modified: Tue, 22 Sep 2015 10:06:59 GMT
server: nginx
etag: "56012843-bde"
content-type: image/png
cache-control: max-age=864000, max-age=864000
accept-ranges: bytes
content-length: 3038
expires: Wed, 30 Nov 2022 02:49:40 GMT

GET
H2 200 buttons_order.png
stud.com.ua/images/ 8 KB
8 KB 58ms
57ms Image
image/png 5.45.72.163
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stud.com.ua/images/buttons_order.png
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.45.72.163 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS: mx.ebrary.net
Software: nginx /
Resource Hash: 31a92da3d2476f7a4b87e23ab4a82f0189b58af3491ad67be26dc0920e807b2b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
last-modified: Tue, 22 Sep 2015 10:07:01 GMT
server: nginx
etag: "56012845-203d"
content-type: image/png
cache-control: max-age=864000, max-age=864000
accept-ranges: bytes
content-length: 8253
expires: Wed, 30 Nov 2022 02:49:40 GMT

GET
H3 200 ppub_config
securepubads.g.doubleclick.net/pagead/ 0
0 131ms
71ms Fetch
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 20 Nov 2022 02:49:40 GMT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 135 B
402 B 350ms
43ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hbw_master_307789_6902.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: cc64d1756f7ea9bbd51bb9a79776949b84d251159bea5c0a4fc9f5f037925eb4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 20 Nov 2022 02:49:40 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://stud.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 135

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
428 B 350ms
44ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=307789&site_id=6902&pbjsv=v6.25.1-c&full_page_url=https%3A%2F%2Fstud.com.ua%2F&adid=orgkl7.q8&features=81952&vpbv=N097&lifecycle_tte=915
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hbw_master_307789_6902.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 20 Nov 2022 02:49:40 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://stud.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/307733/ 2 KB
1 KB 171ms
56ms XHR
application/json 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/307733/config.json?cb=https%3A%2F%2Fstud.com.ua%2F
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 1581977aa39ca8d934cfd40ab9ae68a1de0b4bf3db0c30f0d7345d53440bdeb1

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

expires: Tue, 22 Nov 2022 02:49:40 GMT
date: Sun, 20 Nov 2022 02:49:40 GMT
content-encoding: gzip
last-modified: Sat, 19 Nov 2022 12:01:21 GMT
server: nginx
etag: W/"6378c591-803"
content-type: application/json
access-control-allow-origin: https://stud.com.ua
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
699 B 198ms
62ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=stud.com.ua&callback=_gfp_s_&client=ca-pub-9237573666471195&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9237573666471195&plah=stud.com.ua&bust=31070924

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ccf37dbf96565a4744e0d77bcfafb2eb8d61d67957fed64a319fdd3141fa420

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 200ms
64ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=stud.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 185ms
76ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=stud.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B4AB 113 KB
36 KB 786ms
676ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9237573666471195&output=html&adk=1812271804&adf=3025194257&lmt=1668855603&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fstud.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668912580232&bpp=4&bdt=371&idt=332&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=49064145484&frm=20&pv=2&ga_vid=1876514594.1668912580&ga_sid=1668912581&ga_hid=1053111039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070924%2C31061690&oid=2&pvsid=1822966521601445&tmod=1688213269&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=351

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39604e20e528380300c145e0326b87302a09020a017c9dffa359a069cc0d3b44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stud.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 37158
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 02:49:41 GMT
expires: Sun, 20 Nov 2022 02:49:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9409 75 KB
23 KB 341ms
239ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5656744916850703&output=html&h=624&slotname=1742221966&adk=154644959&adf=2205867349&pi=t.ma~as.1742221966&w=330&cr_col=1&cr_row=7&lmt=1668855603&rafmt=9&format=330x624&url=https%3A%2F%2Fstud.com.ua%2F&crui=pub_control_text_card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668912580311&bpp=18&bdt=449&idt=275&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=49064145484&frm=20&pv=2&ga_vid=1876514594.1668912580&ga_sid=1668912581&ga_hid=1053111039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070924%2C31061690&oid=2&pvsid=1822966521601445&tmod=1688213269&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=X6nhPleLZa&p=https%3A//stud.com.ua&dtd=280

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ae1579dca85975993d4c278b24490bc08a05c9a04526bebbfbe6f8ceb20e731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stud.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 23242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 02:49:40 GMT
expires: Sun, 20 Nov 2022 02:49:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 524 B
296 B 93ms
93ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1822966521601445&correlator=29747456453042&eid=31070895%2C31061690&output=ldjh&gdfp_req=1&vrg=202211140101&ptt=17&impl=fifs&iu_parts=21931593928%2Cstud_rich&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&adks=2017733276&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1668912580788&lmt=1668855603&dlt=1668912579862&idt=604&adxs=10&adys=3711&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fstud.com.ua%2F&frm=20&vis=1&psz=1580x1200&msz=1x-1&fws=4&ohw=1580&ga_vid=1876514594.1668912580&ga_sid=1668912581&ga_hid=1053111039&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a850379c69109f62304d9ef74d33cee0182b39ed66318bd31d10896e8c07958f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 266
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stud.com.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 80F7 6 KB
3 KB 212ms
62ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stud.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 02:49:40 GMT
expires: Mon, 20 Nov 2023 02:49:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 649 B
656 B 48ms
48ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=534736
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hbw_master_307789_6902.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 3a0b2e1ab74e77678860f9eda0f8b8583f323993a130fba6e8b7884ba4cdb58e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 20 Nov 2022 02:49:40 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://stud.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 350

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
741 B 215ms
107ms XHR
application/json 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.1-c
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: f53c2be11118712a77ab2b34d919824cb9578e1acc6340f156514fe3543e944a

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Nov 2022 02:49:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://stud.com.ua
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 12 KB
13 KB 281ms
134ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 5310f0832e01b69951a4b726dbc1b908803f91b78aa226ecbb27eee35d6304d3

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://stud.com.ua
date: Sun, 20 Nov 2022 02:49:41 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-openrtb-version: 2.3
content-type: application/json

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
907 B 194ms
61ms XHR
application/json 188.42.189.231
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.189.231 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://stud.com.ua
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 243ms
106ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a969dad0183839d5362a32ec879019a&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: eb1f96dd5a504afb0a607e64213438ff5239a03951ca063b2b2367c36f4b1989

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 200ms
64ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a969dad0183839d5362a330cf42019d&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 39d7aa096f8deeac11bbd830c3c28315c7cbc279827dbfb86bfc865562a822f3

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
117 B 243ms
107ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa3321bb70182&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 5635ac252e70572647d559374be4750b3a02f664851e9b382be9b59585bd0f43

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 200ms
64ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa33273520183&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 628d9f993c1dd1ffed1ccf31480dac5792c340abcfe8b5cce6c2c7f5868f9ba1

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 201ms
65ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a332e3ea0191&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: a698dc798f7fbfaa85bc9a2548c6897a73448bf9b5e94c81e80296ea8b087569

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 199ms
63ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a332a9f30190&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: d9d4840b715ac42b6ab57ced3a3de9c0ee17a4165fc05828827edf64030ddfc4

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 200ms
64ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa32e52fc017f&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 9c73cb1b857cd6ed9f11f81d94e53b74a5f0de4e6ed5461142b3ccd7705a0ef7

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 255ms
119ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a969dad0183839d5362a32ec879019a&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 8bd44ab8ece5cf08932d8a88464b7264fd9b5cc2e444cb47b6839d3b3d3dd14c

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
290 B 197ms
62ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a969dad0183839d5362a330cf42019d&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 9c107f1c3b05f94f064b509d73831d7cf996ca9582ef96a18c41ec1c26f95564

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 253ms
118ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa3321bb70182&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e54f13c51bf2891d6e85abdfd68762d0b01064447d7aefd21b69f6896c1f92bf

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 299ms
164ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa33273520183&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 10b5c9ac34f438b6ba1f666215489f0b7df6ccb28b66873892776cf21941e7e5

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 253ms
119ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a332e3ea0191&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 6064376dd2d101705bf6030899190244a59a9a7c7d064e82fcd3cd1d4d593990

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 252ms
117ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a332a9f30190&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 3ee72021b294e4463d1bb9cf22fb5b062f306ac6150ed8cc2e6f0bd7f836186a

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 255ms
121ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa32e52fc017f&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e0cdeb84dad946db1074c0bda0786016205320f7b4fc742b51c38b381865797c

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 250ms
116ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a32f6f7b018d&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: cb2c1858f7b7300c0e2cf05973b7e7e111790bb259717d187ba10eef624838be

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 254ms
120ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa32f02410180&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: dcb60530afb017495b08f620320a6ae51d79d9dbcb593a06e59cfdb0c5cc24df

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 295ms
161ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a32f3782018c&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: db785a42ba5dc5c49955dad604ff85ac4f25882a6d0a909619dc2334dace3ec1

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 256ms
123ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa33012730181&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 4d7d76d24cff60fc24847a49621898e7bbab3509a8362fad2df5fd6780beb2e9

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 260ms
127ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a969dad0183839d5362a32fd91a019c&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 8b8dd3f08d077b9c9c7949fb1c5082946bebf0d58df0369e6ed3639f1348d886

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 258ms
125ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a32e87c3018b&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 66678b4c4a54bea1dc81540f2af12125b7f09ffc3a77af9e96005d52f82d5e1c

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 261ms
128ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a969dad0183839d5362a32db4920198&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e56708b89838e332f7b843688f27a4d28bcd0f4f1268fc71cea58a23fa675160

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 254ms
122ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a32d581d018a&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 53b427aeb95fe1f53cf45b32228e74b72ebaf890b022d6e464b4ca319bcb7713

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 293ms
161ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a969dad0183839d5362a32e1e740199&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 7188fe94c7d4ee4772e56dd094c74ebd3486182e2323e91f921b8c9416045f7f

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 261ms
129ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa32f02410180&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 1d4ee293f01ed18df25cd6e34f00c714550e0ec6e0ee96563c8387518baca0de

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 258ms
127ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a32f3782018c&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: dc4523d96f0aa486216b3c1b4624d1c7e319c7bf9ef68b52789549acdf355d3f

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 291ms
160ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a969dad0183839d5362a32fd91a019c&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 21fde74fd368016144c12d1bf0f8486c9d4eaea7af6fb01016ad3e94608132f8

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 294ms
163ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a332a9f30190&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: ef0b114bd627ee7f7dc4da421d9c37ed3929f1b9d381b020fac7d442da090de9

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 259ms
128ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa32e52fc017f&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 9e324d37d012282f23161ac60e569a6fa1e57d3decae440424e8b960ab3baf36

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 254ms
123ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa33012730181&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 7c8bb08a2058ff070884520e3e22c0344278a07d00e11373e16b51f83b92c975

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 294ms
164ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a32e87c3018b&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 168c790bce25109ea6f5de4218a673a44d789c015d89bf9d7b245e9493680fdb

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 293ms
162ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a969dad0183839d5362a32fd91a019c&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 959aae6765a11f907ca2545deeb82b06d634ea5605be1ef2d141f6d7217716a6

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 301ms
170ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a32e87c3018b&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 2299aeeac368fd2d5c6a747460990c59c72c447a14e3c786a1f6e008aca556e9

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 255ms
125ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa32f02410180&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 6ec28c9bb729f64da5531489131b2ac2c471f11fdc0a5c3d7e590784fb7f93e2

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 255ms
126ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a32f6f7b018d&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: cd5ed0f45c06e7fdc61f53a44260d4a1dd8abd8f0efbe961ffee5b7a36c6845c

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 291ms
162ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96919b0183839d590fa33012730181&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 103b853856bfc76df75179097d28b5a951bba1d982b9e7f8e8ac321935b850c2

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 253ms
124ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a96958d0183839d5d90a32f3782018c&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: dd5263b164623b519d01810c4010be59f5789e0d359add15fd21a8e3bf033541

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 250ms
121ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dad0183839d5362a32d21ee0196&pos=8a969dad0183839d5362a32fd91a019c&cmd=bid&secure=1
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 79e806831d33c6ff3b0ff3f4e03da8a015ca1bbd6c5612e13657ccdeb6fccf54

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
content-length: 62

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
403 B 455ms
336ms XHR
application/json 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
via: 1.1 google
server: nginx
etag: W/"b-OSzRjQUfcriHUprCmY2lR0nxM48"
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
501 B 186ms
68ms XHR
text/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Nov 2022 02:49:40 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://stud.com.ua
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 3 KB
690 B 74ms
74ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e2d28cd54b81a9001c16f540fc7509ce03e1d43c61aef963d581a986cf8396ca

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Nov 2022 02:49:40 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://stud.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 384

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 3 KB
685 B 194ms
73ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: ac5482765476de9f3967da83c41743730b849e7ce79e263ee4e73434285768f9

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Nov 2022 02:49:40 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://stud.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 379

POST
H/1.1 200
OK / Show response
ghb2.adtelligent.com/v2/auction/ 308 B
553 B 185ms
69ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb2.adtelligent.com/v2/auction/
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: c5d758605f202c77326c7d1a11957247217b8389557c0081a6229c617dceb65e

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Nov 2022 02:49:40 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://stud.com.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 247

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 97 KB
19 KB 382ms
263ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

92e4101f248eb6f3e4d62b62bfa4f67fa8ca6d179d6f5047a31c545bcf86bd85

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Nov 2022 02:49:41 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c50ae6a1-5364-462e-81cf-875de3f69caf
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://stud.com.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 161ms
52ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://stud.com.ua
date: Sun, 20 Nov 2022 02:49:40 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
213 B 191ms
74ms XHR
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=23339329073

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 20 Nov 2022 02:49:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://stud.com.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
358 B 190ms
61ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://stud.com.ua
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 25 B
238 B 350ms
141ms XHR
application/json 18.158.77.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.77.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-77-24.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1712e208001d7ac252f9d01725ec54a909400e7dc1f06a93c541dd39c73aabc1

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://stud.com.ua
date: Sun, 20 Nov 2022 02:49:41 GMT
content-encoding: gzip
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate
content-length: 50
content-type: application/json

GET 981e2a0ec1c40493e59b139b8db4f728.gif
cs.admanmedia.com/ Frame AD9A 0
0

GET
H2 200 getuid Show response
eb2.3lift.com/ Frame 3610 37 B
140 B 173ms
60ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D738167%26extuid%3D%24UID
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hbw_master_307789_6902.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://stud.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sun, 20 Nov 2022 02:49:40 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=60779ea3-80b3-40af-9c9e-d679f9723e56

0
404 B

460ms
190ms

Image
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=60779ea3-80b3-40af-9c9e-d679f9723e56
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: HTTP/1.1
Server: 62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 20 Nov 2022 02:49:41 GMT
Server: Adtelligent
Etag: 4aa597f02e2c2245
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=60779ea3-80b3-40af-9c9e-d679f9723e56
date: Sun, 20 Nov 2022 02:49:41 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 151ms
50ms Image
text/plain 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 20 Nov 2022 02:49:40 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H3 200 92d0eacbdd534f81de4b06016912d49f.js Show response
www.gstatic.com/mysidia/ Frame 9409 9 KB
4 KB 163ms
54ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92d0eacbdd534f81de4b06016912d49f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5656744916850703&output=html&h=624&slotname=1742221966&adk=154644959&adf=2205867349&pi=t.ma~as.1742221966&w=330&cr_col=1&cr_row=7&lmt=1668855603&rafmt=9&format=330x624&url=https%3A%2F%2Fstud.com.ua%2F&crui=pub_control_text_card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668912580311&bpp=18&bdt=449&idt=275&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=49064145484&frm=20&pv=2&ga_vid=1876514594.1668912580&ga_sid=1668912581&ga_hid=1053111039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070924%2C31061690&oid=2&pvsid=1822966521601445&tmod=1688213269&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=X6nhPleLZa&p=https%3A//stud.com.ua&dtd=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdd929f4e7f24ceca1f21a2548a5b7ed985acf6a294ae92beab97c07558de1fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 04:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4142
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 04:03:32 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9409 2 KB
818 B 201ms
69ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 15:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 15:35:45 GMT

GET
H3 200 0ebba04b8c9cd003a59dc958d7db6169.js Show response
www.gstatic.com/mysidia/ Frame 9409 22 KB
9 KB 166ms
58ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0ebba04b8c9cd003a59dc958d7db6169.js?tag=exit_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed06e8f62a4e88cfb2c286a6d068c158d4a69fa802074ed12c90ad8e786e03e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 09:38:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9472
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 09:38:30 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 9409 23 KB
10 KB 181ms
53ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 15:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 15:35:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9409 3 KB
1 KB 164ms
53ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 19:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25316
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 19:47:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9409 18 KB
7 KB 188ms
61ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 15:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 15:35:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9409 154 KB
48 KB 182ms
63ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Nov 2022 02:49:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9409 0
0 100ms
100ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvC5nxJV5Y7jYLJvC7_UP9dCaoA3jzsOabLeE-cmoEIiU-IezAhABIIK8-HsoAmCVAqAB7am9lyjIAQapAjl9fwCfFqk-qAMByAMCqgTGAU_QBRcYChh6eLaPwpHQF9DS4d6Fs-2ZDkV1ETPWTCmXReaxKgIQUGM08_WHnGAX8TAYiCu0e6PtoV3oPdcSoI5jADeXYC2cYq2XFtkGU9PLqDnJZBwnoK_TwWnKVL8yPRLEZ9Q8Zwi7kM0uopiaUjWog1iLBpgCGme0asJIfcSqRR2FQhJ1PL7cH69rwf6rMsSXVPwGaJz7I3NoCwC-taY1Q0lobGABvLHc2MgXxyHlTqQTcM9U8GhhLNy6PK6-tgzIH1XiR8AE_JOWu48EkgUECAQYAZIFBAgFGASgBjeAB-3hjfcCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQyHLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi01NjU2NzQ0OTE2ODUwNzAzGAA&sigh=W4aI6QCyTbg&uach_m=[UACH]&cid=CAQSGwDq26N9Yasn4UJlOjdd5XdwgmiR7Qo78_WvUxgBIBM&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5656744916850703&output=html&h=624&slotname=1742221966&adk=154644959&adf=2205867349&pi=t.ma~as.1742221966&w=330&cr_col=1&cr_row=7&lmt=1668855603&rafmt=9&format=330x624&url=https%3A%2F%2Fstud.com.ua%2F&crui=pub_control_text_card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668912580311&bpp=18&bdt=449&idt=275&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=49064145484&frm=20&pv=2&ga_vid=1876514594.1668912580&ga_sid=1668912581&ga_hid=1053111039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070924%2C31061690&oid=2&pvsid=1822966521601445&tmod=1688213269&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=X6nhPleLZa&p=https%3A//stud.com.ua&dtd=280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 20 Nov 2022 02:49:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 20 Nov 2022 02:49:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9409 0
0 102ms
102ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHsWuxJV5Y7jYLJvC7_UP9dCaoA3I66yOZsCZxu-hDqbJv5HkJRACIIK8-HsoAmCVAqABuv7h-QLIAQapAnNp6beoUrE-qAMByAMCqgTMAU_QUy8cCht6eLaPwpHQF9DS4d6Fs-2ZDkV1ETPWTCmXReaxKgIQUGM08_WHnGAX8TAYiCu0e6PtoV3oRdQS6I7tDclwsMc-PVq6DdEBTdINQ9pFiPcKXllYxYHJAr8ytdLBJ9Q878jHR80uXRecBTWog9f0hpgC5We0asJIfcSqRx2FQhJ1Pr7cHq9rweuunyEhrB7gktWCIXhFBOp8MexiQWpg8eJoPo7c49IsmBvNWCak09twRfO9kUieBh01LbdJ965iXci1wyfFD8AEsIShh8wDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB66BnoYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQyHLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCogUBNAVAZgWAYAXAbIXHAoaCAASFHB1Yi01NjU2NzQ0OTE2ODUwNzAzGAA&sigh=5NdNBART7_A&uach_m=[UACH]&cid=CAQSGwDq26N9Yasn4UJlOjdd5XdwgmiR7Qo78_WvUxgBIBM&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5656744916850703&output=html&h=624&slotname=1742221966&adk=154644959&adf=2205867349&pi=t.ma~as.1742221966&w=330&cr_col=1&cr_row=7&lmt=1668855603&rafmt=9&format=330x624&url=https%3A%2F%2Fstud.com.ua%2F&crui=pub_control_text_card&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668912580311&bpp=18&bdt=449&idt=275&shv=r20221110&mjsv=m202211140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=49064145484&frm=20&pv=2&ga_vid=1876514594.1668912580&ga_sid=1668912581&ga_hid=1053111039&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1260&ady=592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070924%2C31061690&oid=2&pvsid=1822966521601445&tmod=1688213269&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=X6nhPleLZa&p=https%3A//stud.com.ua&dtd=280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 20 Nov 2022 02:49:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 20 Nov 2022 02:49:41 GMT

GET
DATA 200
OK truncated
/ Frame 9409 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 864daa7d4b7337ff28c466d6aefb03010766043e2cbcb6aaaa82182690464ec9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 63ms
62ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=stud.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 65ms
64ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=stud.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 201 KB
37 KB 427ms
426ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1822966521601445&correlator=3251632224803377&eid=31070895%2C31061690&output=ldjh&gdfp_req=1&vrg=202211140101&ptt=17&impl=fifs&iu_parts=21931593928%2Cstud_970x90%2Cstud_970x90_btm%2Cstud_300x600%2Cstud_300x600_sticky%2Cstud_336x280_right%2Cstud_300x600_right&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=728x90%7C468x60%2C728x90%7C468x60%2C300x600%7C160x600%7C120x600%7C300x250%7C250x250%7C200x200%2C300x600%7C160x600%7C120x600%7C300x250%7C250x250%7C200x200%2C300x250%7C250x250%7C200x200%2C300x600%7C160x600%7C120x600%7C300x250%7C250x250%7C200x200&ifi=4&adks=2356313963%2C3948463034%2C871671332%2C2528135921%2C3365877365%2C3893891016&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Dafa453107775fb54%3AT%3D1668912580%3AS%3DALNI_MbFNp_BDzJ3JocQHfO6h2-N4TBxhw&gpic=UID%3D00000b842a9c9c62%3AT%3D1668912580%3ART%3D1668912580%3AS%3DALNI_MYpK9geF-OJ5497BpGsHGBUfMc0qw&abxe=1&dt=1668912581296&lmt=1668855603&dlt=1668912579862&idt=604&adxs=10%2C333%2C10%2C10%2C1260%2C1260&adys=10%2C3659%2C204%2C565%2C592%2C1216&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C2%7C0%7C0%7C0%7C3&ucis=2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fstud.com.ua%2F&frm=20&vis=1&psz=1580x0%7C926x3372%7C300x0%7C300x200%7C330x3468%7C330x3468&msz=1580x0%7C904x0%7C300x0%7C300x200%7C330x0%7C330x0&fws=4%2C4%2C4%2C516%2C4%2C4&ohw=1580%2C1580%2C1580%2C1580%2C1580%2C1580&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V&ga_vid=1876514594.1668912580&ga_sid=1668912581&ga_hid=1053111039&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f1b67fbe1369c29bbfc916bb111dda07afa9d4ea79d8ac915a9583e7535d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37891
x-xss-protection: 0
google-lineitem-id: 5822238697,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138369551698,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stud.com.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/ 150 KB
51 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211140101/reactive_library_fy2021.js?bust=31070924

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10422dc864b5794f3b1609afe32103070e8faa2e296a161d35f536db34ae5f90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52281
x-xss-protection: 0
server: cafe
etag: 1102200021940384147
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 02:49:41 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 92ms
92ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=1&c=ca-pub-9237573666471195&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070924%2C31061690

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 91ms
90ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=1&c=ca-pub-9237573666471195&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773613%2C31070924%2C31061690

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 63ms
63ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=stud.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 64ms
63ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=stud.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame 3BF8 10 KB
4 KB 54ms
54ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stud.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 22783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 20:29:58 GMT
etag: 10353107486223812946
expires: Sat, 03 Dec 2022 20:29:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 3BF8 4 KB
1 KB 182ms
67ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 20 Nov 2022 02:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 20 Nov 2022 01:34:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Nov 2022 02:49:41 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 3BF8 2 KB
765 B 54ms
53ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 15:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 15:35:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3BF8 0
0 102ms
101ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZqWExJV5Y5TrLKKQjuwP_pW1-A_GvfS5bd2c_sa5EJaCzYWIFhABINfF6y1glQKgAbrhttgDyAEJqQJzaem3qFKxPqgDAcgDywSqBMYBT9DQAGdhLM1cLQycBjNS9jUtt3p-bC6I2sxv0Q3tbrHpeYOj_EqUReP3pfTaV-WGnKdPcz8xEvVu6Ctp5Fa75Rc4VI2wWac4uUArRNyb8U4Wt7CYXDU8a6vH7_8zeCriERvwjYNQlLQ6AY75uTZJt0pU_lkkMTMHeSdbva6Wce96EZeP3PzOyGMQ57C7-4A79Xa4c448jO0YYRP_xAu_LeG3aHQvbjy4_RqPkaXLmbnAMZXSp7pW3eg8Ln_gPqzQdltsZxKwwATpg-m9kgSSBQQIBBgBkgUECAUYBKAGLoAHt7KnL6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMLQH9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTC9AVAYAXAbIXHAoaCAASFHB1Yi05MjM3NTczNjY2NDcxMTk1GAA&sigh=ah4VrEhwW-I&uach_m=[UACH]&cid=CAQSGwDq26N90NLUSaQV2Yo_gY3OGMKzZvdV-7PeEhgBIBM&template_id=484

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 20 Nov 2022 02:49:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 3BF8 23 KB
9 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 15:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 15:35:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 3BF8 3 KB
1 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 19:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25316
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 19:47:45 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 3BF8 18 KB
7 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 15:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 15:35:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3BF8 154 KB
47 KB 185ms
69ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Nov 2022 02:49:41 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame 3BF8 34 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 20:57:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 20:57:33 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/12968836760087777392/ Frame 3BF8 53 KB
53 KB 63ms
63ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12968836760087777392/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f901400aa8b8ecd36e3aa1e1526cfa2a12fb4d592a054a1578ddf08d4d0f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:46:24 GMT
x-content-type-options: nosniff
age: 43397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54126
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 11:35:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 Nov 2023 14:46:24 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6861616422411008110/ Frame 3BF8 2 KB
2 KB 83ms
82ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6861616422411008110/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00c2f6f71af570c619a4188e7298bbbb08064450b631b6ce11b14976501b2c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 07:36:29 GMT
x-content-type-options: nosniff
age: 587592
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1645
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 11:12:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 13 Nov 2023 07:36:29 GMT

GET
DATA 200
OK truncated
/ Frame 3BF8 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f4619ce185ccf419ca790b2eb7ad34cddc2069d0cd074799bba61efd38b4de1

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B9FC 0
0 91ms
90ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5z0a6z9IPm36jkjL2GkIv3nR1aY6mY0KjsuMZOA2STx18wMPcwh0OjiyDhGN79W-xeavRD9iwkcafQpOu2tRGhhDAiiofgg6ce0YGyDT5hdCcdJT8lbhBJpJ7zgYuBNp0kJouVOXOeZcSkGsoNeKX4E31uq7OaI14MsAF_orMGOJBb5A5ntbeTaEigBBuBvr8Uy5UpsKGHxjgT4oAJttDa3rcAA_6a8BAiSlq98bhbhuoHUn97aajfuSZ6WD0WVPwsepCi-rGuu8ZPCbtgz476-mtwrLRtfrE_TkzlZkNVrA1Qy2eYs6i-QLBKLU9&sai=AMfl-YRtJX9rsRScrBlanJIlyy5Dx1DyiY4cEKmwL-eOvAg9axS6BnDQV376Dr6t_3F8radZeeT9F0O0tXzuuDEGL6cTVKns6CkEI-W_RV286KbFWeBfRPEZAXyZjrNNM8fv_w&sig=Cg0ArKJSzPX4QqKam92MEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ Frame B9FC 9 KB
9 KB 189ms
58ms Script
application/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=f76fdb73-e4ab-4c16-a66d-6b3204ded61b
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 1d64da72e542961f701853f75b452ae3885d2c0f781304dfa3d48e52bce99b37

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 20 Nov 2022 02:49:41 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B9FC 154 KB
47 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Nov 2022 02:49:41 GMT

GET
H3 200 container.html Show response
a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 84FA 6 KB
3 KB 175ms
55ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stud.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 02:49:40 GMT
expires: Mon, 20 Nov 2023 02:49:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame FFBC 221 KB
61 KB 206ms
58ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:53 GMT
age: 463248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:53 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame FFBC 14 KB
5 KB 355ms
207ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:53 GMT
age: 463248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:53 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame FFBC 94 KB
28 KB 360ms
212ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:53 GMT
age: 463248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:53 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame FFBC 5 KB
2 KB 377ms
229ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 19 Nov 2022 03:49:42 GMT
age: 82799
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 19 Nov 2023 03:49:42 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame FFBC 40 KB
13 KB 372ms
225ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 19 Nov 2022 02:20:47 GMT
age: 88134
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 19 Nov 2023 02:20:47 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FFBC 6 KB
672 B 185ms
69ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 20 Nov 2022 02:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 20 Nov 2022 01:26:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Nov 2022 02:49:41 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame 3D9E 221 KB
60 KB 293ms
156ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:53 GMT
age: 463248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:53 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 3D9E 14 KB
5 KB 223ms
222ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:53 GMT
age: 463248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:53 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 3D9E 94 KB
28 KB 225ms
224ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:53 GMT
age: 463248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:53 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 3D9E 5 KB
2 KB 235ms
234ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 19 Nov 2022 03:49:42 GMT
age: 82800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 19 Nov 2023 03:49:42 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 3D9E 40 KB
13 KB 236ms
236ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 19 Nov 2022 02:20:47 GMT
age: 88135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 19 Nov 2023 02:20:47 GMT

GET
DATA 200
OK truncated
/ Frame 3D9E 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3518a80277c11ee9e03085b9c8a0f1b28c37834c830aea1b9ff23d176b481a61

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1E90 6 KB
3 KB 135ms
60ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stud.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 02:49:40 GMT
expires: Mon, 20 Nov 2023 02:49:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1A87 6 KB
3 KB 127ms
58ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202211140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stud.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 02:49:40 GMT
expires: Mon, 20 Nov 2023 02:49:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FFBC 3 KB
3 KB 55ms
54ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 19:08:23 GMT
x-content-type-options: nosniff
server: cafe
age: 27678
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Sun, 20 Nov 2022 19:08:23 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FFBC 344 B
368 B 57ms
54ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 10:22:22 GMT
x-content-type-options: nosniff
server: cafe
age: 59239
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sun, 20 Nov 2022 10:22:22 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FFBC 0
0 102ms
99ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CKl_axZV5Y9ToFry89u8Pz5yQiAWdwYj5aNz1t5D-D6Po1_PGARABIIK8-HtglQKgAZW0iNwDyAEJqQJzaem3qFKxPuACAKgDAcgDCqoE7gFP0D2jpFQda4PRo4MDSNs7BuNaSu20rlzdGBekrq6ktV9raqOOFvPnvEka566TsdjYWR4icrg-sTLkHjq6LDduWmFCmcos6zrUy9KGhw04656qSUDXXunu0cKn5QvtyiBGxctv3BA4pzmYrXKMAeZ61nPUncV7EjligQD8--dXD5_tptT2N8tBrbWOIPWyy7N1FNKXBRC7rTj9YG2chmTBeSvG23tsHml5_wIDH3wvgChdF-R9RbRhp7uUyh7Us79y2nGeVkKSy8NHeoTQO9WyZvh7mMTnoLJa6hyY464Wqa3lPi27eIgOEDECJPzawATairOVzgPgBAGSBQQIBBgBkgUECAUYBKAGLoAH08v3I6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPeeFNIIEQiA4YAQEAEYHTICqgI6AoBAgAoByAsBuBPkA9gTDdAVAYAXAbIXHgocCAASFHB1Yi01NjU2NzQ0OTE2ODUwNzAzGOOCdg&sigh=UzTbWIOZ0s0&uach_m=[UACH]&cid=CAQSPADq26N9pegLCE9LZ53PInXCKfwNxbjB2WuemT8ByHVZDHmNV_bGuylNYIxfep4Fl-WRI8Q9ESQOqdSswxgBIBM&template_id=484
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 3721913906934501690
tpc.googlesyndication.com/daca_images/simgad/ Frame 3D9E 67 KB
67 KB 61ms
59ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3721913906934501690

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb71137320fab908f6ba14a42fdae2222c28fe0c2c8d4b592b92b0e3eebebd27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 05:21:10 GMT
x-content-type-options: nosniff
age: 250111
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68991
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 21:20:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Nov 2023 05:21:10 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3D9E 3 KB
3 KB 59ms
57ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 19:08:23 GMT
x-content-type-options: nosniff
server: cafe
age: 27678
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Sun, 20 Nov 2022 19:08:23 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3D9E 344 B
368 B 60ms
57ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 10:22:22 GMT
x-content-type-options: nosniff
server: cafe
age: 59239
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sun, 20 Nov 2022 10:22:22 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3D9E 0
0 182ms
65ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQKNyfn58ylIfDran1v8yTYWppbQNvkeycGzpc4H7SCOjKWpPcJn0hGAxs7YBngH2OjINilrzUqV-LpcVEzHQ-rKczy2A
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3D9E 0
0 102ms
100ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CuInBxZV5Y9XoFry89u8Pz5yQiAWI8b6_bfX58PjSEIy0zKehNxABIIK8-HtglQKgAbKKwaoByAECqQI5fX8AnxapPuACAKgDAcgDCKoE8wFP0CXoEa5CNNCH7iMiZKMYWE8FXu7OfhaCkfhO0CzIJ6ugCyV-fDaY_7APnz-hOioc4MmiGl6PjQV8VIKNI8jvm4wFgeqVxV9lwf1dxbe4eqWFUILsD_ONqzy3TuBiBqQpV1sk2qfQRaD0IWd3cDhYNMTv_LzzlshS9-9-ZQMkoYIXyAQCMEsMwGmRbIZ4sx95gQIa3aUc3xe2KR4MmXBwUMoiNCcZL5zRIvcA3Bap722Mnd8IoYQbB9dvgKOnUkgez6HVrNVB1CLqwLRPKC47AwxscYyRAiMUlNhavLTnV19apXcZVMGPkglxzeAmDBf7ZRvABNXJlLiVBOAEAZIFBAgEGAGSBQQIBRgEoAYCgAe29b7VAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMT5AtIIEQiA4YAQEAEYHTICqgI6AoBAgAoByAsB2BMC0BUBmBYBgBcBshceChwIABIUcHViLTU2NTY3NDQ5MTY4NTA3MDMY44J2&sigh=M1HjMcVNFkg&uach_m=[UACH]&cid=CAQSPADq26N9pegLCE9LZ53PInXCKfwNxbjB2WuemT8ByHVZDHmNV_bGuylNYIxfep4Fl-WRI8Q9ESQOqdSswxgBIBM
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/15561930768931155874/ Frame FFBC 34 KB
34 KB 63ms
63ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15561930768931155874/2076313506083323656

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b76681cd76c0b8c3812f3df33b394e5f7134d4684173e468121a20cd81c8cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 10:36:27 GMT
x-content-type-options: nosniff
age: 144794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34378
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 04:07:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 18 Nov 2023 10:36:27 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13504552595101298885/ Frame FFBC 3 KB
3 KB 69ms
68ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13504552595101298885/downsize_200k_v1?w=100&h=100

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d494ece81e552d23a3d019cfd40524b94a55f776544422a6e12f85324bca6586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:22:00 GMT
x-content-type-options: nosniff
age: 246461
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3341
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 04:04:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Nov 2023 06:22:00 GMT

GET
DATA 200
OK truncated
/ Frame FFBC 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FFBC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38c184f394967660c214922231ff1e641646cb82a18210d8f2016beda14ac5aa

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5CF6 36 KB
16 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 20:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Nov 2023 20:57:51 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F42D 0
0 98ms
98ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CIV8NxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5a1M332_wgYTz9-XrvhE7G8dAC68cPMl_u4sqxRZKJBOnPjFqcV2A4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi01NjU2NzQ0OTE2ODUwNzAzGOOCdg&sigh=2F38AqZENks&uach_m=[UACH]&cid=CAQSPADq26N9pegLCE9LZ53PInXCKfwNxbjB2WuemT8ByHVZDHmNV_bGuylNYIxfep4Fl-WRI8Q9ESQOqdSswxgBIBM
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame F42D 0
0 191ms
64ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gyv1754ktecy7db53tdfvteycrpppe2stk58epe5tnmx6x6vh01ehaqacfty6554q406krh87e7k7t4cwvpfp8absqcxd0b5zkbhjksggpfdpfxgmm5j824mb8c3p9nxdfz1ehm5c50dmdbr7ws6c1c2yar72hd91mefm23jr3aw9t69s0j797yssjg8c4tahh2p1bkxkj4anwgyxxd9ydr1qs36rgr597qs31cbkceekpcnsrmtfpfk9a607bqt9qbengjbg97ffy04818em7rgj59c0ttmaq96mhvqw88fhp2yp1x99vz0qwqr651rcyqte301swz4g646qc82a299t9mkh5a6zs089904hr6sbk82m5zj922pa2ypk9arc3pxbtdn0&b=Y3mVxQAFtFcH_Z48AAQOT1WmW7rALZp9Q-Tv4g
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 20 Nov 2022 02:49:42 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame D004 2 KB
3 KB 170ms
68ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1g7gswr6wacda6gpfeeaffxjbmk1bm3c83tdd6ev6ea2hxqaqkbwwf6mjs83fq7kg7gfq1d8h7k0n8tthhczf0hpqbsegkv6z2r3emy976k87j2ry55exzbm8bnywm8jbkybdqfs68trkwz88pxb8jd160efqwbznzn1qhy29y1f27s2ym4c29tqr6qn0j1tgvxwjzys5btxhr10pr4e3r2cym5zn7b0wwz28myy7mptmjbayvvt95g6ew61v6vwsb0m25bahns5vtawm334dy3qhp1nqm76tazrypxxcpnqn4dezt2qzjexbbx842rbh7xq2gbfza24r2tx6kvhytmpqr80hgbhewztge3jzacjpvkbn8rmmyymq8w2gpkr4vev42nz4z1qm1cxrbcdkg0vkz9x0xyw48bkayf000y7t63d1chjt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%26client%3Dca-pub-5656744916850703%26adurl%3D

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65e723713ddf34410c46252335a5ab2c002391916894d37d44744af57ea20e44

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76cddfb618fd7501-LHR
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 02:49:42 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F42D 3 KB
1 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 19:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 19:47:45 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3DEB 1 KB
643 B 62ms
58ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 65253
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 08:42:09 GMT
etag: 48472445140208031
expires: Sun, 20 Nov 2022 08:42:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame F42D 18 KB
7 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 15:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 15:35:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F42D 0
0 65ms
61ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRsCW-UZFlXT0Yyt04EywDEllq9P_YHNnPaZ1HZ_5LWvf5VG1kn9aVsDGPYb463xvoJY17ik278qZBmshExBy1yr9EzEA
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F42D 24 KB
6 KB 60ms
56ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 385573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Nov 2023 15:43:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F42D 154 KB
47 KB 73ms
69ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Nov 2022 02:49:42 GMT

GET
H2 200 prebidcdn.js Show response
cdn.admixer.net/prebidcdn/ Frame B9FC 214 KB
79 KB 204ms
59ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,schain&ipm=&dev=true&rnd=268435462&hash=2015136538-
Requested by: Host: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=f76fdb73-e4ab-4c16-a66d-6b3204ded61b
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b353cd7f22b22d1880bad88087ce835ed56af66c24d95ef6963977a3dc24b347

Request headers

Referer: https://stud.com.ua/
Origin: https://stud.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Sun, 20 Nov 2022 02:49:42 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 14:20:29 GMT
server: nginx
etag: W/"6376432d-35759"
vary: Accept-Encoding
x-cached-since: 2022-11-17T14:24:08+00:00
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: content-range
cache-control: max-age=31622400
cache: HIT
expires: Sat, 18 Nov 2023 14:24:08 GMT

GET
H2 200 load-gpt.js Show response
cdn.admixer.net/scripts/ Frame B9FC 561 B
601 B 208ms
57ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts/load-gpt.js
Requested by: Host: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=f76fdb73-e4ab-4c16-a66d-6b3204ded61b
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7c1ed20a3a66178e281109e3bf99dd278456eeea71357c6562ebb61aa0c269fe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Sun, 20 Nov 2022 02:49:42 GMT
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 12:25:34 GMT
server: nginx
etag: W/"61e5603e-231"
vary: Accept-Encoding
x-cached-since: 2022-11-10T10:27:45+00:00
content-type: application/javascript
access-control-expose-headers: content-range
cache-control: max-age=31622400
access-control-allow-credentials: true
cache: HIT
expires: Sat, 11 Nov 2023 10:27:45 GMT

GET
DATA 200
OK truncated
/ Frame B9FC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95d7bb4a057513e40255adf2482ae46f6b16aa210d746c678b391734b02fde95

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1E90 0
0 96ms
96ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9GdmxZV5Y9boFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTjAU_QLlFjLt_e4prmFPY670_2GRiO70xFJa0D_zRJgWwLkXeA6VXXFwrlvXgA1upWM7Mo3KJHwaUNQrIwRemFde4n6jy_46IeXyRFJk2x_5S4-8m8_lvzrKnNFK60j1PhVeFm-JZDNCmpBTObVzWSRGcRtHW6Mdx-U-h2-shNVUGenIJDuUFwMlmZlnto-R9ZYmh9p0wxxoCmEaltR3OtvWhCr9pYgeS9Z8_Xe3mXxEyY5oD6Qqouu6Xqls25OBwV_X3WPjPx0NGuVdMaMjDMvB5CNumATf42-Um0pCfmoTB3564H4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU2NTY3NDQ5MTY4NTA3MDMY44J2&sigh=sNje_2_HHtM&uach_m=[UACH]&cid=CAQSPADq26N9pegLCE9LZ53PInXCKfwNxbjB2WuemT8ByHVZDHmNV_bGuylNYIxfep4Fl-WRI8Q9ESQOqdSswxgBIBM
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 1E90 0
0 154ms
64ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jw6j8s0szm2b2s4pznrc281q5cpx9a9mvzv5s8bv12d12bwerqtkw98gws2zsk6dsfmp5tycr8n8e4cskrna655ks7g9qt3mnc25axzcqtaken3rva9xcgatg3v4ehbbjtgw7m9znwp4w34a5xydcnqygvpdq9ernh5dctg0rm5sthtpxefajnm95zsmpyg9esv4zk03wv44cr82swehrm9j7zm8sbgbp07px6q8rgxvew67eyvg13nhrknz3br2gq55tmhpg32e7pnsc3sgpq921dxs91ywfxnc86h1fpym0z5rd5k3b1asnwnz76jz6b5jr801y5jftzava4bx4z03qpnty116sfmfg2ncdqnv5nkmyyc3t6t4hdp61jh50pe3t9vnw&b=Y3mVxQAFtFYH_Z48AAQOT3UvGjqUrMrWhAT1sg
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 20 Nov 2022 02:49:42 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame ED14 2 KB
1 KB 116ms
73ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hdj3td32524rengg48d978xv1nz1mvc787n018phnenpr482x1n30th41n5ehragpe5wvcgdmvtt3xb02v9frazfjwzszhg90fhzwmm12q0v0vz84xezwyxr3fds0e172whwp395771n51rckz5xz77x5v7q4w098cfv036a1tqht4k8z4nswyttazbwbj48cj0vtp1xjz4g4ygpvvqafr642vgdthz39fft70fhfhkswqht14pj7vmr6d5ftjzgm15yvvn4xdshpz8jsh26pfa5h8atg1yhpmdhjt5nf6vqawy37z1ggf9pzv2wkvrpmre647nfzcvymypk9kqggwg25jg308j7ctpgk66fdyf03wwrvs2ffmk42pfqb94072ktp3vb9ncyd6rpwf723d2b8q17ry569vqhm95y3qxxb7zy27at&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6cR6xZV5Y9boFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QLlFjLt_e4prmFPY670_2GRiO70xFJa0D_zRJgWwLkXeA6VXXFwrlvXgA1upWM7Mo3KJHwaUNQrIwRemFde4n6jy_46IeXyRFJk2x_5S4-8m8_lvzrKnNFK60j1PhVeFm-JZDNCmpBTObVzWSRGcRtHW6Mdx-U-h2-shNVUGenIJDuUFwMlmZlnto-R9ZYmh9p0wxxoCmEaltR3OtvWhCr9pYgeS9Z8_Xe3mXxEyY5oD6Qqouu6Xqls25OF4X3O8Bx7SxGFbmwwlToML1qBTvPMeYkH70sNtMMDnKueWreO7PmiIT4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2sjpVT0Npgt8eSmMT--TJp4i320g%26client%3Dca-pub-5656744916850703%26adurl%3D

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c7978ecba905d11d79a3f3c0a4efedb60779a5710261b13813c6507b3ba09d4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76cddfb618fe7501-LHR
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 02:49:42 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 1E90 3 KB
1 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 19:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 19:47:45 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 05D2 1 KB
643 B 59ms
58ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 65253
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 08:42:09 GMT
etag: 48472445140208031
expires: Sun, 20 Nov 2022 08:42:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 1E90 18 KB
7 KB 56ms
54ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 15:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 15:35:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1E90 0
0 64ms
62ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSYpnfVGtgEqiu3MmS3xuile-TYyO_VMfV1lE6_V365s188J73ptrunCthUROAZawjBoP04-kh7mhsoepLzhkRJCr89cg
Requested by: Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1E90 24 KB
6 KB 57ms
55ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 385573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Nov 2023 15:43:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1E90 154 KB
47 KB 75ms
73ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Nov 2022 02:49:42 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 84FA 0
0 101ms
101ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJcPzxZV5Y9PoFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTiAU_QMN5MNQR70gJgYk5dQkp7gUjULVPJ3-CmLz-c_6bKQNIGAx6gFqORWCmnL3zCfTFC986v8uJXToJwStGM1V5Qkv0lHEhY1KRIAszlYRcWK1cRcr-zx4Xz_rk7AH_XLJ4SiKzQagPlbBlMIiMo3HjykvfP9Lyb6bc4QGAw-QlxncSCLZs72Ukv0-xqWCxH3A_v5VKCe7ttAzEYFM0nQQjl3JsTCRLCrAwTrDdHVrWIqeIIg1JcN7L6Pe3hl84l72KSg2mhnCCrIy8tQLtNVd66ufkOkGZQUpaD5xD-hYiU4VjgBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU2NTY3NDQ5MTY4NTA3MDMY44J2&sigh=jsHpqMuMYGA&uach_m=[UACH]&cid=CAQSPADq26N9pegLCE9LZ53PInXCKfwNxbjB2WuemT8ByHVZDHmNV_bGuylNYIxfep4Fl-WRI8Q9ESQOqdSswxgBIBM
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 84FA 0
0 123ms
65ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gjfe907syzb6st5rdyyfvrwc24s6j011nf3km20xz7br4pba9vvdrez2jzjaa4v5x8341rfesr8fk2xd9spztqtpstcsd9qftx4tmqe3wd7h1py3r67psreqpjw14syhpp2q6jbmvkz0dzchw9bfvmt1372raa7bavq42j1przhtz16e9w9tw9tx14hjx5s3c777pxqqeh3nptfvq9fjdvwqyp3qyefhx07qcpmqcptrg53e31dzvc9bmfza07zaxyyy6kj6vj6a3k3f8qqts4n8eszjj272r16jfjkyzv425y1wea41vg71vqyenhpss93y8gaqhe7020bewmfmhte0nvxgajha5npkk6grd41xd214cnkwh7wwymwgrcztfcfhtt0p8&b=Y3mVxQAFtFMH_Z48AAQOT2vheOs0qvPGUYD_RA
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 20 Nov 2022 02:49:42 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame B14D 2 KB
1 KB 103ms
70ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jm2s4k3d4qt7kxhayw6adsx9ta8wb7jbw48mwxffbp8wqec0p0bjbwtcqbnr5ke00b4a107dkx2w2hgvxc34byq99kmmt17yzxawpbzvsvynxtxg62z9pw1p9bepx0ck35gm6cyb8wnkt1snwyvr5pyqf0cx4tv7y03pbp8y7xcmr081806cbz4d1nxwq0dktk11wbstkwd81a4jc604y65tyj706m8nn3hg5wtp40ryknvjeec2qmxaehe8fp5mrwncje8ah5ex5zk0p8mvd3pvan4cq2mt504y78kqahmp8582kz3tj8z3mpk004tf2ng8ctx6hwgyz6ydy8a96se3j527fwzgesh4sk2rsf0tybqxbv7dt9ye6552a5m66ezs874y2s0y6j17xqzxby9dfvk2xnnn5fefy5wex551vdd6kng&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzsU1xZV5Y9PoFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTlAU_QMN5MNQR70gJgYk5dQkp7gUjULVPJ3-CmLz-c_6bKQNIGAx6gFqORWCmnL3zCfTFC986v8uJXToJwStGM1V5Qkv0lHEhY1KRIAszlYRcWK1cRcr-zx4Xz_rk7AH_XLJ4SiKzQagPlbBlMIiMo3HjykvfP9Lyb6bc4QGAw-QlxncSCLZs72Ukv0-xqWCxH3A_v5VKCe7ttAzEYFM0nQQjl3JsTCRLCrAwTrDdHVrWIqeIIg1JcN7L6Pe3h1cwEfbVrBClpG2g9-Wa_soJZX3Owl-HTEKQZwG4X-TzmUFQLoZAPdkvgBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_02GgLx0NQTP470NJmL_LKeKBQ-Kw%26client%3Dca-pub-5656744916850703%26adurl%3D

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

949bfd0b30c650757c02e009a892b6310fa65b904a063ebc7c09cdf2a96ae6c7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76cddfb618ff7501-LHR
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 02:49:42 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 84FA 3 KB
1 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 19:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 19:47:45 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D9A7 1 KB
643 B 62ms
58ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 65253
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 08:42:09 GMT
etag: 48472445140208031
expires: Sun, 20 Nov 2022 08:42:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 84FA 18 KB
7 KB 56ms
53ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 15:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40437
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Dec 2022 15:35:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 84FA 0
0 71ms
67ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSo8Qx7LnVwwBogQcAgGsDUbUMb2ftBf7bHfoIwE6nAD-wdKCAs01hB_6l1MRCkvYlJe39enZv4lUnsLKuZcDnQpTIcow
Requested by: Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 84FA 24 KB
6 KB 57ms
53ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 385573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Nov 2023 15:43:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 84FA 154 KB
47 KB 85ms
82ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Nov 2022 02:49:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FFBC 15 KB
16 KB 171ms
53ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://stud.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 468290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 16:44:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FFBC 15 KB
15 KB 184ms
67ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://stud.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 108538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 20:40:44 GMT

GET
DATA 200
OK truncated
/ Frame F42D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e5bd0de860205475d1b59e10be6ba168924476be298cce645c61e767d9f9f1

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3DEB 35 B
463 B 210ms
65ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEM1i-GdTYs-dDgTLbnmzrDk&google_cver=1&google_push=ASkJ3FacrzpxMvNJgtj-uN5kU8HQbJQC9XKrH-zE0vUNpgK8l-1LMe1B0U_3268RcV0MV-TOLJeqCWMr8Nrkx3nOFr-Spl1U4VQ

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3DEB
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEDjiXXE3tx-fneOnZEPBvuA&google_cver=1&google_push=ASkJ3FYT2jV9F-tSVjcj7C-2bP6lq0gA9KfxqcPtX39fdo0IHDO2SjrtwzwKgF7gMNrHUPNi0tuxJq1utSvUjT9Ve3mK_hSjIbDF
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYT2jV9F-tSVjcj7C-2bP6lq0gA9KfxqcPtX39fdo0IHDO2SjrtwzwKgF7gMNrHUPNi0tuxJq1utSvUjT9Ve3mK_hSjIbDF&google_hm=Q0FFU0VEamlYWEUzdHgtZ...

170 B
188 B

171ms
66ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYT2jV9F-tSVjcj7C-2bP6lq0gA9KfxqcPtX39fdo0IHDO2SjrtwzwKgF7gMNrHUPNi0tuxJq1utSvUjT9Ve3mK_hSjIbDF&google_hm=Q0FFU0VEamlYWEUzdHgtZm5lT25aRVBCdnVB

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 20 Nov 2022 02:49:42 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FYT2jV9F-tSVjcj7C-2bP6lq0gA9KfxqcPtX39fdo0IHDO2SjrtwzwKgF7gMNrHUPNi0tuxJq1utSvUjT9Ve3mK_hSjIbDF&google_hm=Q0FFU0VEamlYWEUzdHgtZm5lT25aRVBCdnVB
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3DEB
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FacIzoM...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FacIzoM...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjAwMjQ5NDIwMDAxMjMzMjMxMzQ1MA%3D%3D&google_push=ASkJ3FacIzoM5uwIXWepGkt7sBroS0gpAXGnTgeyfIlUOeEWqoDu_ZmrpMKVuHRSCA5x8O...

170 B
188 B

65ms
65ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjAwMjQ5NDIwMDAxMjMzMjMxMzQ1MA%3D%3D&google_push=ASkJ3FacIzoM5uwIXWepGkt7sBroS0gpAXGnTgeyfIlUOeEWqoDu_ZmrpMKVuHRSCA5x8Oh0hsYEfF71XUkbuZOlMRNRxxYWQSbq

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjAwMjQ5NDIwMDAxMjMzMjMxMzQ1MA%3D%3D&google_push=ASkJ3FacIzoM5uwIXWepGkt7sBroS0gpAXGnTgeyfIlUOeEWqoDu_ZmrpMKVuHRSCA5x8Oh0hsYEfF71XUkbuZOlMRNRxxYWQSbq
pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Sun, 20 Nov 2022 02:49:42 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 3DEB 43 B
135 B 182ms
63ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEK3tY2HaHqWMCv1d008n97Y&google_cver=1&google_push=ASkJ3FZ2tA3lasKNUe7gRWHedOker21OC04dM8yap42elSNJQK5jk2JZsTRRfnOdCF8D0ueYG5O1Eu4MmUgp0leOEJ4Zxbhr5bqb
Requested by: Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 3cgiec36q2v5oep8ik4ct4rgqaq9ercj

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3DEB
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-FW5FqJLT7Sr-4YVB_mOkg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

106ms
70ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-FW5FqJLT7Sr-4YVB_mOkg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbMD6J7AumreHph7Ddvrp4NEx7Swl483ml6g4IyzoYmReqgAhymhqOyRH4eAWtWCXS7nKzQgkP1wZPVg2Oqi5BszK4_iBnu

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-FW5FqJLT7Sr-4YVB_mOkg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FbMD6J7AumreHph7Ddvrp4NEx7Swl483ml6g4IyzoYmReqgAhymhqOyRH4eAWtWCXS7nKzQgkP1wZPVg2Oqi5BszK4_iBnu
date: Sun, 20 Nov 2022 02:49:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3DEB
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIpfn_amBzKEZdvttrUFwFY&google_cver=1&google_push=ASkJ3FadGNyyy0VvLBGotGvNU-Yl3IxEPSCnS56awTdj4S-maF1Su9G-yd5X_qzLIOyb6AuHksN...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPUkdNNU4tMjItSkRPSw==&google_push=ASkJ3FadGNyyy0VvLBGotGvNU-Yl3IxEPSCnS56awTdj4S-maF1Su9G-yd5X_qzLIOyb6AuHksNTwToaBvtjDLz7sF7JOh3SHmch

170 B
188 B

174ms
65ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPUkdNNU4tMjItSkRPSw==&google_push=ASkJ3FadGNyyy0VvLBGotGvNU-Yl3IxEPSCnS56awTdj4S-maF1Su9G-yd5X_qzLIOyb6AuHksNTwToaBvtjDLz7sF7JOh3SHmch

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPUkdNNU4tMjItSkRPSw==&google_push=ASkJ3FadGNyyy0VvLBGotGvNU-Yl3IxEPSCnS56awTdj4S-maF1Su9G-yd5X_qzLIOyb6AuHksNTwToaBvtjDLz7sF7JOh3SHmch
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3DEB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_hm=Y3mVxu0ej_Lv8WuN8yHpSgAAByEAAAAB&google_nid=index&google_push=ASkJ3FazgUlpNL3xAukMI1nsGP_Csm2Z0taKt...

170 B
188 B

92ms
64ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_hm=Y3mVxu0ej_Lv8WuN8yHpSgAAByEAAAAB&google_nid=index&google_push=ASkJ3FazgUlpNL3xAukMI1nsGP_Csm2Z0taKt9IoFuyfrcUD7FsgZS1IyFMoR_eK4sMT2eYj0GXf-LoAcGXsVTJX2cbEP8C9Zlf-

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TauZjS6dL%2Bl%2Frt7OlUp%2BBnroPW%2BCRssfoLTwNkMsa49nNionxcwv9R5O80LCJurpHZ9F21zOHtW4WURK6fKxeUB7Qkpf6kKUhC5ILOXfPe8AWD6745XtzeWK4G3RV6CjZmbS7gz4m1OT0g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_hm=Y3mVxu0ej_Lv8WuN8yHpSgAAByEAAAAB&google_nid=index&google_push=ASkJ3FazgUlpNL3xAukMI1nsGP_Csm2Z0taKt9IoFuyfrcUD7FsgZS1IyFMoR_eK4sMT2eYj0GXf-LoAcGXsVTJX2cbEP8C9Zlf-
cache-control: no-cache
cf-ray: 76cddfb8ce8575e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3DEB 0
40 B 219ms
66ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JeTLzI56QZUuvgjcd6jt0pht-GybpAztWxoAxx4vzmABe3rOPIMTfGrX7TTbn9B01yAgfS

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame D004 89 KB
11 KB 147ms
96ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g7gswr6wacda6gpfeeaffxjbmk1bm3c83tdd6ev6ea2hxqaqkbwwf6mjs83fq7kg7gfq1d8h7k0n8tthhczf0hpqbsegkv6z2r3emy976k87j2ry55exzbm8bnywm8jbkybdqfs68trkwz88pxb8jd160efqwbznzn1qhy29y1f27s2ym4c29tqr6qn0j1tgvxwjzys5btxhr10pr4e3r2cym5zn7b0wwz28myy7mptmjbayvvt95g6ew61v6vwsb0m25bahns5vtawm334dy3qhp1nqm76tazrypxxcpnqn4dezt2qzjexbbx842rbh7xq2gbfza24r2tx6kvhytmpqr80hgbhewztge3jzacjpvkbn8rmmyymq8w2gpkr4vev42nz4z1qm1cxrbcdkg0vkz9x0xyw48bkayf000y7t63d1chjt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%26client%3Dca-pub-5656744916850703%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g7gswr6wacda6gpfeeaffxjbmk1bm3c83tdd6ev6ea2hxqaqkbwwf6mjs83fq7kg7gfq1d8h7k0n8tthhczf0hpqbsegkv6z2r3emy976k87j2ry55exzbm8bnywm8jbkybdqfs68trkwz88pxb8jd160efqwbznzn1qhy29y1f27s2ym4c29tqr6qn0j1tgvxwjzys5btxhr10pr4e3r2cym5zn7b0wwz28myy7mptmjbayvvt95g6ew61v6vwsb0m25bahns5vtawm334dy3qhp1nqm76tazrypxxcpnqn4dezt2qzjexbbx842rbh7xq2gbfza24r2tx6kvhytmpqr80hgbhewztge3jzacjpvkbn8rmmyymq8w2gpkr4vev42nz4z1qm1cxrbcdkg0vkz9x0xyw48bkayf000y7t63d1chjt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%26client%3Dca-pub-5656744916850703%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 293040
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 16 Nov 2022 17:25:42 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 76cddfb76c03dd17-LHR
expires: 0

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame D004 36 KB
12 KB 68ms
59ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g7gswr6wacda6gpfeeaffxjbmk1bm3c83tdd6ev6ea2hxqaqkbwwf6mjs83fq7kg7gfq1d8h7k0n8tthhczf0hpqbsegkv6z2r3emy976k87j2ry55exzbm8bnywm8jbkybdqfs68trkwz88pxb8jd160efqwbznzn1qhy29y1f27s2ym4c29tqr6qn0j1tgvxwjzys5btxhr10pr4e3r2cym5zn7b0wwz28myy7mptmjbayvvt95g6ew61v6vwsb0m25bahns5vtawm334dy3qhp1nqm76tazrypxxcpnqn4dezt2qzjexbbx842rbh7xq2gbfza24r2tx6kvhytmpqr80hgbhewztge3jzacjpvkbn8rmmyymq8w2gpkr4vev42nz4z1qm1cxrbcdkg0vkz9x0xyw48bkayf000y7t63d1chjt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%26client%3Dca-pub-5656744916850703%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 403777
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 10:39:11 GMT
server: cloudflare
etag: W/"a69f5acd9289c65e67397be142bc2c3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oeGsIEODEgX1QUwz%2FD8jkc%2BCSKb4IBs5GWDoOnre7M5sB7joa3n00zVCj4YrqPMu0d3brcC4JYabrD4x8YeTesritLAP95kIhx3djy3AVJCWemJtjQbATUybcFvwbdJHfbwCqdw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 76cddfb7299c7501-LHR
expires: Tue, 08 Nov 2022 10:40:11 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame B14D 89 KB
11 KB 189ms
147ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jm2s4k3d4qt7kxhayw6adsx9ta8wb7jbw48mwxffbp8wqec0p0bjbwtcqbnr5ke00b4a107dkx2w2hgvxc34byq99kmmt17yzxawpbzvsvynxtxg62z9pw1p9bepx0ck35gm6cyb8wnkt1snwyvr5pyqf0cx4tv7y03pbp8y7xcmr081806cbz4d1nxwq0dktk11wbstkwd81a4jc604y65tyj706m8nn3hg5wtp40ryknvjeec2qmxaehe8fp5mrwncje8ah5ex5zk0p8mvd3pvan4cq2mt504y78kqahmp8582kz3tj8z3mpk004tf2ng8ctx6hwgyz6ydy8a96se3j527fwzgesh4sk2rsf0tybqxbv7dt9ye6552a5m66ezs874y2s0y6j17xqzxby9dfvk2xnnn5fefy5wex551vdd6kng&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzsU1xZV5Y9PoFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTlAU_QMN5MNQR70gJgYk5dQkp7gUjULVPJ3-CmLz-c_6bKQNIGAx6gFqORWCmnL3zCfTFC986v8uJXToJwStGM1V5Qkv0lHEhY1KRIAszlYRcWK1cRcr-zx4Xz_rk7AH_XLJ4SiKzQagPlbBlMIiMo3HjykvfP9Lyb6bc4QGAw-QlxncSCLZs72Ukv0-xqWCxH3A_v5VKCe7ttAzEYFM0nQQjl3JsTCRLCrAwTrDdHVrWIqeIIg1JcN7L6Pe3h1cwEfbVrBClpG2g9-Wa_soJZX3Owl-HTEKQZwG4X-TzmUFQLoZAPdkvgBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_02GgLx0NQTP470NJmL_LKeKBQ-Kw%26client%3Dca-pub-5656744916850703%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jm2s4k3d4qt7kxhayw6adsx9ta8wb7jbw48mwxffbp8wqec0p0bjbwtcqbnr5ke00b4a107dkx2w2hgvxc34byq99kmmt17yzxawpbzvsvynxtxg62z9pw1p9bepx0ck35gm6cyb8wnkt1snwyvr5pyqf0cx4tv7y03pbp8y7xcmr081806cbz4d1nxwq0dktk11wbstkwd81a4jc604y65tyj706m8nn3hg5wtp40ryknvjeec2qmxaehe8fp5mrwncje8ah5ex5zk0p8mvd3pvan4cq2mt504y78kqahmp8582kz3tj8z3mpk004tf2ng8ctx6hwgyz6ydy8a96se3j527fwzgesh4sk2rsf0tybqxbv7dt9ye6552a5m66ezs874y2s0y6j17xqzxby9dfvk2xnnn5fefy5wex551vdd6kng&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzsU1xZV5Y9PoFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTlAU_QMN5MNQR70gJgYk5dQkp7gUjULVPJ3-CmLz-c_6bKQNIGAx6gFqORWCmnL3zCfTFC986v8uJXToJwStGM1V5Qkv0lHEhY1KRIAszlYRcWK1cRcr-zx4Xz_rk7AH_XLJ4SiKzQagPlbBlMIiMo3HjykvfP9Lyb6bc4QGAw-QlxncSCLZs72Ukv0-xqWCxH3A_v5VKCe7ttAzEYFM0nQQjl3JsTCRLCrAwTrDdHVrWIqeIIg1JcN7L6Pe3h1cwEfbVrBClpG2g9-Wa_soJZX3Owl-HTEKQZwG4X-TzmUFQLoZAPdkvgBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_02GgLx0NQTP470NJmL_LKeKBQ-Kw%26client%3Dca-pub-5656744916850703%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 293040
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 16 Nov 2022 17:25:42 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 76cddfb76c04dd17-LHR
expires: 0

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame B14D 36 KB
12 KB 54ms
54ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jm2s4k3d4qt7kxhayw6adsx9ta8wb7jbw48mwxffbp8wqec0p0bjbwtcqbnr5ke00b4a107dkx2w2hgvxc34byq99kmmt17yzxawpbzvsvynxtxg62z9pw1p9bepx0ck35gm6cyb8wnkt1snwyvr5pyqf0cx4tv7y03pbp8y7xcmr081806cbz4d1nxwq0dktk11wbstkwd81a4jc604y65tyj706m8nn3hg5wtp40ryknvjeec2qmxaehe8fp5mrwncje8ah5ex5zk0p8mvd3pvan4cq2mt504y78kqahmp8582kz3tj8z3mpk004tf2ng8ctx6hwgyz6ydy8a96se3j527fwzgesh4sk2rsf0tybqxbv7dt9ye6552a5m66ezs874y2s0y6j17xqzxby9dfvk2xnnn5fefy5wex551vdd6kng&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzsU1xZV5Y9PoFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTlAU_QMN5MNQR70gJgYk5dQkp7gUjULVPJ3-CmLz-c_6bKQNIGAx6gFqORWCmnL3zCfTFC986v8uJXToJwStGM1V5Qkv0lHEhY1KRIAszlYRcWK1cRcr-zx4Xz_rk7AH_XLJ4SiKzQagPlbBlMIiMo3HjykvfP9Lyb6bc4QGAw-QlxncSCLZs72Ukv0-xqWCxH3A_v5VKCe7ttAzEYFM0nQQjl3JsTCRLCrAwTrDdHVrWIqeIIg1JcN7L6Pe3h1cwEfbVrBClpG2g9-Wa_soJZX3Owl-HTEKQZwG4X-TzmUFQLoZAPdkvgBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_02GgLx0NQTP470NJmL_LKeKBQ-Kw%26client%3Dca-pub-5656744916850703%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 403777
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 10:39:11 GMT
server: cloudflare
etag: W/"a69f5acd9289c65e67397be142bc2c3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9PC7yO7ywgY64waXdBNwk4ktq%2BoO1SyaPXYs%2BVd%2Bp18Jvr9nB0apwzI5%2Bg5tSUiXiNJLUYW2TELupWr2YgkUxwmpzlORO1bwZdEH36ZoWyf%2FPFzghrkEWV4SgneAL1v7JLwyJY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 76cddfb7299d7501-LHR
expires: Tue, 08 Nov 2022 10:40:11 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame ED14 89 KB
11 KB 84ms
53ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hdj3td32524rengg48d978xv1nz1mvc787n018phnenpr482x1n30th41n5ehragpe5wvcgdmvtt3xb02v9frazfjwzszhg90fhzwmm12q0v0vz84xezwyxr3fds0e172whwp395771n51rckz5xz77x5v7q4w098cfv036a1tqht4k8z4nswyttazbwbj48cj0vtp1xjz4g4ygpvvqafr642vgdthz39fft70fhfhkswqht14pj7vmr6d5ftjzgm15yvvn4xdshpz8jsh26pfa5h8atg1yhpmdhjt5nf6vqawy37z1ggf9pzv2wkvrpmre647nfzcvymypk9kqggwg25jg308j7ctpgk66fdyf03wwrvs2ffmk42pfqb94072ktp3vb9ncyd6rpwf723d2b8q17ry569vqhm95y3qxxb7zy27at&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6cR6xZV5Y9boFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QLlFjLt_e4prmFPY670_2GRiO70xFJa0D_zRJgWwLkXeA6VXXFwrlvXgA1upWM7Mo3KJHwaUNQrIwRemFde4n6jy_46IeXyRFJk2x_5S4-8m8_lvzrKnNFK60j1PhVeFm-JZDNCmpBTObVzWSRGcRtHW6Mdx-U-h2-shNVUGenIJDuUFwMlmZlnto-R9ZYmh9p0wxxoCmEaltR3OtvWhCr9pYgeS9Z8_Xe3mXxEyY5oD6Qqouu6Xqls25OF4X3O8Bx7SxGFbmwwlToML1qBTvPMeYkH70sNtMMDnKueWreO7PmiIT4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2sjpVT0Npgt8eSmMT--TJp4i320g%26client%3Dca-pub-5656744916850703%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hdj3td32524rengg48d978xv1nz1mvc787n018phnenpr482x1n30th41n5ehragpe5wvcgdmvtt3xb02v9frazfjwzszhg90fhzwmm12q0v0vz84xezwyxr3fds0e172whwp395771n51rckz5xz77x5v7q4w098cfv036a1tqht4k8z4nswyttazbwbj48cj0vtp1xjz4g4ygpvvqafr642vgdthz39fft70fhfhkswqht14pj7vmr6d5ftjzgm15yvvn4xdshpz8jsh26pfa5h8atg1yhpmdhjt5nf6vqawy37z1ggf9pzv2wkvrpmre647nfzcvymypk9kqggwg25jg308j7ctpgk66fdyf03wwrvs2ffmk42pfqb94072ktp3vb9ncyd6rpwf723d2b8q17ry569vqhm95y3qxxb7zy27at&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6cR6xZV5Y9boFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QLlFjLt_e4prmFPY670_2GRiO70xFJa0D_zRJgWwLkXeA6VXXFwrlvXgA1upWM7Mo3KJHwaUNQrIwRemFde4n6jy_46IeXyRFJk2x_5S4-8m8_lvzrKnNFK60j1PhVeFm-JZDNCmpBTObVzWSRGcRtHW6Mdx-U-h2-shNVUGenIJDuUFwMlmZlnto-R9ZYmh9p0wxxoCmEaltR3OtvWhCr9pYgeS9Z8_Xe3mXxEyY5oD6Qqouu6Xqls25OF4X3O8Bx7SxGFbmwwlToML1qBTvPMeYkH70sNtMMDnKueWreO7PmiIT4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2sjpVT0Npgt8eSmMT--TJp4i320g%26client%3Dca-pub-5656744916850703%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 293040
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 16 Nov 2022 17:25:42 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 76cddfb76c02dd17-LHR
expires: 0

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame ED14 36 KB
12 KB 54ms
54ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hdj3td32524rengg48d978xv1nz1mvc787n018phnenpr482x1n30th41n5ehragpe5wvcgdmvtt3xb02v9frazfjwzszhg90fhzwmm12q0v0vz84xezwyxr3fds0e172whwp395771n51rckz5xz77x5v7q4w098cfv036a1tqht4k8z4nswyttazbwbj48cj0vtp1xjz4g4ygpvvqafr642vgdthz39fft70fhfhkswqht14pj7vmr6d5ftjzgm15yvvn4xdshpz8jsh26pfa5h8atg1yhpmdhjt5nf6vqawy37z1ggf9pzv2wkvrpmre647nfzcvymypk9kqggwg25jg308j7ctpgk66fdyf03wwrvs2ffmk42pfqb94072ktp3vb9ncyd6rpwf723d2b8q17ry569vqhm95y3qxxb7zy27at&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6cR6xZV5Y9boFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QLlFjLt_e4prmFPY670_2GRiO70xFJa0D_zRJgWwLkXeA6VXXFwrlvXgA1upWM7Mo3KJHwaUNQrIwRemFde4n6jy_46IeXyRFJk2x_5S4-8m8_lvzrKnNFK60j1PhVeFm-JZDNCmpBTObVzWSRGcRtHW6Mdx-U-h2-shNVUGenIJDuUFwMlmZlnto-R9ZYmh9p0wxxoCmEaltR3OtvWhCr9pYgeS9Z8_Xe3mXxEyY5oD6Qqouu6Xqls25OF4X3O8Bx7SxGFbmwwlToML1qBTvPMeYkH70sNtMMDnKueWreO7PmiIT4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2sjpVT0Npgt8eSmMT--TJp4i320g%26client%3Dca-pub-5656744916850703%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 403777
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 10:39:11 GMT
server: cloudflare
etag: W/"a69f5acd9289c65e67397be142bc2c3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWkkKcaQ2GPLD2U30EBLcG9s7nLV53WdijZzj%2FRdYHl5XrUdu03CoiaCNYu8Pu5bNwEPQkYc5U%2BgCmaEubfRvwmKGs7xWDIt1mTxbiOGQgchTOjoPni8yiVBvtaG6iXnY6zyOKs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 76cddfb739a77501-LHR
expires: Tue, 08 Nov 2022 10:40:11 GMT

GET
DATA 200
OK truncated
/ Frame 1E90 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4492ac465e53794a865f1192c683108aa437df66aca22ad92279882a923e68ee

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 05D2 35 B
463 B 141ms
71ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEM1i-GdTYs-dDgTLbnmzrDk&google_cver=1&google_push=ASkJ3FbiYUF4QK7l-yGRw0zZLMymeI8waTT4q50SaI0nPZgtaFhF8XIsZ05tJjsS9i-i1IcxwVJvEV_rtHX5ejTS4ymtEAfzQ9o

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 05D2 43 B
356 B 196ms
66ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEMLGG4YSmlsSdyeMUWtGG7U&google_push=ASkJ3FbGZNIjeukyaKpYMn8pOTx0n5DYgYqtYAHJzPYFYUyQZrOokkKXIjK92yl9xkO0M5YqwGRaZOYbMXHFR-oH5QjgU5oB4Dg&google_cver=1
Requested by: Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 05D2 43 B
351 B 106ms
62ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEK3tY2HaHqWMCv1d008n97Y&google_cver=1&google_push=ASkJ3FZjSDMCAlYlR-oB_lzBY3hVYWkunoLpVeJgiweemVmrsXjVQXOlq8ZTvn04NIwSE9p0wmLKGLbwDTq8xhm3CLpAWyR3FQ
Requested by: Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:41 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 6mf75perkg3sgajon8o2pgi25eg1vfpm

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 05D2
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GZMItyK5RCCVrd1-IQjMLA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

103ms
67ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GZMItyK5RCCVrd1-IQjMLA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaTGcjgAEJHhnuc9yoA-hEEXhJ9Cp-XCrBEoBUrwb5tt1mojNpbFMbOITlIvxxlWl5lVmKA204id9huwX27VQvS_4SSg1c

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GZMItyK5RCCVrd1-IQjMLA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaTGcjgAEJHhnuc9yoA-hEEXhJ9Cp-XCrBEoBUrwb5tt1mojNpbFMbOITlIvxxlWl5lVmKA204id9huwX27VQvS_4SSg1c
date: Sun, 20 Nov 2022 02:49:41 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 05D2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIpfn_amBzKEZdvttrUFwFY&google_cver=1&google_push=ASkJ3FZxBXsQqN6H7DjpKHZ5SXjKZAiV-V6qlraBlY0WOMohJ05x4SARqZs4N3bDI2CCtyA_RMK...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPUkdNNzQtMVUtNk1TOA==&google_push=ASkJ3FZxBXsQqN6H7DjpKHZ5SXjKZAiV-V6qlraBlY0WOMohJ05x4SARqZs4N3bDI2CCtyA_RMKyfdgtmnpurm3OQq2MrHSAio8

170 B
188 B

140ms
69ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPUkdNNzQtMVUtNk1TOA==&google_push=ASkJ3FZxBXsQqN6H7DjpKHZ5SXjKZAiV-V6qlraBlY0WOMohJ05x4SARqZs4N3bDI2CCtyA_RMKyfdgtmnpurm3OQq2MrHSAio8

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPUkdNNzQtMVUtNk1TOA==&google_push=ASkJ3FZxBXsQqN6H7DjpKHZ5SXjKZAiV-V6qlraBlY0WOMohJ05x4SARqZs4N3bDI2CCtyA_RMKyfdgtmnpurm3OQq2MrHSAio8
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 05D2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_hm=Y3mVxu0ej_Lv8WuN8yHpSgAAByEAAAAB&google_nid=index&google_push=ASkJ3FYGvo0Z9JWb4FCPmOq7eyOMAkO04xD1b...

170 B
188 B

94ms
66ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_hm=Y3mVxu0ej_Lv8WuN8yHpSgAAByEAAAAB&google_nid=index&google_push=ASkJ3FYGvo0Z9JWb4FCPmOq7eyOMAkO04xD1bYZHRnQpxhOd_GROrRqBEShE4ySTOcqF329NOOYG0xIbUruFOXNjVtJbbSQnI0o

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2Fhr%2B9YbwaDuYPt85Nmghc3FPo3hH6LCeKUrFO1DkA7E7XFmQOV35CtPhKWhbuPYiR6MKZ%2F5D8Otnp%2B9aDxo%2Fkhq8qcpejzqNIFkkNjVwHm9v6ZnflyKF3tL%2FjRpQC8RZvfYLhurwtP7Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_hm=Y3mVxu0ej_Lv8WuN8yHpSgAAByEAAAAB&google_nid=index&google_push=ASkJ3FYGvo0Z9JWb4FCPmOq7eyOMAkO04xD1bYZHRnQpxhOd_GROrRqBEShE4ySTOcqF329NOOYG0xIbUruFOXNjVtJbbSQnI0o
cache-control: no-cache
cf-ray: 76cddfb8ce8675e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 05D2 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 05D2 0
232 B 143ms
65ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KxcFVDU44xAfqg2YkDbG2OUOmZtwmiP5YB743f-sVnclOY4pyv0MaNfrxPrWr7k5JKLu_ESg

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 84FA 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4d008c89af76e79e2ee744507b024d51366495d63891c26ab9fc6b8c4ad4efa

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame D9A7 35 B
464 B 125ms
61ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEM1i-GdTYs-dDgTLbnmzrDk&google_cver=1&google_push=ASkJ3FbbSn3KetFhwhJ3xnIvFfcezwEDVehSw4uIVWHGFXhF2B8RaQBXtcUr4i0LpPCMTiNwDv0WSEH-imaXlqaPSLYxB0CZ-Tu7

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D9A7
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FbwydQI...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FbwydQI...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjAwMjQ5NDIwMDAzOTUwODU2Njc3Nw%3D%3D&google_push=ASkJ3FbwydQI08tLnqGjf_S-FVy5tcPwJ8NCEp6ZyP4HX1N64wzKNlhp3qDUCgjQktCMpi...

170 B
188 B

65ms
65ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjAwMjQ5NDIwMDAzOTUwODU2Njc3Nw%3D%3D&google_push=ASkJ3FbwydQI08tLnqGjf_S-FVy5tcPwJ8NCEp6ZyP4HX1N64wzKNlhp3qDUCgjQktCMpidQ3E-336tSHwqiBipI4Tsm1WEtzQwl

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjAwMjQ5NDIwMDAzOTUwODU2Njc3Nw%3D%3D&google_push=ASkJ3FbwydQI08tLnqGjf_S-FVy5tcPwJ8NCEp6ZyP4HX1N64wzKNlhp3qDUCgjQktCMpidQ3E-336tSHwqiBipI4Tsm1WEtzQwl
pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Sun, 20 Nov 2022 02:49:42 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame D9A7 43 B
134 B 101ms
64ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEK3tY2HaHqWMCv1d008n97Y&google_cver=1&google_push=ASkJ3FYWtZhtFWZ9w6-ko3-iSdsvu7Jkq-8l3VTxQd15BOyCY7RCzQw7Jew59YhyxJ2wrZoicyh42CToOr7w14EpGFXZRHSAguFJ
Requested by: Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:41 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 5po1tpndshlt967tlhld9juem8aksl9b

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D9A7
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KVs6u8vqQVmiBJh_fpP4fA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

104ms
68ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KVs6u8vqQVmiBJh_fpP4fA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYFe13VMdMKUD-fojL9oUYzDVh-TZMh4fbHOJLMK9GqoyZZAHsDbC7E7Y1dL3pzh45-c6cqkoQFHRR_vJQY_nZWOZyIM6Lz

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KVs6u8vqQVmiBJh_fpP4fA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYFe13VMdMKUD-fojL9oUYzDVh-TZMh4fbHOJLMK9GqoyZZAHsDbC7E7Y1dL3pzh45-c6cqkoQFHRR_vJQY_nZWOZyIM6Lz
date: Sun, 20 Nov 2022 02:49:41 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D9A7
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIpfn_amBzKEZdvttrUFwFY&google_cver=1&google_push=ASkJ3FaWUenVfwXRMdTm_ZAOrLhQ2Ilsq6vR5DJHbkwSL1vyxcILtndJj2b5qn88E5nALgGDqtA...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPUkdNNzUtWi0xUzhK&google_push=ASkJ3FaWUenVfwXRMdTm_ZAOrLhQ2Ilsq6vR5DJHbkwSL1vyxcILtndJj2b5qn88E5nALgGDqtAg9EQa1mF-tUAHOwbXIx1Ojeaw

170 B
188 B

141ms
69ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPUkdNNzUtWi0xUzhK&google_push=ASkJ3FaWUenVfwXRMdTm_ZAOrLhQ2Ilsq6vR5DJHbkwSL1vyxcILtndJj2b5qn88E5nALgGDqtAg9EQa1mF-tUAHOwbXIx1Ojeaw

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFPUkdNNzUtWi0xUzhK&google_push=ASkJ3FaWUenVfwXRMdTm_ZAOrLhQ2Ilsq6vR5DJHbkwSL1vyxcILtndJj2b5qn88E5nALgGDqtAg9EQa1mF-tUAHOwbXIx1Ojeaw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D9A7
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_hm=Y3mVxu0ej_Lv8WuN8yHpSgAAByEAAAAB&google_nid=index&google_push=ASkJ3FaA83jEejUHvspAVPytQHb6TOgg61cO7...

170 B
188 B

96ms
66ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_hm=Y3mVxu0ej_Lv8WuN8yHpSgAAByEAAAAB&google_nid=index&google_push=ASkJ3FaA83jEejUHvspAVPytQHb6TOgg61cO7NEP1lK8hG8PxbZtAsUq2fWx2KtJaL4q8KBET4JXT8Gs-fteX5aUlI8IX9NKoUZ8

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srQR9xCVd7jWZRmxx1UeNJZA1zkYNrYDLVSqYQYV2JvBePR5%2FpdvR17Ih4Sqp0U8wKapDdG%2FkD%2BfOfjk1k0%2FHKMdOZyURBK63IUDgbjnNYjBi6boG4s%2BuYY7unRCGREDcuEu9HLJVvQq7g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEA6rOO0n200H8tlLxxYXO-M&google_hm=Y3mVxu0ej_Lv8WuN8yHpSgAAByEAAAAB&google_nid=index&google_push=ASkJ3FaA83jEejUHvspAVPytQHb6TOgg61cO7NEP1lK8hG8PxbZtAsUq2fWx2KtJaL4q8KBET4JXT8Gs-fteX5aUlI8IX9NKoUZ8
cache-control: no-cache
cf-ray: 76cddfb8ce8875e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame D9A7 43 B
297 B 240ms
46ms Image
image/gif 2a05:d01c:1d8:8101:d786:ef20:82e3:39f7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHTaCi-50UPdRlZ_whdeZNE&google_cver=1&google_push=ASkJ3FZRFVAWXgbQfIT-mPFcdHTRDh_9r--J8kXMBS0fQgXWgLJvb44fjIjhPKANpwAp8zj8jyeHrcWgCk9MNY0SDDVRS7abDk7t
Requested by: Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:d786:ef20:82e3:39f7 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D9A7 0
49 B 137ms
65ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IxkhTs5pCIEqfSVgk1wlUbhWP0sIaUpXHf4eCXXAfgUfqMkMJ2yUl1boDug1oN74oh9Yqo

Requested by

Host: a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
URL: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
222 B 90ms
90ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19316/hbw_master_307789_6902.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://stud.com.ua
Date: Sun, 20 Nov 2022 02:49:42 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9409 42 B
64 B 209ms
93ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsux8nZFOjCBN7DG3urhW-0KlYsv9P8mqDTs6WbLq0uPhhcxzqmrlzaJ_kQPYYnrbyM5IM-ETBjsQqmuxzMFBnnbcMKaeE8eLL2pqZUcGzRmVG7XWbByKFNlLPi0L2tKZg3mZCBxuw&sai=AMfl-YSuO9q6jJuUFi9UbLs2bVAWL0XmFjDh1QVsGc5-Z40QZbE88P9XuiiwpD_7khhjxZRpoN8_fTIsrmIjcpA&sig=Cg0ArKJSzPFhEb9U56G-EAE&cid=CAQSGwDq26N9Yasn4UJlOjdd5XdwgmiR7Qo78_WvUxgBIBM&id=lidar2&mcvt=1073&p=17,1,316.5,331&mtos=1073,1073,1073,1073,1073&tos=1073,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=154644959&rs=2&la=0&cr=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668912580592&rpt=709&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 3D9E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

64ms
63ms

Image
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H3
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Sun, 20 Nov 2022 02:49:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B9FC 78 KB
27 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts/load-gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43973ee0ee121287cca23c16a48de9fce9a5701eaa6724be93d702654a9677f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27247
x-xss-protection: 0
server: sffe
etag: "1397 / 271 of 1000 / last-modified: 1668812924"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 20 Nov 2022 02:49:42 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame ED14 3 KB
4 KB 159ms
55ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29442542
x-guploader-uploadid: ADPycdvQu8rzdRrs97enjvGnGemL_nNn_z_RSZB83DHfe2cfB-xpEUBD4BQhQyZG4qi6ZI9TUspp2S0YgzaqlNWuYIyIg2GVkA
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wSFN7obQfrR%2Bqb4Cekk6RWHHEVOauQMVerj%2FDqFx7IO%2BnGwPmzkuHew0iQX%2FFeFFTH2ip0lGvv1h5UePkrL9tAFAONGN8yaN%2FJsV7mMKyjTvPssnY5MQ101csCYYmhC6lKw%2F8oyAGHwjswXtpmdgVA8F"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 76cddfb97ffc72a2-LHR
expires: Wed, 14 Dec 2022 08:20:40 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame C90F 2 KB
1 KB 58ms
57ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1631319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 76cddfb90d25dd17-LHR
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 20 Nov 2022 02:49:42 GMT
expires: Wed, 26 Oct 2022 23:22:52 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwoqJRKWRr5Oly8zJ9bwa8FoL7mYT38s8PGPH7eVOq4HNrUsnwrZQh17SHrbI6%2FvVZ4eeLVsBoN37eA4xNNds5HJGa5DYMgvXe18LqohmTnaveNFCERXz%2BlxHPiCMaIralG0XEc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame D004 3 KB
3 KB 128ms
63ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29442542
x-guploader-uploadid: ADPycdvQu8rzdRrs97enjvGnGemL_nNn_z_RSZB83DHfe2cfB-xpEUBD4BQhQyZG4qi6ZI9TUspp2S0YgzaqlNWuYIyIg2GVkA
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwYNIu39vRH1VeEcOnNSQo0C8NpZ0qgUIuV2OQTSKZhSflWx0wlLSTV%2FbDXkNaav7NB3Gb%2FNRgwB45qJDOSeAd58uS%2F7FjNoSivbacFpOCG2StPfAgBvNO2a3zhDJhozPSgDIpTTPB9j3WkVr381MikI"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 76cddfb97ffd72a2-LHR
expires: Wed, 14 Dec 2022 08:20:40 GMT

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ Frame B9FC 42 B
501 B 57ms
56ms XHR
text/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,schain&ipm=&dev=true&rnd=268435462&hash=2015136538-

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Nov 2022 02:49:42 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://stud.com.ua
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame B14D 3 KB
3 KB 102ms
56ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29442542
x-guploader-uploadid: ADPycdvQu8rzdRrs97enjvGnGemL_nNn_z_RSZB83DHfe2cfB-xpEUBD4BQhQyZG4qi6ZI9TUspp2S0YgzaqlNWuYIyIg2GVkA
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TJqFr1jWhmFHXOwLC0MPSLhxmS%2BHXylUlKRBUc7l5o8ZZ%2BBYRlSqyRihOpUy6fE6yRIMomemAfoBbg3yBjQcp%2BB8BVJ60qvu5B638o7wOTtJDYDZWbMx7JzmRzul7gTevUcBZXzK%2BQcC72boGd%2BLVer"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 76cddfb97fff72a2-LHR
expires: Wed, 14 Dec 2022 08:20:40 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 89A7 2 KB
1 KB 56ms
56ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1631319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 76cddfb93d4ddd17-LHR
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 20 Nov 2022 02:49:42 GMT
expires: Wed, 26 Oct 2022 23:22:52 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwGWihfa8gOww93BgGRgWyww3czV8SqNPQzJFKTB03%2Ffk9wKGuWBYt8dlK6yPjmVd2UEG68Gng2qfYUw%2BMizzyUZ44PjgmAWZFuaafEoFMX5kLgfQ41zIqGSNkaABUlWqoIRMDA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B9FC 381 KB
129 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 23:25:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12225
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 19 Nov 2023 23:25:57 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame B9FC 210 B
127 B 63ms
62ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=stud.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039916483235401902b27c593c789ecd8bb22e991c73bfc660bdabf5002d825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102
x-xss-protection: 0
expires: Sun, 20 Nov 2022 02:49:42 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 7BC0 2 KB
1 KB 52ms
51ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1631319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 76cddfb94d5edd17-LHR
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 20 Nov 2022 02:49:42 GMT
expires: Wed, 26 Oct 2022 23:22:52 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MxqJ0L1jeVx13C4LkSL%2BbdL6rDeqDSbgzh%2FW7vE66QjWFIedepPl1%2B%2FRkMleV9wudyQMM95tYbEPe1xLNXqb4IyCcrThbg%2BZMoHNdudTRU07crcqgMl6eObPASNt%2FKb%2BKt5emA4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame ED14 1 KB
2 KB 69ms
68ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e49cb8d4ed5be7117e80a0cbf962dd1b692493ce77f3cdb546f72757ca4004d3

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IamZmB8Zw9TEoMsk%2Bdp6E9JTsmVC%2FJ94RmqfJWWfEb%2FPfTiBTucF%2FrpAAbmb1Us%2FKO6DknOk2S91NQkdGgXXzxxnkKtnvQS%2B89JLpaDCUfhdVuu%2Fav5K2KbGEWaA3ArMiV2dYLM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 76cddfba3b47dd7a-LHR
x-backend-server: aa-reachservice-group-europe-west1-v578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 113ms
65ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76cddfb9cb02dd7a-LHR
content-length: 24
content-type: text/plain
date: Sun, 20 Nov 2022 02:49:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSGB766V0FVd3nXN3nvGKJfqucjxKWwUkdDUxd3GBkRcLAAfjCX%2F4yWInMgDR1h3svTTh0r8lEBBt4gp8Ah2bonRS1VNmfWF861YV5jZ6e8AlytnLLDTI6QGfSoNGzlrUL%2F8LuU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-v578

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ Frame B9FC 0
238 B 55ms
54ms Ping
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary4dAa6KakW0wogsqq

Response headers

Access-Control-Allow-Origin: https://stud.com.ua
Date: Sun, 20 Nov 2022 02:49:42 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

POST
H3 200 rs Show response
ad4m.at/ Frame D004 1 KB
2 KB 70ms
70ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0b32638f9618f00199de9e38d7e4c93df186ed8836d161d26ac7f248bb3ad38

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaVhbfYtrlT78Ax6vgEEHyV1fap7jYNJVkcx9sFweTWQzIYoviyPln2oUaXjzJytdxcazksQJrnhitA%2Fwl9aQgziZUZut7W1X73GpxzeKWqKPOJO1eaOswYy1z8hRj4Y4%2Bad3ZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 76cddfba3b4add7a-LHR
x-backend-server: aa-reachservice-group-europe-west1-v578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 93ms
67ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76cddfb9cb05dd7a-LHR
content-length: 24
content-type: text/plain
date: Sun, 20 Nov 2022 02:49:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bM%2F9eJ4OgD4KZG%2B2YAxE8ENKSwyOR8qBqq9SsvLiinY2j6PdsnZAHNYDjsD8arqZoQMzrf0rYnPwsecyE2xUCwtFpBCxEUcwWxaCgZx2OBW%2B7MdDfSHmgFe4dxN9apCQgfevBuU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-r18q

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 78ms
66ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76cddfb9cb04dd7a-LHR
content-length: 24
content-type: text/plain
date: Sun, 20 Nov 2022 02:49:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQPvc%2B7NEkSZmdDfnECdy50GJI7S7aQ2ysskMTFxRNCBaVeZNg6aUihhRhze%2BK%2BBVheovenyjVjvnbnO9r30zzjg7e4VwpQVGUoz1YWouwwHn9kBZPkkGp%2Fars6xdugV0KwAAmk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-v578

POST
H3 200 rs Show response
ad4m.at/ Frame B14D 1 KB
2 KB 65ms
64ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bed4cf0a63ad9b4c67cbb6357e88c01d34c2065485df7557651fcdd42f931e5

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkeQ36k6Qp%2Br2w8lEmomR3%2BO%2FCc9Dj2lPVX9kFaJmqTltEd0duEAF6rNIbxt6Yfo0%2BMbt9NGb86xNR5nN82Glcr8Zyk2di9j8Y9tpWD9Mejih6rAV0Dw3bda8OoGRW2zesm4edM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 76cddfba3b49dd7a-LHR
x-backend-server: aa-reachservice-group-europe-west1-r18q
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B9FC 0
0 90ms
90ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvbB2F0F1l35KZhV0g9De3xGIkS8YnEPYnc4WrjhnGbIIuv3a8ZY_w19kJhloQfQCyALP4A0sDQGAK3vsz5-u7cqexSpnCzM_tL43iLCZd-tDAxiRUJrZ5fbF3FUNi2K1xZdpnkYblPgtu4Bc_0pYndoNRGHAnpFz2KuF9ktZvITumbrzoZemzb7Hfeeo4g9ZO0JoHHVxXolIJ_jft6oCxafJ_t1BSNxYYzrp-eGMTOWISsz3d8fNZoG-ywG2cSsAqLPBk3CAqqhHMaLiZMzHFsTkLNPVyHAoAuWnUaFfD6nxj0SLK3yMHyvnUOrhTTBdI&sai=AMfl-YRD_YFOIRKmQOPs-_EpcNzQvFF-9IZlpcv20t0QmJT32ujjU2TlU4-1ob1mN6TTvi2ivHthUrclScbj7QntlxM1Y0bOQlXJvkvGTm8nxjigz9as2bEZJNYmN2usNer8mQ&sig=Cg0ArKJSzPl0oNcfWFT-EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 20 Nov 2022 02:49:42 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame B9FC 107 B
122 B 63ms
62ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=stud.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame B9FC 107 B
122 B 64ms
64ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=stud.com.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B9FC 53 KB
12 KB 392ms
391ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1604111756810199&correlator=1595261767536188&eid=31070233%2C31070950&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=29636627%3A21931593928%2Cstud.com.ua_970x90_hb_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=1&adks=576569433&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dafa453107775fb54%3AT%3D1668912580%3AS%3DALNI_MbFNp_BDzJ3JocQHfO6h2-N4TBxhw&gpic=UID%3D00000b842a9c9c62%3AT%3D1668912580%3ART%3D1668912580%3AS%3DALNI_MYpK9geF-OJ5497BpGsHGBUfMc0qw&abxe=1&dt=1668912582746&lmt=1668912582&dlt=1668912581737&idt=968&adxs=315&adys=10&biw=1600&bih=1200&isw=970&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=ylynh0tq7u1l&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fstud.com.ua%2F&ref=https%3A%2F%2Fstud.com.ua%2F&top=https%3A%2F%2Fstud.com.ua%2F&frm=23&vis=1&psz=0x0&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=1876514594.1668912580&ga_sid=1668912583&ga_hid=360373339&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df70df7f822bc99de633a11d1b719418484b25fbaa487ec0d511fdf68a5db404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12139
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stud.com.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B9FC 14 KB
11 KB 76ms
76ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c61efac73f492cfca88ae2c13697f76ce320b6ecc5f016e9d815e6c5f8647122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11034
x-xss-protection: 0

GET
H2 200 container.html Show response
63e2d93e744c9c06e92c1b9162c1ca0e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4E3C 6 KB
3 KB 89ms
61ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://63e2d93e744c9c06e92c1b9162c1ca0e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stud.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 02:49:42 GMT
expires: Mon, 20 Nov 2023 02:49:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 13D9 9 KB
4 KB 73ms
71ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=5d7d6fc5258d4152588eae1ee10f7c9d%2F2366318031751671155&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582768&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k46fgj5makt184hbkvh3fyjf73thv51mfwwmesm6hwjw8dzeecr2d37xmyjt8cwg6rmkva40hrx9g3h8y98c7q8ym17zz65m09csyzt09ga0ac6b5rr047wkpcj403d9wvs9re6dz1jdpkgmhwgh2twccy55336d4q85vse2p91fxw9nmak7y1j7jqke9w7nmbqd6sd6hdqwjzafx2966sknnr7vy7qbjb2rymep6z7mcfstd7ze6qv0g04h8f3rkjwxpkfjtt56tg5nyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzsU1xZV5Y9PoFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTlAU_QMN5MNQR70gJgYk5dQkp7gUjULVPJ3-CmLz-c_6bKQNIGAx6gFqORWCmnL3zCfTFC986v8uJXToJwStGM1V5Qkv0lHEhY1KRIAszlYRcWK1cRcr-zx4Xz_rk7AH_XLJ4SiKzQagPlbBlMIiMo3HjykvfP9Lyb6bc4QGAw-QlxncSCLZs72Ukv0-xqWCxH3A_v5VKCe7ttAzEYFM0nQQjl3JsTCRLCrAwTrDdHVrWIqeIIg1JcN7L6Pe3h1cwEfbVrBClpG2g9-Wa_soJZX3Owl-HTEKQZwG4X-TzmUFQLoZAPdkvgBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_02GgLx0NQTP470NJmL_LKeKBQ-Kw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3aff5e2508fd67e0aa14d8de2213cb56178871275afc38497ecc567239bdf761

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jm2s4k3d4qt7kxhayw6adsx9ta8wb7jbw48mwxffbp8wqec0p0bjbwtcqbnr5ke00b4a107dkx2w2hgvxc34byq99kmmt17yzxawpbzvsvynxtxg62z9pw1p9bepx0ck35gm6cyb8wnkt1snwyvr5pyqf0cx4tv7y03pbp8y7xcmr081806cbz4d1nxwq0dktk11wbstkwd81a4jc604y65tyj706m8nn3hg5wtp40ryknvjeec2qmxaehe8fp5mrwncje8ah5ex5zk0p8mvd3pvan4cq2mt504y78kqahmp8582kz3tj8z3mpk004tf2ng8ctx6hwgyz6ydy8a96se3j527fwzgesh4sk2rsf0tybqxbv7dt9ye6552a5m66ezs874y2s0y6j17xqzxby9dfvk2xnnn5fefy5wex551vdd6kng&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzsU1xZV5Y9PoFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTlAU_QMN5MNQR70gJgYk5dQkp7gUjULVPJ3-CmLz-c_6bKQNIGAx6gFqORWCmnL3zCfTFC986v8uJXToJwStGM1V5Qkv0lHEhY1KRIAszlYRcWK1cRcr-zx4Xz_rk7AH_XLJ4SiKzQagPlbBlMIiMo3HjykvfP9Lyb6bc4QGAw-QlxncSCLZs72Ukv0-xqWCxH3A_v5VKCe7ttAzEYFM0nQQjl3JsTCRLCrAwTrDdHVrWIqeIIg1JcN7L6Pe3h1cwEfbVrBClpG2g9-Wa_soJZX3Owl-HTEKQZwG4X-TzmUFQLoZAPdkvgBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_02GgLx0NQTP470NJmL_LKeKBQ-Kw%26client%3Dca-pub-5656744916850703%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76cddfbaae4edd17-LHR
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 02:49:42 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame E581 11 KB
5 KB 80ms
80ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=c56db4298109cedb481d5e3bc0459c87%2F14067477401601687808&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582771&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka5eascsdpeda1bz0v6pv8y5vma3583kacng097nfjbzg10heq1fbdj0s1afchm08sy27dkgb2z21ave6z2pgnz2g50xmawbxxxs0q6wxvp6g9h9wwk2vxaaej735qm97b72adr8935d1rj9ffztvvc44jj1861rn47fjzzyccm3nzc7ekse4v5aq0wq6ks38fsb6ccsc43mnwvy4kjjx1camyy2p44nnb6jsqr384m5ab20ahzje2dcfe9z4brtbaz8dj0m2jm07rfq36g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cR6xZV5Y9boFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QLlFjLt_e4prmFPY670_2GRiO70xFJa0D_zRJgWwLkXeA6VXXFwrlvXgA1upWM7Mo3KJHwaUNQrIwRemFde4n6jy_46IeXyRFJk2x_5S4-8m8_lvzrKnNFK60j1PhVeFm-JZDNCmpBTObVzWSRGcRtHW6Mdx-U-h2-shNVUGenIJDuUFwMlmZlnto-R9ZYmh9p0wxxoCmEaltR3OtvWhCr9pYgeS9Z8_Xe3mXxEyY5oD6Qqouu6Xqls25OF4X3O8Bx7SxGFbmwwlToML1qBTvPMeYkH70sNtMMDnKueWreO7PmiIT4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2sjpVT0Npgt8eSmMT--TJp4i320g%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7caa57b6c9a4d8404d77b2232fcb1ce1cf66f1e3def2463f215e61cc421d49c7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hdj3td32524rengg48d978xv1nz1mvc787n018phnenpr482x1n30th41n5ehragpe5wvcgdmvtt3xb02v9frazfjwzszhg90fhzwmm12q0v0vz84xezwyxr3fds0e172whwp395771n51rckz5xz77x5v7q4w098cfv036a1tqht4k8z4nswyttazbwbj48cj0vtp1xjz4g4ygpvvqafr642vgdthz39fft70fhfhkswqht14pj7vmr6d5ftjzgm15yvvn4xdshpz8jsh26pfa5h8atg1yhpmdhjt5nf6vqawy37z1ggf9pzv2wkvrpmre647nfzcvymypk9kqggwg25jg308j7ctpgk66fdyf03wwrvs2ffmk42pfqb94072ktp3vb9ncyd6rpwf723d2b8q17ry569vqhm95y3qxxb7zy27at&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6cR6xZV5Y9boFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QLlFjLt_e4prmFPY670_2GRiO70xFJa0D_zRJgWwLkXeA6VXXFwrlvXgA1upWM7Mo3KJHwaUNQrIwRemFde4n6jy_46IeXyRFJk2x_5S4-8m8_lvzrKnNFK60j1PhVeFm-JZDNCmpBTObVzWSRGcRtHW6Mdx-U-h2-shNVUGenIJDuUFwMlmZlnto-R9ZYmh9p0wxxoCmEaltR3OtvWhCr9pYgeS9Z8_Xe3mXxEyY5oD6Qqouu6Xqls25OF4X3O8Bx7SxGFbmwwlToML1qBTvPMeYkH70sNtMMDnKueWreO7PmiIT4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2sjpVT0Npgt8eSmMT--TJp4i320g%26client%3Dca-pub-5656744916850703%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76cddfbaae50dd17-LHR
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 02:49:42 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 4844 13 KB
5 KB 72ms
71ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=160&d=600&e=&g=56974894a167a25b01b904da8bb1bfae%2F7331761722778322746&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8bemtw96879y3egrnqn9yf45b76tnvd9a3d61cxsd83kpdwa77mqj7052zqqhbsqw420yd02exykfcfx35b0z7f1xj20gbp1khhx82m83npn832gysvw363km82frzc2bw1f192tq3pd4mnd28mmaw0y062ahkcwz2b2avkxr77svy5j2vsmzpb8m0zck2keyt26pz9fa3rkvxvxns9d80ha7mjg6s1v1p7zhpajbewywww77cj0gchcqwqbxye9pb6wbb3gg2h64wqreg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1091f1e2ccd70b6e1bce1b047212d0a744dd58311b7c21a57c915c2025ad5966

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1g7gswr6wacda6gpfeeaffxjbmk1bm3c83tdd6ev6ea2hxqaqkbwwf6mjs83fq7kg7gfq1d8h7k0n8tthhczf0hpqbsegkv6z2r3emy976k87j2ry55exzbm8bnywm8jbkybdqfs68trkwz88pxb8jd160efqwbznzn1qhy29y1f27s2ym4c29tqr6qn0j1tgvxwjzys5btxhr10pr4e3r2cym5zn7b0wwz28myy7mptmjbayvvt95g6ew61v6vwsb0m25bahns5vtawm334dy3qhp1nqm76tazrypxxcpnqn4dezt2qzjexbbx842rbh7xq2gbfza24r2tx6kvhytmpqr80hgbhewztge3jzacjpvkbn8rmmyymq8w2gpkr4vev42nz4z1qm1cxrbcdkg0vkz9x0xyw48bkayf000y7t63d1chjt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%26client%3Dca-pub-5656744916850703%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76cddfbaae51dd17-LHR
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 02:49:42 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B9FC 17 KB
6 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Nov 2022 02:49:42 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 192ms
65ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Nov 2022 02:49:42 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 13D9 89 KB
11 KB 55ms
54ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=5d7d6fc5258d4152588eae1ee10f7c9d%2F2366318031751671155&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582768&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k46fgj5makt184hbkvh3fyjf73thv51mfwwmesm6hwjw8dzeecr2d37xmyjt8cwg6rmkva40hrx9g3h8y98c7q8ym17zz65m09csyzt09ga0ac6b5rr047wkpcj403d9wvs9re6dz1jdpkgmhwgh2twccy55336d4q85vse2p91fxw9nmak7y1j7jqke9w7nmbqd6sd6hdqwjzafx2966sknnr7vy7qbjb2rymep6z7mcfstd7ze6qv0g04h8f3rkjwxpkfjtt56tg5nyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzsU1xZV5Y9PoFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTlAU_QMN5MNQR70gJgYk5dQkp7gUjULVPJ3-CmLz-c_6bKQNIGAx6gFqORWCmnL3zCfTFC986v8uJXToJwStGM1V5Qkv0lHEhY1KRIAszlYRcWK1cRcr-zx4Xz_rk7AH_XLJ4SiKzQagPlbBlMIiMo3HjykvfP9Lyb6bc4QGAw-QlxncSCLZs72Ukv0-xqWCxH3A_v5VKCe7ttAzEYFM0nQQjl3JsTCRLCrAwTrDdHVrWIqeIIg1JcN7L6Pe3h1cwEfbVrBClpG2g9-Wa_soJZX3Owl-HTEKQZwG4X-TzmUFQLoZAPdkvgBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_02GgLx0NQTP470NJmL_LKeKBQ-Kw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=5d7d6fc5258d4152588eae1ee10f7c9d%2F2366318031751671155&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582768&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k46fgj5makt184hbkvh3fyjf73thv51mfwwmesm6hwjw8dzeecr2d37xmyjt8cwg6rmkva40hrx9g3h8y98c7q8ym17zz65m09csyzt09ga0ac6b5rr047wkpcj403d9wvs9re6dz1jdpkgmhwgh2twccy55336d4q85vse2p91fxw9nmak7y1j7jqke9w7nmbqd6sd6hdqwjzafx2966sknnr7vy7qbjb2rymep6z7mcfstd7ze6qv0g04h8f3rkjwxpkfjtt56tg5nyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzsU1xZV5Y9PoFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTlAU_QMN5MNQR70gJgYk5dQkp7gUjULVPJ3-CmLz-c_6bKQNIGAx6gFqORWCmnL3zCfTFC986v8uJXToJwStGM1V5Qkv0lHEhY1KRIAszlYRcWK1cRcr-zx4Xz_rk7AH_XLJ4SiKzQagPlbBlMIiMo3HjykvfP9Lyb6bc4QGAw-QlxncSCLZs72Ukv0-xqWCxH3A_v5VKCe7ttAzEYFM0nQQjl3JsTCRLCrAwTrDdHVrWIqeIIg1JcN7L6Pe3h1cwEfbVrBClpG2g9-Wa_soJZX3Owl-HTEKQZwG4X-TzmUFQLoZAPdkvgBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_02GgLx0NQTP470NJmL_LKeKBQ-Kw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 293040
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 16 Nov 2022 17:25:42 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 76cddfbb2e9fdd17-LHR
expires: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 13D9 53 KB
54 KB 67ms
56ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=5d7d6fc5258d4152588eae1ee10f7c9d%2F2366318031751671155&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582768&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k46fgj5makt184hbkvh3fyjf73thv51mfwwmesm6hwjw8dzeecr2d37xmyjt8cwg6rmkva40hrx9g3h8y98c7q8ym17zz65m09csyzt09ga0ac6b5rr047wkpcj403d9wvs9re6dz1jdpkgmhwgh2twccy55336d4q85vse2p91fxw9nmak7y1j7jqke9w7nmbqd6sd6hdqwjzafx2966sknnr7vy7qbjb2rymep6z7mcfstd7ze6qv0g04h8f3rkjwxpkfjtt56tg5nyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzsU1xZV5Y9PoFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTlAU_QMN5MNQR70gJgYk5dQkp7gUjULVPJ3-CmLz-c_6bKQNIGAx6gFqORWCmnL3zCfTFC986v8uJXToJwStGM1V5Qkv0lHEhY1KRIAszlYRcWK1cRcr-zx4Xz_rk7AH_XLJ4SiKzQagPlbBlMIiMo3HjykvfP9Lyb6bc4QGAw-QlxncSCLZs72Ukv0-xqWCxH3A_v5VKCe7ttAzEYFM0nQQjl3JsTCRLCrAwTrDdHVrWIqeIIg1JcN7L6Pe3h1cwEfbVrBClpG2g9-Wa_soJZX3Owl-HTEKQZwG4X-TzmUFQLoZAPdkvgBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_02GgLx0NQTP470NJmL_LKeKBQ-Kw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 373979
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtXYLpJZOaNEDvNZ4x6BJ8ZKEfOaZzUygS19wN%2B7XlT4ohF8eNNT1mztdKnu%2FmbrK2QTbQqCMRCQn2E%2BUBYZqLf8wlw2CH7QrABMt5BfMsUh%2BbF1YfnC7ERukkhNnXeGPMMa0E2vNsLmgMNu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76cddfbb3c227501-LHR
expires: Mon, 21 Nov 2022 02:49:42 GMT

GET
H2 200 3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
assets.ad4m.at/product_image/ Frame 13D9 11 KB
11 KB 73ms
71ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=5d7d6fc5258d4152588eae1ee10f7c9d%2F2366318031751671155&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582768&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k46fgj5makt184hbkvh3fyjf73thv51mfwwmesm6hwjw8dzeecr2d37xmyjt8cwg6rmkva40hrx9g3h8y98c7q8ym17zz65m09csyzt09ga0ac6b5rr047wkpcj403d9wvs9re6dz1jdpkgmhwgh2twccy55336d4q85vse2p91fxw9nmak7y1j7jqke9w7nmbqd6sd6hdqwjzafx2966sknnr7vy7qbjb2rymep6z7mcfstd7ze6qv0g04h8f3rkjwxpkfjtt56tg5nyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzsU1xZV5Y9PoFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTlAU_QMN5MNQR70gJgYk5dQkp7gUjULVPJ3-CmLz-c_6bKQNIGAx6gFqORWCmnL3zCfTFC986v8uJXToJwStGM1V5Qkv0lHEhY1KRIAszlYRcWK1cRcr-zx4Xz_rk7AH_XLJ4SiKzQagPlbBlMIiMo3HjykvfP9Lyb6bc4QGAw-QlxncSCLZs72Ukv0-xqWCxH3A_v5VKCe7ttAzEYFM0nQQjl3JsTCRLCrAwTrDdHVrWIqeIIg1JcN7L6Pe3h1cwEfbVrBClpG2g9-Wa_soJZX3Owl-HTEKQZwG4X-TzmUFQLoZAPdkvgBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_02GgLx0NQTP470NJmL_LKeKBQ-Kw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 294726
cf-polished: qual=85, origFmt=jpeg, origSize=46259
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10888
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 15:21:37 GMT
server: cloudflare
etag: "b2cf554576629d98986c459034c76d1a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSZiIBzi4zkphjCLwCZ534lw2W%2BNbikDcnpzto3jUQICqTA99YrPcfBtYeskInWBxN5Zp%2FJNoB2hp9K9T81mnr3KYbedrlPeGnGbm65xSFaoplCIUKJTJUlvql6QxfdaTKSCBgIKUhlD9nNJ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76cddfbb3c277501-LHR
expires: Mon, 21 Nov 2022 02:49:42 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 13D9
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKfYsu3fu_sCFVnsEQgdbK8Oyw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022112003494378703702139X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_N...

49 B
1 KB

231ms
82ms

Image
image/gif

88.99.63.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022112003494378703702139X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022112003494378703702139X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=5d7d6fc5258d4152588eae1ee10f7c9d%2F2366318031751671155&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582768&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k46fgj5makt184hbkvh3fyjf73thv51mfwwmesm6hwjw8dzeecr2d37xmyjt8cwg6rmkva40hrx9g3h8y98c7q8ym17zz65m09csyzt09ga0ac6b5rr047wkpcj403d9wvs9re6dz1jdpkgmhwgh2twccy55336d4q85vse2p91fxw9nmak7y1j7jqke9w7nmbqd6sd6hdqwjzafx2966sknnr7vy7qbjb2rymep6z7mcfstd7ze6qv0g04h8f3rkjwxpkfjtt56tg5nyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzsU1xZV5Y9PoFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTlAU_QMN5MNQR70gJgYk5dQkp7gUjULVPJ3-CmLz-c_6bKQNIGAx6gFqORWCmnL3zCfTFC986v8uJXToJwStGM1V5Qkv0lHEhY1KRIAszlYRcWK1cRcr-zx4Xz_rk7AH_XLJ4SiKzQagPlbBlMIiMo3HjykvfP9Lyb6bc4QGAw-QlxncSCLZs72Ukv0-xqWCxH3A_v5VKCe7ttAzEYFM0nQQjl3JsTCRLCrAwTrDdHVrWIqeIIg1JcN7L6Pe3h1cwEfbVrBClpG2g9-Wa_soJZX3Owl-HTEKQZwG4X-TzmUFQLoZAPdkvgBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_02GgLx0NQTP470NJmL_LKeKBQ-Kw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads3.sunbonet.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 20 Nov 2022 02:49:43 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022112003494378703702139X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022112003494378703702139X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
date: Sun, 20 Nov 2022 02:49:43 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 13D9 9 KB
9 KB 76ms
74ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=5d7d6fc5258d4152588eae1ee10f7c9d%2F2366318031751671155&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582768&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k46fgj5makt184hbkvh3fyjf73thv51mfwwmesm6hwjw8dzeecr2d37xmyjt8cwg6rmkva40hrx9g3h8y98c7q8ym17zz65m09csyzt09ga0ac6b5rr047wkpcj403d9wvs9re6dz1jdpkgmhwgh2twccy55336d4q85vse2p91fxw9nmak7y1j7jqke9w7nmbqd6sd6hdqwjzafx2966sknnr7vy7qbjb2rymep6z7mcfstd7ze6qv0g04h8f3rkjwxpkfjtt56tg5nyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzsU1xZV5Y9PoFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTlAU_QMN5MNQR70gJgYk5dQkp7gUjULVPJ3-CmLz-c_6bKQNIGAx6gFqORWCmnL3zCfTFC986v8uJXToJwStGM1V5Qkv0lHEhY1KRIAszlYRcWK1cRcr-zx4Xz_rk7AH_XLJ4SiKzQagPlbBlMIiMo3HjykvfP9Lyb6bc4QGAw-QlxncSCLZs72Ukv0-xqWCxH3A_v5VKCe7ttAzEYFM0nQQjl3JsTCRLCrAwTrDdHVrWIqeIIg1JcN7L6Pe3h1cwEfbVrBClpG2g9-Wa_soJZX3Owl-HTEKQZwG4X-TzmUFQLoZAPdkvgBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_02GgLx0NQTP470NJmL_LKeKBQ-Kw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2272921
cf-polished: origFmt=png, origSize=24833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9258
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESuR2cwW%2BFISTx8U6wrI8o%2BK72WRUxaw5X3HpmAEqEmk6MyTWYrTeEhKOwkVJKrj9ckR%2Fas5O5tbXKiaHgvxjokuTkEr98DAfwJ57X7O7Xf1BAeC2TyUjf5HQItFf5Eeb6WJTLysMpkLozqa"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76cddfbb3c287501-LHR
expires: Mon, 21 Nov 2022 02:49:42 GMT

GET
H2 200 FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame 13D9 20 KB
20 KB 75ms
74ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=5d7d6fc5258d4152588eae1ee10f7c9d%2F2366318031751671155&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582768&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k46fgj5makt184hbkvh3fyjf73thv51mfwwmesm6hwjw8dzeecr2d37xmyjt8cwg6rmkva40hrx9g3h8y98c7q8ym17zz65m09csyzt09ga0ac6b5rr047wkpcj403d9wvs9re6dz1jdpkgmhwgh2twccy55336d4q85vse2p91fxw9nmak7y1j7jqke9w7nmbqd6sd6hdqwjzafx2966sknnr7vy7qbjb2rymep6z7mcfstd7ze6qv0g04h8f3rkjwxpkfjtt56tg5nyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzsU1xZV5Y9PoFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTlAU_QMN5MNQR70gJgYk5dQkp7gUjULVPJ3-CmLz-c_6bKQNIGAx6gFqORWCmnL3zCfTFC986v8uJXToJwStGM1V5Qkv0lHEhY1KRIAszlYRcWK1cRcr-zx4Xz_rk7AH_XLJ4SiKzQagPlbBlMIiMo3HjykvfP9Lyb6bc4QGAw-QlxncSCLZs72Ukv0-xqWCxH3A_v5VKCe7ttAzEYFM0nQQjl3JsTCRLCrAwTrDdHVrWIqeIIg1JcN7L6Pe3h1cwEfbVrBClpG2g9-Wa_soJZX3Owl-HTEKQZwG4X-TzmUFQLoZAPdkvgBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_02GgLx0NQTP470NJmL_LKeKBQ-Kw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 296181
cf-polished: qual=85, origFmt=jpeg, origSize=85977
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20094
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:32:10 GMT
server: cloudflare
etag: "115bea0885590f780802fd14548a1cde"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAhyS59wub%2FHMXCwwTlRT5L%2FyD5EmV4YonoFikqbTqCNsGlXgWRyIMKiAiDp5kr3SfDYjUWqRD7mXKg%2FlJx%2Filyo3pTdJB6w9YeHD%2BM6zhxLlsH%2B6PW4yRmzfcV9T0KO8mgrnfswyXAeDxZO"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76cddfbb3c297501-LHR
expires: Mon, 21 Nov 2022 02:49:42 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame 13D9
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CMfXsu3fu_sCFdR64AodQmkN8g;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022112003494378703702137X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0

49 B
1 KB

232ms
83ms

Image
image/gif

88.99.63.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022112003494378703702137X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=5d7d6fc5258d4152588eae1ee10f7c9d%2F2366318031751671155&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582768&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k46fgj5makt184hbkvh3fyjf73thv51mfwwmesm6hwjw8dzeecr2d37xmyjt8cwg6rmkva40hrx9g3h8y98c7q8ym17zz65m09csyzt09ga0ac6b5rr047wkpcj403d9wvs9re6dz1jdpkgmhwgh2twccy55336d4q85vse2p91fxw9nmak7y1j7jqke9w7nmbqd6sd6hdqwjzafx2966sknnr7vy7qbjb2rymep6z7mcfstd7ze6qv0g04h8f3rkjwxpkfjtt56tg5nyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzsU1xZV5Y9PoFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTlAU_QMN5MNQR70gJgYk5dQkp7gUjULVPJ3-CmLz-c_6bKQNIGAx6gFqORWCmnL3zCfTFC986v8uJXToJwStGM1V5Qkv0lHEhY1KRIAszlYRcWK1cRcr-zx4Xz_rk7AH_XLJ4SiKzQagPlbBlMIiMo3HjykvfP9Lyb6bc4QGAw-QlxncSCLZs72Ukv0-xqWCxH3A_v5VKCe7ttAzEYFM0nQQjl3JsTCRLCrAwTrDdHVrWIqeIIg1JcN7L6Pe3h1cwEfbVrBClpG2g9-Wa_soJZX3Owl-HTEKQZwG4X-TzmUFQLoZAPdkvgBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_02GgLx0NQTP470NJmL_LKeKBQ-Kw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads3.sunbonet.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 20 Nov 2022 02:49:43 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022112003494378703702137X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date: Sun, 20 Nov 2022 02:49:43 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 13D9 16 KB
16 KB 74ms
73ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=5d7d6fc5258d4152588eae1ee10f7c9d%2F2366318031751671155&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582768&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k46fgj5makt184hbkvh3fyjf73thv51mfwwmesm6hwjw8dzeecr2d37xmyjt8cwg6rmkva40hrx9g3h8y98c7q8ym17zz65m09csyzt09ga0ac6b5rr047wkpcj403d9wvs9re6dz1jdpkgmhwgh2twccy55336d4q85vse2p91fxw9nmak7y1j7jqke9w7nmbqd6sd6hdqwjzafx2966sknnr7vy7qbjb2rymep6z7mcfstd7ze6qv0g04h8f3rkjwxpkfjtt56tg5nyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzsU1xZV5Y9PoFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTlAU_QMN5MNQR70gJgYk5dQkp7gUjULVPJ3-CmLz-c_6bKQNIGAx6gFqORWCmnL3zCfTFC986v8uJXToJwStGM1V5Qkv0lHEhY1KRIAszlYRcWK1cRcr-zx4Xz_rk7AH_XLJ4SiKzQagPlbBlMIiMo3HjykvfP9Lyb6bc4QGAw-QlxncSCLZs72Ukv0-xqWCxH3A_v5VKCe7ttAzEYFM0nQQjl3JsTCRLCrAwTrDdHVrWIqeIIg1JcN7L6Pe3h1cwEfbVrBClpG2g9-Wa_soJZX3Owl-HTEKQZwG4X-TzmUFQLoZAPdkvgBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_02GgLx0NQTP470NJmL_LKeKBQ-Kw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2269200
cf-polished: origFmt=png, origSize=39979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15996
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:07:55 GMT
server: cloudflare
etag: "ad9334664514d900a0c3b76d17ca960f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45zzFHdUJLFISND1l%2BDvG7IBRBuVqmrgEfrou%2FoxOm5DxktBLGBnZPTShXbOIMku2SsVBU6auRFMSZ2PJXKzJf6cs%2Bp1gTDHbbkF6YO%2FX8GJhjX3Ah7O3YZiLjsf8HGVRlyi1g%2FcWA2mDQE6"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76cddfbb3c2a7501-LHR
expires: Mon, 21 Nov 2022 02:49:42 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 13D9 222 KB
222 KB 75ms
74ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C197100%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=5d7d6fc5258d4152588eae1ee10f7c9d%2F2366318031751671155&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582768&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k46fgj5makt184hbkvh3fyjf73thv51mfwwmesm6hwjw8dzeecr2d37xmyjt8cwg6rmkva40hrx9g3h8y98c7q8ym17zz65m09csyzt09ga0ac6b5rr047wkpcj403d9wvs9re6dz1jdpkgmhwgh2twccy55336d4q85vse2p91fxw9nmak7y1j7jqke9w7nmbqd6sd6hdqwjzafx2966sknnr7vy7qbjb2rymep6z7mcfstd7ze6qv0g04h8f3rkjwxpkfjtt56tg5nyqg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzsU1xZV5Y9PoFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTlAU_QMN5MNQR70gJgYk5dQkp7gUjULVPJ3-CmLz-c_6bKQNIGAx6gFqORWCmnL3zCfTFC986v8uJXToJwStGM1V5Qkv0lHEhY1KRIAszlYRcWK1cRcr-zx4Xz_rk7AH_XLJ4SiKzQagPlbBlMIiMo3HjykvfP9Lyb6bc4QGAw-QlxncSCLZs72Ukv0-xqWCxH3A_v5VKCe7ttAzEYFM0nQQjl3JsTCRLCrAwTrDdHVrWIqeIIg1JcN7L6Pe3h1cwEfbVrBClpG2g9-Wa_soJZX3Owl-HTEKQZwG4X-TzmUFQLoZAPdkvgBAGABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_02GgLx0NQTP470NJmL_LKeKBQ-Kw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 369399
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226916
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PfYzI8lTcO8zQQDB4UupKQYR3rcc3RZhEpv%2Bg3n02SdeLlANr3xM%2FqkXZdxu9YzZBuR%2FfJa7QYect7tXZLnqnndVbGydbg4ljKUJSXDrWXEIywpx%2B6zThegHA76QEIKmlM%2FTyRPbVn1yfgr0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76cddfbb3c2b7501-LHR
expires: Mon, 21 Nov 2022 02:49:42 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 13D9
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.zenaps.com/cshow.php?pvr=fc442b00-687d-11ed-bfbc-22342ff4a6f7&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth...
https://www.conrad.de/ztpv.php?awc=11354_412871_1668912583_fc442b00-687d-11ed-bfbc-22342ff4a6f7&insert=AW&&gdpr=0&gdpr_consent=

0
638 B

167ms
63ms

Image
text/html

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1668912583_fc442b00-687d-11ed-bfbc-22342ff4a6f7&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:43 GMT
via: 1.1 additional-webserver-blue-115j (Varnish/7.2)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
content-type: text/html; charset=UTF-8
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 373501542
cache-control: no-cache
cf-ray: 76cddfbeda007457-LHR
expires: -1

Redirect headers

Date: Sun, 20 Nov 2022 02:49:43 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1668912583_fc442b00-687d-11ed-bfbc-22342ff4a6f7&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 4844 89 KB
11 KB 54ms
53ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=160&d=600&e=&g=56974894a167a25b01b904da8bb1bfae%2F7331761722778322746&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8bemtw96879y3egrnqn9yf45b76tnvd9a3d61cxsd83kpdwa77mqj7052zqqhbsqw420yd02exykfcfx35b0z7f1xj20gbp1khhx82m83npn832gysvw363km82frzc2bw1f192tq3pd4mnd28mmaw0y062ahkcwz2b2avkxr77svy5j2vsmzpb8m0zck2keyt26pz9fa3rkvxvxns9d80ha7mjg6s1v1p7zhpajbewywww77cj0gchcqwqbxye9pb6wbb3gg2h64wqreg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=160&d=600&e=&g=56974894a167a25b01b904da8bb1bfae%2F7331761722778322746&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8bemtw96879y3egrnqn9yf45b76tnvd9a3d61cxsd83kpdwa77mqj7052zqqhbsqw420yd02exykfcfx35b0z7f1xj20gbp1khhx82m83npn832gysvw363km82frzc2bw1f192tq3pd4mnd28mmaw0y062ahkcwz2b2avkxr77svy5j2vsmzpb8m0zck2keyt26pz9fa3rkvxvxns9d80ha7mjg6s1v1p7zhpajbewywww77cj0gchcqwqbxye9pb6wbb3gg2h64wqreg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 293040
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 16 Nov 2022 17:25:42 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 76cddfbb3eacdd17-LHR
expires: 0

GET
H2 200 32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
assets.ad4m.at/logo/ Frame 4844 53 KB
53 KB 104ms
103ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=160&d=600&e=&g=56974894a167a25b01b904da8bb1bfae%2F7331761722778322746&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8bemtw96879y3egrnqn9yf45b76tnvd9a3d61cxsd83kpdwa77mqj7052zqqhbsqw420yd02exykfcfx35b0z7f1xj20gbp1khhx82m83npn832gysvw363km82frzc2bw1f192tq3pd4mnd28mmaw0y062ahkcwz2b2avkxr77svy5j2vsmzpb8m0zck2keyt26pz9fa3rkvxvxns9d80ha7mjg6s1v1p7zhpajbewywww77cj0gchcqwqbxye9pb6wbb3gg2h64wqreg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 290018
cf-polished: origFmt=png, origSize=85233
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54280
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 17:18:26 GMT
server: cloudflare
etag: "0bc184d99872986e7c36d6945f607e59"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNlUt9K%2BbMRO8%2BIk%2BEzGVrlrF4I9onrf%2B2raD%2FLgXsmvAcGRE53b0uPnyZbVKK836HWIMQalliJ%2FDcADMUoKPTSUQthrLq1rVseMpZKBWcA1ggFNPRkMHkcVKMDF8LTz7EUppItziG49zG8b"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76cddfbb3c247501-LHR
expires: Mon, 21 Nov 2022 02:49:42 GMT

GET
H2 200 831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
assets.ad4m.at/product_image/ Frame 4844 193 KB
193 KB 66ms
65ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=160&d=600&e=&g=56974894a167a25b01b904da8bb1bfae%2F7331761722778322746&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8bemtw96879y3egrnqn9yf45b76tnvd9a3d61cxsd83kpdwa77mqj7052zqqhbsqw420yd02exykfcfx35b0z7f1xj20gbp1khhx82m83npn832gysvw363km82frzc2bw1f192tq3pd4mnd28mmaw0y062ahkcwz2b2avkxr77svy5j2vsmzpb8m0zck2keyt26pz9fa3rkvxvxns9d80ha7mjg6s1v1p7zhpajbewywww77cj0gchcqwqbxye9pb6wbb3gg2h64wqreg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 290018
cf-polished: origFmt=png, origSize=311499
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 197460
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 17:45:43 GMT
server: cloudflare
etag: "3e47fe2e828ecba46fd7e6ae452966ae"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxRL8x9w2t86QWjL2TZ2YBvaX2kHsdHU8XSBwt6D3RVst3XBFbuPN7tWYB1L5q6xzZodwa4VoqcIxGQ6afVJJvjnFCn1UlY3myMIXOSvoHdoIZE9WukUzxXkGnmT%2FJENXBHKv7KmPj7dbWej"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76cddfbb4c3b7501-LHR
expires: Mon, 21 Nov 2022 02:49:42 GMT

GET
H2 200 FE0B78D97BA1F2E5CD2154F6820A1AB9B86F5F439818DF46163CA56E8EE17513C3A0CE54E604EC24901F78DD798D13BAE97E0680454D3977BD86051E08913E70
assets.ad4m.at/logo/ Frame 4844 4 KB
5 KB 66ms
65ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/FE0B78D97BA1F2E5CD2154F6820A1AB9B86F5F439818DF46163CA56E8EE17513C3A0CE54E604EC24901F78DD798D13BAE97E0680454D3977BD86051E08913E70
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=160&d=600&e=&g=56974894a167a25b01b904da8bb1bfae%2F7331761722778322746&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8bemtw96879y3egrnqn9yf45b76tnvd9a3d61cxsd83kpdwa77mqj7052zqqhbsqw420yd02exykfcfx35b0z7f1xj20gbp1khhx82m83npn832gysvw363km82frzc2bw1f192tq3pd4mnd28mmaw0y062ahkcwz2b2avkxr77svy5j2vsmzpb8m0zck2keyt26pz9fa3rkvxvxns9d80ha7mjg6s1v1p7zhpajbewywww77cj0gchcqwqbxye9pb6wbb3gg2h64wqreg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76967d830f6aef06f336d8b7323d7d8a07e08b56080a1b3c8b9ada0b5e7ead26

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 292527
cf-polished: origFmt=png, origSize=16545
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4432
cf-bgj: imgq:85,h2pri
last-modified: Tue, 27 Sep 2022 13:33:57 GMT
server: cloudflare
etag: "a12a2ed1d853ee0e3231c93bd5bd45d2"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHjwkHfDAj9TqOXZ8Pr3XUJaIP%2BEPCo1WME8BH51ZNrJkTpxiqJA0MU3wsQVhIwE9nZ5qtDJKeuFrL996K6%2F5bPvRjtllcpvvlnMeL4aUWqA3OEQlObPAerYq5wkFtNRWgW8m57BVx1AqHZG"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76cddfbb4c3c7501-LHR
expires: Mon, 21 Nov 2022 02:49:42 GMT

GET
H2 200 81903CDEE52274B47AAD68A98346E49AD7DBB39D08CAFBC6EA976852CA379D44FA063F4EC463639E0D9F309486BCFA2AEF125D1805770F4F17701A4DAA33AAFC
assets.ad4m.at/product_image/ Frame 4844 57 KB
58 KB 104ms
103ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/81903CDEE52274B47AAD68A98346E49AD7DBB39D08CAFBC6EA976852CA379D44FA063F4EC463639E0D9F309486BCFA2AEF125D1805770F4F17701A4DAA33AAFC
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=160&d=600&e=&g=56974894a167a25b01b904da8bb1bfae%2F7331761722778322746&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8bemtw96879y3egrnqn9yf45b76tnvd9a3d61cxsd83kpdwa77mqj7052zqqhbsqw420yd02exykfcfx35b0z7f1xj20gbp1khhx82m83npn832gysvw363km82frzc2bw1f192tq3pd4mnd28mmaw0y062ahkcwz2b2avkxr77svy5j2vsmzpb8m0zck2keyt26pz9fa3rkvxvxns9d80ha7mjg6s1v1p7zhpajbewywww77cj0gchcqwqbxye9pb6wbb3gg2h64wqreg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49b5ce8d75f6bdb3ca5d82d43ed447d165e366bc67febbdd6bbcebae55ff5f88

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 812459
cf-polished: qual=85, origFmt=jpeg, origSize=460847
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58750
cf-bgj: imgq:85,h2pri
last-modified: Thu, 03 Nov 2022 14:23:29 GMT
server: cloudflare
etag: "c13e8637d3094579c88759a8f253abad"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3VTDhdgjKdpclZYqdxyJF7YVfMsF5ea%2B5kdI5ENtmY8xR%2F9dFprzV5FFbWes94pkz4%2BgMuX%2BmyFGWfzudVblu%2B8zBDxR8SJBQ%2BeptZ3zQPlQHEEJCARYT7gfFULVIt9w6rk4Nl6Ct9fkix0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76cddfbb7c5c7501-LHR
expires: Mon, 21 Nov 2022 02:49:42 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 4844 43 B
703 B 207ms
82ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3247354&v=16798&q=361110&r=412871&pv=1&pref3=oneideZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Nov 2022 02:49:43 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
assets.ad4m.at/logo/ Frame 4844 5 KB
5 KB 93ms
92ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=160&d=600&e=&g=56974894a167a25b01b904da8bb1bfae%2F7331761722778322746&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8bemtw96879y3egrnqn9yf45b76tnvd9a3d61cxsd83kpdwa77mqj7052zqqhbsqw420yd02exykfcfx35b0z7f1xj20gbp1khhx82m83npn832gysvw363km82frzc2bw1f192tq3pd4mnd28mmaw0y062ahkcwz2b2avkxr77svy5j2vsmzpb8m0zck2keyt26pz9fa3rkvxvxns9d80ha7mjg6s1v1p7zhpajbewywww77cj0gchcqwqbxye9pb6wbb3gg2h64wqreg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 725077
cf-polished: origFmt=png, origSize=17428
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4642
cf-bgj: imgq:85,h2pri
last-modified: Fri, 22 Oct 2021 09:58:13 GMT
server: cloudflare
etag: "aa8fff6f6c7d296f039d5bcda00d5257"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwuCLTCwYF6o95KFLJ%2FeoMxFUAj1brtW6KtJYLSU0mL%2BzpVLatkDdSkNnFLnXBPrsJi6cU0J6Mrho%2B4WofDqFjl889lH2QwlM%2BA%2FAl7m63NohJoemXWZ0YRE%2Bkq2KSn5w9uIymJ6haazkUjP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76cddfbb7c5d7501-LHR
expires: Mon, 21 Nov 2022 02:49:42 GMT

GET
H2 200 FCE49E1531E79349833FEBDB7533A30B9A744177F8264E7C61970A62BE1544B5AAABFF9C609FE11E6920604AA41733C8FF5A69EAC3919EA134B2C24AEEA9B457
assets.ad4m.at/product_image/ Frame 4844 359 KB
360 KB 93ms
92ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FCE49E1531E79349833FEBDB7533A30B9A744177F8264E7C61970A62BE1544B5AAABFF9C609FE11E6920604AA41733C8FF5A69EAC3919EA134B2C24AEEA9B457
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=160&d=600&e=&g=56974894a167a25b01b904da8bb1bfae%2F7331761722778322746&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8bemtw96879y3egrnqn9yf45b76tnvd9a3d61cxsd83kpdwa77mqj7052zqqhbsqw420yd02exykfcfx35b0z7f1xj20gbp1khhx82m83npn832gysvw363km82frzc2bw1f192tq3pd4mnd28mmaw0y062ahkcwz2b2avkxr77svy5j2vsmzpb8m0zck2keyt26pz9fa3rkvxvxns9d80ha7mjg6s1v1p7zhpajbewywww77cj0gchcqwqbxye9pb6wbb3gg2h64wqreg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d398fc0e57ee1ae5c4728c807bf7ce0979c8d84347ba94716dc046c53384bc7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1894148
cf-polished: origFmt=png, origSize=565110
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 367856
cf-bgj: imgq:85,h2pri
last-modified: Fri, 22 Oct 2021 10:16:19 GMT
server: cloudflare
etag: "d711e4bf72811e8e6e7f50c634dcf690"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKy9uQKDjAIO3N4f1z9lV7ljd9VztAcaLSiAM321inVYveWuPhqNu2PT1VuKp%2FjivsK73GsyhGIP3I2j2D0UMQ2mzj5GOnlHqlMISMfOhiCLwcq3R3zWWKUroQwWXtcgXZXjHAKIU5g1FTjQ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76cddfbb7c5f7501-LHR
expires: Mon, 21 Nov 2022 02:49:42 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame E581 89 KB
11 KB 79ms
78ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=c56db4298109cedb481d5e3bc0459c87%2F14067477401601687808&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582771&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka5eascsdpeda1bz0v6pv8y5vma3583kacng097nfjbzg10heq1fbdj0s1afchm08sy27dkgb2z21ave6z2pgnz2g50xmawbxxxs0q6wxvp6g9h9wwk2vxaaej735qm97b72adr8935d1rj9ffztvvc44jj1861rn47fjzzyccm3nzc7ekse4v5aq0wq6ks38fsb6ccsc43mnwvy4kjjx1camyy2p44nnb6jsqr384m5ab20ahzje2dcfe9z4brtbaz8dj0m2jm07rfq36g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cR6xZV5Y9boFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QLlFjLt_e4prmFPY670_2GRiO70xFJa0D_zRJgWwLkXeA6VXXFwrlvXgA1upWM7Mo3KJHwaUNQrIwRemFde4n6jy_46IeXyRFJk2x_5S4-8m8_lvzrKnNFK60j1PhVeFm-JZDNCmpBTObVzWSRGcRtHW6Mdx-U-h2-shNVUGenIJDuUFwMlmZlnto-R9ZYmh9p0wxxoCmEaltR3OtvWhCr9pYgeS9Z8_Xe3mXxEyY5oD6Qqouu6Xqls25OF4X3O8Bx7SxGFbmwwlToML1qBTvPMeYkH70sNtMMDnKueWreO7PmiIT4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2sjpVT0Npgt8eSmMT--TJp4i320g%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=c56db4298109cedb481d5e3bc0459c87%2F14067477401601687808&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582771&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka5eascsdpeda1bz0v6pv8y5vma3583kacng097nfjbzg10heq1fbdj0s1afchm08sy27dkgb2z21ave6z2pgnz2g50xmawbxxxs0q6wxvp6g9h9wwk2vxaaej735qm97b72adr8935d1rj9ffztvvc44jj1861rn47fjzzyccm3nzc7ekse4v5aq0wq6ks38fsb6ccsc43mnwvy4kjjx1camyy2p44nnb6jsqr384m5ab20ahzje2dcfe9z4brtbaz8dj0m2jm07rfq36g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cR6xZV5Y9boFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QLlFjLt_e4prmFPY670_2GRiO70xFJa0D_zRJgWwLkXeA6VXXFwrlvXgA1upWM7Mo3KJHwaUNQrIwRemFde4n6jy_46IeXyRFJk2x_5S4-8m8_lvzrKnNFK60j1PhVeFm-JZDNCmpBTObVzWSRGcRtHW6Mdx-U-h2-shNVUGenIJDuUFwMlmZlnto-R9ZYmh9p0wxxoCmEaltR3OtvWhCr9pYgeS9Z8_Xe3mXxEyY5oD6Qqouu6Xqls25OF4X3O8Bx7SxGFbmwwlToML1qBTvPMeYkH70sNtMMDnKueWreO7PmiIT4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2sjpVT0Npgt8eSmMT--TJp4i320g%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 293040
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=91232
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Wed, 16 Nov 2022 17:25:42 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 76cddfbb4eb7dd17-LHR
expires: 0

GET
H2 200 F2696AE884D1EB814BAC836D7ECEB3E3842C890A7F3525161F7565B21132CACC0AD310A864434D76C9D56FE1B71A52BBF7870DA7440A2E17DF2B23750AE47772
assets.ad4m.at/logo/ Frame E581 3 KB
4 KB 68ms
67ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F2696AE884D1EB814BAC836D7ECEB3E3842C890A7F3525161F7565B21132CACC0AD310A864434D76C9D56FE1B71A52BBF7870DA7440A2E17DF2B23750AE47772
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=c56db4298109cedb481d5e3bc0459c87%2F14067477401601687808&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582771&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka5eascsdpeda1bz0v6pv8y5vma3583kacng097nfjbzg10heq1fbdj0s1afchm08sy27dkgb2z21ave6z2pgnz2g50xmawbxxxs0q6wxvp6g9h9wwk2vxaaej735qm97b72adr8935d1rj9ffztvvc44jj1861rn47fjzzyccm3nzc7ekse4v5aq0wq6ks38fsb6ccsc43mnwvy4kjjx1camyy2p44nnb6jsqr384m5ab20ahzje2dcfe9z4brtbaz8dj0m2jm07rfq36g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cR6xZV5Y9boFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QLlFjLt_e4prmFPY670_2GRiO70xFJa0D_zRJgWwLkXeA6VXXFwrlvXgA1upWM7Mo3KJHwaUNQrIwRemFde4n6jy_46IeXyRFJk2x_5S4-8m8_lvzrKnNFK60j1PhVeFm-JZDNCmpBTObVzWSRGcRtHW6Mdx-U-h2-shNVUGenIJDuUFwMlmZlnto-R9ZYmh9p0wxxoCmEaltR3OtvWhCr9pYgeS9Z8_Xe3mXxEyY5oD6Qqouu6Xqls25OF4X3O8Bx7SxGFbmwwlToML1qBTvPMeYkH70sNtMMDnKueWreO7PmiIT4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2sjpVT0Npgt8eSmMT--TJp4i320g%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6151c6cb78b2f0ced663b5e32e13658236477225b4416c52e57142f3d610f058

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 798268
cf-polished: origFmt=png, origSize=11554
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3224
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Nov 2022 07:30:35 GMT
server: cloudflare
etag: "1ca6a79380ae53c080c2e12b38bdb5eb"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nynvVfG1caaBrSLD%2B4K%2FUr%2FfWdoFz4ttwPx%2BG%2F8clXT7H8lDZNltGu1pNENHpcjphsP5T94tehLPUsOr1f8mxXdVluTPZHoN9YDx5BpmZ1mE%2BkwrDnjw%2BVyeqrq44lpb0IyH%2FPwCj0V7mcWS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76cddfbb4c377501-LHR
expires: Mon, 21 Nov 2022 02:49:42 GMT

GET
H2 200 43EB8D27EDF06982A1CDF7B120851C41F9AE11B7D734EE12251DEFFB51C17BC6EAEB7A2F2E7C750E0DD6FDA73367D0F20B75F513B858755E76942F713443F3B9
assets.ad4m.at/product_image/ Frame E581 296 KB
296 KB 91ms
90ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/43EB8D27EDF06982A1CDF7B120851C41F9AE11B7D734EE12251DEFFB51C17BC6EAEB7A2F2E7C750E0DD6FDA73367D0F20B75F513B858755E76942F713443F3B9
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=c56db4298109cedb481d5e3bc0459c87%2F14067477401601687808&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582771&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka5eascsdpeda1bz0v6pv8y5vma3583kacng097nfjbzg10heq1fbdj0s1afchm08sy27dkgb2z21ave6z2pgnz2g50xmawbxxxs0q6wxvp6g9h9wwk2vxaaej735qm97b72adr8935d1rj9ffztvvc44jj1861rn47fjzzyccm3nzc7ekse4v5aq0wq6ks38fsb6ccsc43mnwvy4kjjx1camyy2p44nnb6jsqr384m5ab20ahzje2dcfe9z4brtbaz8dj0m2jm07rfq36g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cR6xZV5Y9boFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QLlFjLt_e4prmFPY670_2GRiO70xFJa0D_zRJgWwLkXeA6VXXFwrlvXgA1upWM7Mo3KJHwaUNQrIwRemFde4n6jy_46IeXyRFJk2x_5S4-8m8_lvzrKnNFK60j1PhVeFm-JZDNCmpBTObVzWSRGcRtHW6Mdx-U-h2-shNVUGenIJDuUFwMlmZlnto-R9ZYmh9p0wxxoCmEaltR3OtvWhCr9pYgeS9Z8_Xe3mXxEyY5oD6Qqouu6Xqls25OF4X3O8Bx7SxGFbmwwlToML1qBTvPMeYkH70sNtMMDnKueWreO7PmiIT4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2sjpVT0Npgt8eSmMT--TJp4i320g%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 262be405d24e2c19dc4e3ecce75466f864fd5959649e39b8b97fd1c83c54087f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 814423
cf-polished: origFmt=png, origSize=466926
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 302728
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Nov 2022 12:39:43 GMT
server: cloudflare
etag: "45f5fed59fc1f13fbebb41146459eb81"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4pnIyr%2FOk7Sx54f6NPtW8%2FBu0W6%2FyX9pjSZwnI18z9l4Z6rHvXVFTvVRxxPH8Sr1u9HqF%2B2NHNVSrl4829u3od6DE1eGtQO8BvXabNMRxzMAugU4yiEP%2BxOMxc%2F%2Fam4iembAw5UCoRtr1pe"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76cddfbb7c607501-LHR
expires: Mon, 21 Nov 2022 02:49:42 GMT

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame E581 8 KB
9 KB 89ms
87ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=c56db4298109cedb481d5e3bc0459c87%2F14067477401601687808&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582771&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka5eascsdpeda1bz0v6pv8y5vma3583kacng097nfjbzg10heq1fbdj0s1afchm08sy27dkgb2z21ave6z2pgnz2g50xmawbxxxs0q6wxvp6g9h9wwk2vxaaej735qm97b72adr8935d1rj9ffztvvc44jj1861rn47fjzzyccm3nzc7ekse4v5aq0wq6ks38fsb6ccsc43mnwvy4kjjx1camyy2p44nnb6jsqr384m5ab20ahzje2dcfe9z4brtbaz8dj0m2jm07rfq36g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cR6xZV5Y9boFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QLlFjLt_e4prmFPY670_2GRiO70xFJa0D_zRJgWwLkXeA6VXXFwrlvXgA1upWM7Mo3KJHwaUNQrIwRemFde4n6jy_46IeXyRFJk2x_5S4-8m8_lvzrKnNFK60j1PhVeFm-JZDNCmpBTObVzWSRGcRtHW6Mdx-U-h2-shNVUGenIJDuUFwMlmZlnto-R9ZYmh9p0wxxoCmEaltR3OtvWhCr9pYgeS9Z8_Xe3mXxEyY5oD6Qqouu6Xqls25OF4X3O8Bx7SxGFbmwwlToML1qBTvPMeYkH70sNtMMDnKueWreO7PmiIT4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2sjpVT0Npgt8eSmMT--TJp4i320g%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2263443
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyK3f0IHN%2FzHXfX9ZexxcFQssazi0ZWZHq4TiMjKPBb4zsPufynZo%2FX6O2EIkOFVlNFjW65lju35JXg10VyicTTvc2Ka8owwqwNkSPqkDURGMC3W%2FJ9jwOVGm5A9dQYawRNy18IbfWr3IZPD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76cddfbb7c627501-LHR
expires: Mon, 21 Nov 2022 02:49:42 GMT

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame E581 30 KB
30 KB 89ms
88ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=c56db4298109cedb481d5e3bc0459c87%2F14067477401601687808&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582771&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka5eascsdpeda1bz0v6pv8y5vma3583kacng097nfjbzg10heq1fbdj0s1afchm08sy27dkgb2z21ave6z2pgnz2g50xmawbxxxs0q6wxvp6g9h9wwk2vxaaej735qm97b72adr8935d1rj9ffztvvc44jj1861rn47fjzzyccm3nzc7ekse4v5aq0wq6ks38fsb6ccsc43mnwvy4kjjx1camyy2p44nnb6jsqr384m5ab20ahzje2dcfe9z4brtbaz8dj0m2jm07rfq36g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cR6xZV5Y9boFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QLlFjLt_e4prmFPY670_2GRiO70xFJa0D_zRJgWwLkXeA6VXXFwrlvXgA1upWM7Mo3KJHwaUNQrIwRemFde4n6jy_46IeXyRFJk2x_5S4-8m8_lvzrKnNFK60j1PhVeFm-JZDNCmpBTObVzWSRGcRtHW6Mdx-U-h2-shNVUGenIJDuUFwMlmZlnto-R9ZYmh9p0wxxoCmEaltR3OtvWhCr9pYgeS9Z8_Xe3mXxEyY5oD6Qqouu6Xqls25OF4X3O8Bx7SxGFbmwwlToML1qBTvPMeYkH70sNtMMDnKueWreO7PmiIT4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2sjpVT0Npgt8eSmMT--TJp4i320g%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1503739
cf-polished: qual=85, origFmt=jpeg, origSize=81547
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30226
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Apr 2020 08:50:22 GMT
server: cloudflare
etag: "f7c8b1c28756e1f042414e043a02e1fa"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpd%2Bn5qeRM7rwWha2SQ3Knyik2NlaE4GBeU2yS1IyCE81hGRY3PNu%2BBF%2BzZ2FFJZKzLPANYUzB2YPhGgWZcA4KLgzd2Uk43B7GNREtW6277V3GlO%2BKkvMKM6IaBdwy0KnLhCeafNiRwBkxCq"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76cddfbb7c637501-LHR
expires: Mon, 21 Nov 2022 02:49:42 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame E581
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CIKYs-3fu_sCFRjBEQgdtiIIHQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1668912583_fc712e70-687d-11ed-adce-2234a4c513ba

0
517 B

191ms
60ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1668912583_fc712e70-687d-11ed-adce-2234a4c513ba
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=c56db4298109cedb481d5e3bc0459c87%2F14067477401601687808&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582771&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka5eascsdpeda1bz0v6pv8y5vma3583kacng097nfjbzg10heq1fbdj0s1afchm08sy27dkgb2z21ave6z2pgnz2g50xmawbxxxs0q6wxvp6g9h9wwk2vxaaej735qm97b72adr8935d1rj9ffztvvc44jj1861rn47fjzzyccm3nzc7ekse4v5aq0wq6ks38fsb6ccsc43mnwvy4kjjx1camyy2p44nnb6jsqr384m5ab20ahzje2dcfe9z4brtbaz8dj0m2jm07rfq36g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cR6xZV5Y9boFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QLlFjLt_e4prmFPY670_2GRiO70xFJa0D_zRJgWwLkXeA6VXXFwrlvXgA1upWM7Mo3KJHwaUNQrIwRemFde4n6jy_46IeXyRFJk2x_5S4-8m8_lvzrKnNFK60j1PhVeFm-JZDNCmpBTObVzWSRGcRtHW6Mdx-U-h2-shNVUGenIJDuUFwMlmZlnto-R9ZYmh9p0wxxoCmEaltR3OtvWhCr9pYgeS9Z8_Xe3mXxEyY5oD6Qqouu6Xqls25OF4X3O8Bx7SxGFbmwwlToML1qBTvPMeYkH70sNtMMDnKueWreO7PmiIT4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2sjpVT0Npgt8eSmMT--TJp4i320g%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Nov 2022 02:49:43 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Sun, 20 Nov 2022 02:49:43 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1668912583_fc712e70-687d-11ed-adce-2234a4c513ba
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame E581 2 KB
3 KB 89ms
88ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=c56db4298109cedb481d5e3bc0459c87%2F14067477401601687808&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582771&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka5eascsdpeda1bz0v6pv8y5vma3583kacng097nfjbzg10heq1fbdj0s1afchm08sy27dkgb2z21ave6z2pgnz2g50xmawbxxxs0q6wxvp6g9h9wwk2vxaaej735qm97b72adr8935d1rj9ffztvvc44jj1861rn47fjzzyccm3nzc7ekse4v5aq0wq6ks38fsb6ccsc43mnwvy4kjjx1camyy2p44nnb6jsqr384m5ab20ahzje2dcfe9z4brtbaz8dj0m2jm07rfq36g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cR6xZV5Y9boFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QLlFjLt_e4prmFPY670_2GRiO70xFJa0D_zRJgWwLkXeA6VXXFwrlvXgA1upWM7Mo3KJHwaUNQrIwRemFde4n6jy_46IeXyRFJk2x_5S4-8m8_lvzrKnNFK60j1PhVeFm-JZDNCmpBTObVzWSRGcRtHW6Mdx-U-h2-shNVUGenIJDuUFwMlmZlnto-R9ZYmh9p0wxxoCmEaltR3OtvWhCr9pYgeS9Z8_Xe3mXxEyY5oD6Qqouu6Xqls25OF4X3O8Bx7SxGFbmwwlToML1qBTvPMeYkH70sNtMMDnKueWreO7PmiIT4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2sjpVT0Npgt8eSmMT--TJp4i320g%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2272877
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZfEXzuj62QFQ0%2BAiLOx2idhVASMCJcd4Wt5e7KpV5olcHvPOlA%2FbQmcca2fPkhFoz49aG%2ByXuemBaQsewug7Q0lSFTuzsjNZAmat6%2F%2FAzC%2F9A4uTvlv8FCypPa687vzMluT5QSWeOaPfUvd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76cddfbb7c647501-LHR
expires: Mon, 21 Nov 2022 02:49:42 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame E581 339 KB
340 KB 100ms
99ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=c56db4298109cedb481d5e3bc0459c87%2F14067477401601687808&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582771&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka5eascsdpeda1bz0v6pv8y5vma3583kacng097nfjbzg10heq1fbdj0s1afchm08sy27dkgb2z21ave6z2pgnz2g50xmawbxxxs0q6wxvp6g9h9wwk2vxaaej735qm97b72adr8935d1rj9ffztvvc44jj1861rn47fjzzyccm3nzc7ekse4v5aq0wq6ks38fsb6ccsc43mnwvy4kjjx1camyy2p44nnb6jsqr384m5ab20ahzje2dcfe9z4brtbaz8dj0m2jm07rfq36g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cR6xZV5Y9boFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QLlFjLt_e4prmFPY670_2GRiO70xFJa0D_zRJgWwLkXeA6VXXFwrlvXgA1upWM7Mo3KJHwaUNQrIwRemFde4n6jy_46IeXyRFJk2x_5S4-8m8_lvzrKnNFK60j1PhVeFm-JZDNCmpBTObVzWSRGcRtHW6Mdx-U-h2-shNVUGenIJDuUFwMlmZlnto-R9ZYmh9p0wxxoCmEaltR3OtvWhCr9pYgeS9Z8_Xe3mXxEyY5oD6Qqouu6Xqls25OF4X3O8Bx7SxGFbmwwlToML1qBTvPMeYkH70sNtMMDnKueWreO7PmiIT4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2sjpVT0Npgt8eSmMT--TJp4i320g%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2272321
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLiVXTJp8kcKAnoSaQVWVbxBD1nbwQiWZPisc3dWcGcHs8iUwXZw905o026dACTxoAFuG7mdJuA2oaVt6GaoRofBGiC30yzCPcgcvDTmhJsXJgMFacJ83%2FBQYhnfEMHu%2FoDq65%2BCh9Og05qc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 76cddfbb7c657501-LHR
expires: Mon, 21 Nov 2022 02:49:42 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E581 43 B
703 B 204ms
82ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2767075&v=20044&q=402224&r=412871&pv=1&pref3=oneidz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSWoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Nov 2022 02:49:43 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3BF8 42 B
64 B 93ms
92ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNxEihHzwvFz9_o01uDx9Km2KMsUr6FIE3RsWXHMi3imCf1t1ekqPJbi1CxSHlhcwjUpo6oAfAANgvWqu6v0eiFthpHzXhQM_ejLYH8xD3cZAncZytgxAwrfz7KCzJI4ztVP1TAA&sai=AMfl-YSpesOXF4WC6QofD8nUtym7_y33L8-WtjXrWF1smw8Ro5rDgneGGnJHKL-LU4qTtz9E--7EwFZ0s1pR2u0&sig=Cg0ArKJSzKlb8b-Q7ZaMEAE&cid=CAQSGwDq26N90NLUSaQV2Yo_gY3OGMKzZvdV-7PeEhgBIBM&id=lidar2&mcvt=1011&p=0,0,124,1005&mtos=99,690,1011,1017,1017&tos=99,591,321,6,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668912581504&rpt=383&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3CC9 13 KB
5 KB 57ms
55ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stud.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 18071
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 21:48:31 GMT
expires: Sun, 19 Nov 2023 21:48:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1AEF 783 B
534 B 66ms
65ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6614e69c82a3311f949cde0b9cbb4379b8a24aee15b07a8f419ec280e1a5f1b6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W0Ur7vdb5izS2HSii2vjYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stud.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-W0Ur7vdb5izS2HSii2vjYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 02:49:42 GMT
expires: Sun, 20 Nov 2022 02:49:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 link.html Show response
track.webgains.com/ Frame 4844 2 KB
2 KB 218ms
96ms Script
text/html 18.133.151.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h3ta0d3d1ykt8d097p5hrq802sp9p55947bvzj7mzsnnc8spp6wr2p8er1nwe31ahccck9gbe4p74g50nntaz8a3ar3ae4b6nj30x60vb66rws8039amfadev3hsymstdb9bs0wbfnnfnf9j3djc993h80nt164kjymjvfzfa8yp29yz5b7404pra06ta9rdfw546dbnr04g7pf1a8vvv7g3z8vyg07vy0dmaq49p4egysd0vwdqcb8y43r0281he0jzb8%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h8bemtw96879y3egrnqn9yf45b76tnvd9a3d61cxsd83kpdwa77mqj7052zqqhbsqw420yd02exykfcfx35b0z7f1xj20gbp1khhx82m83npn832gysvw363km82frzc2bw1f192tq3pd4mnd28mmaw0y062ahkcwz2b2avkxr77svy5j2vsmzpb8m0zck2keyt26pz9fa3rkvxvxns9d80ha7mjg6s1v1p7zhpajbewywww77cj0gchcqwqbxye9pb6wbb3gg2h64wqreg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%252526client%25253Dca-pub-5656744916850703%252526adurl%25253D&clickref=oneidd9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUjoneid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidD8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=160&d=600&e=&g=56974894a167a25b01b904da8bb1bfae%2F7331761722778322746&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8bemtw96879y3egrnqn9yf45b76tnvd9a3d61cxsd83kpdwa77mqj7052zqqhbsqw420yd02exykfcfx35b0z7f1xj20gbp1khhx82m83npn832gysvw363km82frzc2bw1f192tq3pd4mnd28mmaw0y062ahkcwz2b2avkxr77svy5j2vsmzpb8m0zck2keyt26pz9fa3rkvxvxns9d80ha7mjg6s1v1p7zhpajbewywww77cj0gchcqwqbxye9pb6wbb3gg2h64wqreg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.151.109 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-151-109.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: b56ed1be0654ee7ee91da6713da40479c282019b84c1cf2a0277ce2453c45037

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:43 GMT
last-modified: Sun, 20 Nov 2022 02:49:43 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 20 Nov 2022 02:50:43 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame E581 2 KB
2 KB 194ms
92ms Script
text/html 18.133.151.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=4366768&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hdx7zvzmsnbf6x15hesytb1sxsy8p8rh26s1a0tpjjncfzcw9j7exvjnd08zqyqs3bnfewjsyqxskx92zj12pysvhmz201yr2xvqgc01k8mnxb92j79ftsayqe782t3739nh81kt5h0e6sg4n0etja2hymc4qbe9jsztaxgfgfc1aqxz740nvbcj38gq2fb6kra2csv82142ecxv3vaebbfv440mrrz0sx2k90e0ea1csssymjd4g5ssscftfvt5aw0kac9%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ka5eascsdpeda1bz0v6pv8y5vma3583kacng097nfjbzg10heq1fbdj0s1afchm08sy27dkgb2z21ave6z2pgnz2g50xmawbxxxs0q6wxvp6g9h9wwk2vxaaej735qm97b72adr8935d1rj9ffztvvc44jj1861rn47fjzzyccm3nzc7ekse4v5aq0wq6ks38fsb6ccsc43mnwvy4kjjx1camyy2p44nnb6jsqr384m5ab20ahzje2dcfe9z4brtbaz8dj0m2jm07rfq36g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6cR6xZV5Y9boFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QLlFjLt_e4prmFPY670_2GRiO70xFJa0D_zRJgWwLkXeA6VXXFwrlvXgA1upWM7Mo3KJHwaUNQrIwRemFde4n6jy_46IeXyRFJk2x_5S4-8m8_lvzrKnNFK60j1PhVeFm-JZDNCmpBTObVzWSRGcRtHW6Mdx-U-h2-shNVUGenIJDuUFwMlmZlnto-R9ZYmh9p0wxxoCmEaltR3OtvWhCr9pYgeS9Z8_Xe3mXxEyY5oD6Qqouu6Xqls25OF4X3O8Bx7SxGFbmwwlToML1qBTvPMeYkH70sNtMMDnKueWreO7PmiIT4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2sjpVT0Npgt8eSmMT--TJp4i320g%252526client%25253Dca-pub-5656744916850703%252526adurl%25253D&clickref=oneidgzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ceoneid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidwbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5oneid__suite_Netmix_Reach43_TopRotaMonth
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=c56db4298109cedb481d5e3bc0459c87%2F14067477401601687808&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582771&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka5eascsdpeda1bz0v6pv8y5vma3583kacng097nfjbzg10heq1fbdj0s1afchm08sy27dkgb2z21ave6z2pgnz2g50xmawbxxxs0q6wxvp6g9h9wwk2vxaaej735qm97b72adr8935d1rj9ffztvvc44jj1861rn47fjzzyccm3nzc7ekse4v5aq0wq6ks38fsb6ccsc43mnwvy4kjjx1camyy2p44nnb6jsqr384m5ab20ahzje2dcfe9z4brtbaz8dj0m2jm07rfq36g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cR6xZV5Y9boFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QLlFjLt_e4prmFPY670_2GRiO70xFJa0D_zRJgWwLkXeA6VXXFwrlvXgA1upWM7Mo3KJHwaUNQrIwRemFde4n6jy_46IeXyRFJk2x_5S4-8m8_lvzrKnNFK60j1PhVeFm-JZDNCmpBTObVzWSRGcRtHW6Mdx-U-h2-shNVUGenIJDuUFwMlmZlnto-R9ZYmh9p0wxxoCmEaltR3OtvWhCr9pYgeS9Z8_Xe3mXxEyY5oD6Qqouu6Xqls25OF4X3O8Bx7SxGFbmwwlToML1qBTvPMeYkH70sNtMMDnKueWreO7PmiIT4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2sjpVT0Npgt8eSmMT--TJp4i320g%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.151.109 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-151-109.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 2054965ddcde1b8d52f79108993e5d8bf55cd07ae96061e28e082bc171d06e71

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:43 GMT
last-modified: Sun, 20 Nov 2022 02:49:43 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 20 Nov 2022 02:50:43 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 4844 2 KB
2 KB 203ms
102ms Script
text/html 18.133.151.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3766811&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hdb9vvkn5t85sp984fdw3dv2t34w6k49fj4pw5a9rq89jm4x2erp24fbj6m11z8b8whtk9kpbj23qz1gcy9hcvmjab4pd0dnapd9rbj6n27pg8524vxvmfw3zhmnd2vypth687mddp3yhbfqsgrx9q2dr300xv1s99wfbj2fajtzxcrxz7t44bccfe9rkraeepzvrp51347z5esvr8x7ffe00gyv7hp9jwxtgewb2c70h2xrvfjc8qcrh8gqz9fr3jhp%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h8bemtw96879y3egrnqn9yf45b76tnvd9a3d61cxsd83kpdwa77mqj7052zqqhbsqw420yd02exykfcfx35b0z7f1xj20gbp1khhx82m83npn832gysvw363km82frzc2bw1f192tq3pd4mnd28mmaw0y062ahkcwz2b2avkxr77svy5j2vsmzpb8m0zck2keyt26pz9fa3rkvxvxns9d80ha7mjg6s1v1p7zhpajbewywww77cj0gchcqwqbxye9pb6wbb3gg2h64wqreg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%252526client%25253Dca-pub-5656744916850703%252526adurl%25253D&clickref=oneidd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUjoneid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=160&d=600&e=&g=56974894a167a25b01b904da8bb1bfae%2F7331761722778322746&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8bemtw96879y3egrnqn9yf45b76tnvd9a3d61cxsd83kpdwa77mqj7052zqqhbsqw420yd02exykfcfx35b0z7f1xj20gbp1khhx82m83npn832gysvw363km82frzc2bw1f192tq3pd4mnd28mmaw0y062ahkcwz2b2avkxr77svy5j2vsmzpb8m0zck2keyt26pz9fa3rkvxvxns9d80ha7mjg6s1v1p7zhpajbewywww77cj0gchcqwqbxye9pb6wbb3gg2h64wqreg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.151.109 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-151-109.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 7fcee64c145a0be734ca1776b27e36dffecbdcf9ae2bdf39b38217951d473e39

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:43 GMT
last-modified: Sun, 20 Nov 2022 02:49:43 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 20 Nov 2022 02:50:43 GMT

GET
H/1.1 200
OK f5bfe45bb2 Show response
tm.simptrack.com/tm/a/channel/tracker/ Frame 0B7C 44 B
939 B 240ms
101ms Document
image/gif 144.76.87.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=160&d=600&e=&g=56974894a167a25b01b904da8bb1bfae%2F7331761722778322746&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8bemtw96879y3egrnqn9yf45b76tnvd9a3d61cxsd83kpdwa77mqj7052zqqhbsqw420yd02exykfcfx35b0z7f1xj20gbp1khhx82m83npn832gysvw363km82frzc2bw1f192tq3pd4mnd28mmaw0y062ahkcwz2b2avkxr77svy5j2vsmzpb8m0zck2keyt26pz9fa3rkvxvxns9d80ha7mjg6s1v1p7zhpajbewywww77cj0gchcqwqbxye9pb6wbb3gg2h64wqreg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.87.156 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.156.87.76.144.clients.your-server.de
Software: nginx /
Resource Hash: e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 44
Content-Type: image/gif
Date: Sun, 20 Nov 2022 02:49:43 GMT
Expires: 0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: nginx

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3CC9 36 KB
16 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 20:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Nov 2023 20:57:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1AEF 0
0 91ms
91ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=1604111756810199&rc=
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 190ms
64ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 21 Nov 2022 02:49:43 GMT

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ Frame B9FC 0
238 B 55ms
54ms Ping
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarynG2fRnTMjPleahEk

Response headers

Access-Control-Allow-Origin: https://stud.com.ua
Date: Sun, 20 Nov 2022 02:49:43 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame 0D77 221 KB
60 KB 172ms
57ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:53 GMT
age: 463250
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:53 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 0D77 14 KB
5 KB 168ms
55ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:53 GMT
age: 463250
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:53 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 0D77 94 KB
28 KB 267ms
153ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:53 GMT
age: 463250
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:53 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 0D77 5 KB
2 KB 251ms
138ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 19 Nov 2022 03:49:42 GMT
age: 82801
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 19 Nov 2023 03:49:42 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 0D77 40 KB
13 KB 251ms
138ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 19 Nov 2022 02:20:47 GMT
age: 88136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 19 Nov 2023 02:20:47 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0D77 4 KB
621 B 71ms
69ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 20 Nov 2022 02:49:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 20 Nov 2022 01:44:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Nov 2022 02:49:43 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0D77 3 KB
3 KB 60ms
58ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 19:08:23 GMT
x-content-type-options: nosniff
server: cafe
age: 27680
etag: 14587847488922671356
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Sun, 20 Nov 2022 19:08:23 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0D77 344 B
374 B 60ms
59ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 10:22:22 GMT
x-content-type-options: nosniff
server: cafe
age: 59241
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sun, 20 Nov 2022 10:22:22 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0D77 0
0 65ms
63ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQPoDMKo5JBeX-WoMHftsBC6prTZm8SxHBQiedATiWKJG-U-76T5_yt92fTBY37I-hrzCGHwwYOLYP982mfZNyQDcfK2Q
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0D77 0
0 100ms
98ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cvw3LxpV5Y4f6MpPB9u8PivGykAnfo4b3abPA34LjD_up9MrCARABIOPgvCNglQKgAcO95MMCyAEJqQJzaem3qFKxPuACAKgDAcgDCqoE8wFP0DPdpNM1o1uTwXkxfki-LRUjgxb3cW4aT4T8iTHmX64eAyfZUfgFibfwgzzd88FKqQOWVbuQGSNQ5MipDqJrmH-wzDhCiJfLppmurIP02hKBxOoSbME96noiJ7o5Dich1_wO6JsrGzWTpZ5wlNuhPtHyhi6leYLx-bHzodmHqn_MChoJw0zSfwUmS6zALCSvYDeMk4lWjUdX495_XrodD_R81Il5aryH6Ngjv6h5eG0TOwnEtlWUR-7iSIXIzfNexqVxraFG2VZcoIAs6ElVrCh_vv4-7XnW4Vfp3-CDn32KNuDnrjpGHRWA_YkTRjgQONvABKSq5bDJAuAEAZIFBAgEGAGSBQQIBRgEoAYugAelwpu8AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEILyD9IIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi02NjU4NzI2MDM5ODM3NDY2gAoDyAsBuBPkA9gTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi0zMzc5OTY5MTE2OTUwMTk5GIu6Eg&sigh=wXIl7TBvxyU&uach_m=[UACH]&cid=CAQSPADq26N95K8jsMzZKAmlcO-nVWgX01o0RsacGJS3R_FriJy72OI5ZOnPUJCHrJqu5kFOgU_vxqv_O0VarxgBIBM&template_id=484
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/10189905464917991758/ Frame 0D77 19 KB
19 KB 55ms
54ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10189905464917991758/6592766407814317453

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e9c3d168b94b24597bd4e4248d785dc6a94e93f224d65a779302cd7271b446f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 20:07:53 GMT
x-content-type-options: nosniff
age: 369710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19663
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:43:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Nov 2023 20:07:53 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4048859477132366911/ Frame 0D77 3 KB
3 KB 57ms
56ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4048859477132366911/downsize_200k_v1?w=100&h=100

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62a8ba3cf733ea321ecb027323978526c422f1db16d05c2459ab9aaafb8c14ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:04:27 GMT
x-content-type-options: nosniff
age: 492316
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2616
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 09:42:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 Nov 2023 10:04:27 GMT

GET
DATA 200
OK truncated
/ Frame 0D77 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b4b6ad9424d90c084f7f56060396b17d7452517a86c32a4a49c6cfaa86f70e9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3CC9 0
12 B 55ms
54ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7CTg0w
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 4844 85 KB
31 KB 209ms
66ms Script
application/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h3ta0d3d1ykt8d097p5hrq802sp9p55947bvzj7mzsnnc8spp6wr2p8er1nwe31ahccck9gbe4p74g50nntaz8a3ar3ae4b6nj30x60vb66rws8039amfadev3hsymstdb9bs0wbfnnfnf9j3djc993h80nt164kjymjvfzfa8yp29yz5b7404pra06ta9rdfw546dbnr04g7pf1a8vvv7g3z8vyg07vy0dmaq49p4egysd0vwdqcb8y43r0281he0jzb8%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h8bemtw96879y3egrnqn9yf45b76tnvd9a3d61cxsd83kpdwa77mqj7052zqqhbsqw420yd02exykfcfx35b0z7f1xj20gbp1khhx82m83npn832gysvw363km82frzc2bw1f192tq3pd4mnd28mmaw0y062ahkcwz2b2avkxr77svy5j2vsmzpb8m0zck2keyt26pz9fa3rkvxvxns9d80ha7mjg6s1v1p7zhpajbewywww77cj0gchcqwqbxye9pb6wbb3gg2h64wqreg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%252526client%25253Dca-pub-5656744916850703%252526adurl%25253D&clickref=oneidd9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUjoneid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidD8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 18:52:38 GMT
content-encoding: gzip
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 15:47:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 28626
etag: W/"faa933973c404f8cfedacd4b67a60b85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: gsjV-JrCz2xJUCDMX8Ea7GTK2QkEQk4z-1__q1bb7dD6TLnuIPEPww==

GET
H2 200 Logo120x90.jpg
cdn.track.production.webgains.team/294690/ Frame 4844 2 KB
3 KB 181ms
55ms Image
image/jpeg 13.32.121.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/294690/Logo120x90.jpg?Expires=1668912883&Signature=p5H5U8bJD9pu6blkdrTvNBhKHVTMfdwQW4O59RT06nQHBnq7wjGtCjYzZCc~yai5Ud4sDrsRpQ4TyKTFDZLtXHe4~zA6pkTtLEQ0fzNpgzQ8mw6SlFwb45ZnYcZ7g~f8aLwFTTWX47OTiUo053zQqIe134LluMMbQ6kKuOzEPe678LWJR0XqMlevSZObBH-cfdpNP9abGHCJ7aP4wl9Q~3PFXYfKnAzy5fd~f0MfRDH9lg02Vn4deglx2XxCYatE2QcSmI3abJtDhJioftz-AiwVxtn13T5QAlw2AKL7Dm7j8jBePb9a4vwuY6pOU1IXI7EyuTB9g-H1cyqCJwVPYw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=160&d=600&e=&g=56974894a167a25b01b904da8bb1bfae%2F7331761722778322746&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8bemtw96879y3egrnqn9yf45b76tnvd9a3d61cxsd83kpdwa77mqj7052zqqhbsqw420yd02exykfcfx35b0z7f1xj20gbp1khhx82m83npn832gysvw363km82frzc2bw1f192tq3pd4mnd28mmaw0y062ahkcwz2b2avkxr77svy5j2vsmzpb8m0zck2keyt26pz9fa3rkvxvxns9d80ha7mjg6s1v1p7zhpajbewywww77cj0gchcqwqbxye9pb6wbb3gg2h64wqreg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 19 Nov 2022 18:07:49 GMT
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Thu, 04 Aug 2022 13:56:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 31315
etag: "66da632e2658ba90a2b4863be372b9cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
accept-ranges: bytes
content-length: 2298
x-amz-cf-id: 85wMJDnfamc7t10Z2_2ZTf_lactodqxZvWhbwCH4t13tGuu9CGNubQ==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame E581 85 KB
31 KB 259ms
117ms Script
application/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=4366768&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hdx7zvzmsnbf6x15hesytb1sxsy8p8rh26s1a0tpjjncfzcw9j7exvjnd08zqyqs3bnfewjsyqxskx92zj12pysvhmz201yr2xvqgc01k8mnxb92j79ftsayqe782t3739nh81kt5h0e6sg4n0etja2hymc4qbe9jsztaxgfgfc1aqxz740nvbcj38gq2fb6kra2csv82142ecxv3vaebbfv440mrrz0sx2k90e0ea1csssymjd4g5ssscftfvt5aw0kac9%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ka5eascsdpeda1bz0v6pv8y5vma3583kacng097nfjbzg10heq1fbdj0s1afchm08sy27dkgb2z21ave6z2pgnz2g50xmawbxxxs0q6wxvp6g9h9wwk2vxaaej735qm97b72adr8935d1rj9ffztvvc44jj1861rn47fjzzyccm3nzc7ekse4v5aq0wq6ks38fsb6ccsc43mnwvy4kjjx1camyy2p44nnb6jsqr384m5ab20ahzje2dcfe9z4brtbaz8dj0m2jm07rfq36g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC6cR6xZV5Y9boFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QLlFjLt_e4prmFPY670_2GRiO70xFJa0D_zRJgWwLkXeA6VXXFwrlvXgA1upWM7Mo3KJHwaUNQrIwRemFde4n6jy_46IeXyRFJk2x_5S4-8m8_lvzrKnNFK60j1PhVeFm-JZDNCmpBTObVzWSRGcRtHW6Mdx-U-h2-shNVUGenIJDuUFwMlmZlnto-R9ZYmh9p0wxxoCmEaltR3OtvWhCr9pYgeS9Z8_Xe3mXxEyY5oD6Qqouu6Xqls25OF4X3O8Bx7SxGFbmwwlToML1qBTvPMeYkH70sNtMMDnKueWreO7PmiIT4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2sjpVT0Npgt8eSmMT--TJp4i320g%252526client%25253Dca-pub-5656744916850703%252526adurl%25253D&clickref=oneidgzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ceoneid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidwbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5oneid__suite_Netmix_Reach43_TopRotaMonth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 18:52:38 GMT
content-encoding: gzip
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
last-modified: Mon, 31 Oct 2022 15:47:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 28626
etag: W/"faa933973c404f8cfedacd4b67a60b85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: JXnzkW4d6mfNzhTS2sTYTPqNTu3MbTSS_DAZINMiD3IGxMzOiKCebw==

GET
H2 200 1659354586_efWwgs1Qb28CJ2gn5syWw4lgeBNhVHiH.gif
cdn.track.production.webgains.team/295140/ Frame E581 19 KB
19 KB 193ms
68ms Image
image/gif 13.32.121.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/295140/1659354586_efWwgs1Qb28CJ2gn5syWw4lgeBNhVHiH.gif?Expires=1668912883&Signature=F~KXqbtQbXUJNx0kLcg7T2RT-XePIlH~IGzeNK6vQg4I4Lni4MTDvRsLKF0KisBEE26UZF2lzk~AwoNo~taZAKTINswmANcw7yC66UQdq1~9CpcqzX85dEee-RM~SHuXkPpZuOxUU-RFPeZoYjziRccSzlDPJwej23FVgAE12FdRi5L8h3zvbISAqPKfpL8~jxEZQOaFBjhDKJdywgCsGTYlm8LOc75ia3OBaDEvAI7-kVj5tVgePIJONXes5xCGaTE~K8lMbD45YdTmOitdGJ0D~tyV8wUeO79gevP4SByDnffZ7l6g5zD4BOojj5l3-MQrjj5Bo5d-ucE7eFh6cQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321034%2C22451%2C117569&b=wbKFdf1jUxkV1TEHRH2tXtp2gZfKTAT69a5%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2Cz4pFRfEYak3KMFpHBHMtqt9dGtJTwTrkSW&f=gzdf8fdrUWBQeTPHbH8txCj718HdTQTM6Ce%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2C8QjCDfM8FeE9zhgHJHEtqC4gZCPTwT1MUk&c=300&d=250&e=&g=c56db4298109cedb481d5e3bc0459c87%2F14067477401601687808&i=111584%2C25174%2C29981&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582771&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ka5eascsdpeda1bz0v6pv8y5vma3583kacng097nfjbzg10heq1fbdj0s1afchm08sy27dkgb2z21ave6z2pgnz2g50xmawbxxxs0q6wxvp6g9h9wwk2vxaaej735qm97b72adr8935d1rj9ffztvvc44jj1861rn47fjzzyccm3nzc7ekse4v5aq0wq6ks38fsb6ccsc43mnwvy4kjjx1camyy2p44nnb6jsqr384m5ab20ahzje2dcfe9z4brtbaz8dj0m2jm07rfq36g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC6cR6xZV5Y9boFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTmAU_QLlFjLt_e4prmFPY670_2GRiO70xFJa0D_zRJgWwLkXeA6VXXFwrlvXgA1upWM7Mo3KJHwaUNQrIwRemFde4n6jy_46IeXyRFJk2x_5S4-8m8_lvzrKnNFK60j1PhVeFm-JZDNCmpBTObVzWSRGcRtHW6Mdx-U-h2-shNVUGenIJDuUFwMlmZlnto-R9ZYmh9p0wxxoCmEaltR3OtvWhCr9pYgeS9Z8_Xe3mXxEyY5oD6Qqouu6Xqls25OF4X3O8Bx7SxGFbmwwlToML1qBTvPMeYkH70sNtMMDnKueWreO7PmiIT4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2sjpVT0Npgt8eSmMT--TJp4i320g%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86e52a6ab6d9a83f40ddc2a09084df0a0d291ca4194b5ce17de122001adf46fa

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 19 Nov 2022 19:59:30 GMT
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Mon, 01 Aug 2022 11:49:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 24614
etag: "c8717f93a87217b1c114134b189e2ca0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 19052
x-amz-cf-id: ko22XNQrNLaLEMwakxc-mg_4LvXev1kJbvTWaegB4cSVPCintBx8Zg==

GET
H2 200 1630076509_zWMlDYPQVnctkTlVGt486BXSMOUU2jSg.png
cdn.track.production.webgains.team/287405/ Frame 4844 5 KB
5 KB 230ms
106ms Image
image/png 13.32.121.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/287405/1630076509_zWMlDYPQVnctkTlVGt486BXSMOUU2jSg.png?Expires=1668912883&Signature=lsn1KV-02Do12jUr5UjV-OWpkjNqWPEoq8P0XYJbPZ83ZvgvHT1KWu7nE2LrLZyOoCbK5GUyblW9bUVF40JYwgnwaSj6IDbK3YEk2BvnhgnxcoPxNS-qIPe4TDlSk3yZ16pJI5ZBkppwKLzhDgP7uTyYow0tEBqAtqZopbukov6kek6WYYJUZrDIWpFGx0bt-hE5vQ2LS3bdrLeBLh4E0xxE5EBhVVVp9dHTUTg~xkrZ2gDptm8aj0Wlq~RUNe~fCiWBBQEnPxBPgGrz4-4sQe5D7SSe7DgLYRzoghQ7RAKqC2HEyrhNTeesvcshaj-sHX0H1Vek~4TEuo5VyMxGAw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=321735%2C319925%2C169080&b=D8qh3fWwh2Rdqa3HmH9t1tegVphWTmTgbtV%2CeZqa3fgVHZPYrSjHZHet1tXZr2FjTQTYdU1%2CD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV&f=d9DSEfPkH5r7BCEHjHwtqC8MDzc3T4T1rUj%2CD8qh3fWwh24eGT3HmH9twCkQjqHWTmTgbtV%2Cd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj&c=160&d=600&e=&g=56974894a167a25b01b904da8bb1bfae%2F7331761722778322746&i=110819%2C83339%2C65760&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1668912582773&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8bemtw96879y3egrnqn9yf45b76tnvd9a3d61cxsd83kpdwa77mqj7052zqqhbsqw420yd02exykfcfx35b0z7f1xj20gbp1khhx82m83npn832gysvw363km82frzc2bw1f192tq3pd4mnd28mmaw0y062ahkcwz2b2avkxr77svy5j2vsmzpb8m0zck2keyt26pz9fa3rkvxvxns9d80ha7mjg6s1v1p7zhpajbewywww77cj0gchcqwqbxye9pb6wbb3gg2h64wqreg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvMTKxZV5Y9foFry89u8Pz5yQiAWQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU2NTY3NDQ5MTY4NTA3MDPIAQmpAnNp6beoUrE-4AIAqAMBqgTpAU_QQSx1H2E-46_PAV59yulef0KXu7LXk4tEqOoME7-hmLWpdrp9mokAW3JAIgsOkOorRg8l5OgecK6zLEWFtey2kodCgn0XY0sewtgwX2ACozrtTwaxHQgR1I1YD-chDT8EuUu2b_GZAmyb4Te91AGdxddyf6w-bmGHwpIhc8754WQNwHnoiOWf5X49TjeCUVJPpHNrcARShu8XC_0qYC4-058meH6oVwVpEpQZItSbcDK6v44gaFJLBzuYLBP5axE1_v0neAOzP2KjKMtyiTV5H6WxNudnZgvojISysA2LJuS27h1I_HdX4AQBgAbw9vmY7Yfspr4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0erymrzYKiaFXzbQaZQKYnveAuVw%2526client%253Dca-pub-5656744916850703%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8decfdbca90823a9fc08c399cc7f568a993e77d31fe7e2ab87aa75276b5cfaa

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 19 Nov 2022 18:13:52 GMT
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:42:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 30952
etag: "252bcf3942798a64e6a899b7c6e034d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 5216
x-amz-cf-id: JyzmdhBc03KTd4atbFdzExyaXR7kfiFOFRwNf4un3u-_IzIJyqS9Gg==

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0D77 15 KB
16 KB 169ms
53ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://stud.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 468291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 16:44:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0D77 15 KB
15 KB 170ms
57ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://stud.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 198448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 19:42:15 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1E90 42 B
64 B 92ms
92ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8-xeydCxW8Viwau9eD7uzyBvhevb-TzR6LtAJwkhpmMrYcdx4DqwbG1p9aCTUViV8imZJtl53SdCgztNT0sm5xFaz&sig=Cg0ArKJSzIXZK30pMK3WEAE&cid=CAASF-RoiK9VBF2auNdU8Mkbi3PdvsGb-ey0&id=lidar2&mcvt=1000&p=592,1260,842,1560&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3365877365&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668912581802&rpt=477&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 support_protected.png
studlancer.net/images/chat/ 11 KB
12 KB 58ms
58ms Image
image/png 5.45.73.237
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studlancer.net/images/chat/support_protected.png
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.45.73.237 Dronten, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS: mx.studlancer.net
Software: nginx /
Resource Hash: c02693930661ec36a19ffd13fa984ddd5aeed9caa1cb3082efbf066b704fb389

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:43 GMT
last-modified: Thu, 16 Apr 2020 11:51:05 GMT
server: nginx
etag: "5e9846a9-2db8"
content-type: image/png
cache-control: max-age=864000, max-age=864000
accept-ranges: bytes
content-length: 11704
expires: Wed, 30 Nov 2022 02:49:43 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame FFBC 42 B
64 B 100ms
100ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsth643mw933OocZdSEXyYX6x4Ul4NbRTDPra-eVVQFrzuQM4y63clYxMSeE4LSAYMMbRJf9I4wyjQQK6JZpKmMVmixpE9ukCY0hoMx9UmFAWE0z3C1Rb42mtDIgZ6s9gkuvlog3gg&sai=AMfl-YTHbilAh62aKjRbbKY9ixsfKnV6WKE32rElYoqSxNiwIYSMXKAreSyAFuYWJW-hWHgm8RtDcii6FXyj0Gyh0cnxQuz6et8abY6lm4qEJ3jbLdrbfOFeFAqRmV78m4M&sig=Cg0ArKJSzLpmDs7PbWP6EAE&cid=CAQSPADq26N9pegLCE9LZ53PInXCKfwNxbjB2WuemT8ByHVZDHmNV_bGuylNYIxfep4Fl-WRI8Q9ESQOqdSswxgBIBM&id=ampim&o=10,204&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=787&tls=1787&g=100&h=100&tt=1787&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B9FC 42 B
64 B 92ms
91ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzP9DItHetZnGKNt97cYwyL4nGrRE5WvfpaAXxwU0DYY8pvH0QGFCydEA-Pj2OqLrQkrVoCgXahSKtHtYj5z-XHqyvFNAwq_c2Iz_UTSVFvYexLwYO&sig=Cg0ArKJSzLAixSc9G2oREAE&id=lidar2&mcvt=1000&p=10,315,100,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2356313963&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668912581737&rpt=988&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B9FC 0
0 94ms
93ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=1604111756810199&bg=!l5SllNDNAAbvMpMzzzI7ACkAdvg8WoeN92w-T-_IDG31-s5j9Q3bi1q3odv32P5Ol0mi9Z8PNpNotgIAAACpUgAAAANoAQeZArpeX-5dVeKm3CsUG1XEsxYmtEVamyVU3s4GeZHBW3V4b20irT4e1mEo4M0crr07DinGeTJmYaLoqrYP7iLa5xyoykzAC4vXX6i9AF6Xsc0j-w1eFuJRleKkgmx1gI5IXy8A5K_Ob37-qCKtSSDPoFcDdEXrAqUyXtqVWoHIjTzLSrAwv_HQREPyj6Upye0DqxGaIN5nGkEhdCtu3lGOEGGtYqNZ16h98VGQWvcSsRC6lyEy37acO8bwfc0EqsdrXahWRHgmgJ5PEL0G8Zi88VDuP4jrvlNVCaRPAO_Z8LAyJyO7Ghbyx0CoH8NhqDuTcdxT1GTOZP5q3aLyMBCN0f6s4BX6_1Yk4HAk0LO8EzwUBkqBK6nCBRcSXxEfemRcw3uIUG69K5Xkr3VkoVqyDDBSNlEE3-f50H9XdJXX8LACK-Q6BpuuYIqdy_p_jo5GoP6lZI_axKz9WH0Drvwk3IOFqsr2cJCK7gpCtjDp0FvGn8wZ9a2iAlT6sZOKhcf4CbcEhxAxYqUMlVx4-7hkyO_Hx4i0-N6Jz55jPR-4w-z6KIznnRSxfyDdyRklDkS_VNEakqZn28yNJfmyVHToeKxBYbZZDGBM-Y5ZAgIkjvcjIbciGRCfiiynA1Ko1U64x9dZH8P3fKWiFhDiWwGQBhQ4xSiN_MqXAQqsm1TFCxkzXevWYeUG3bDskGhTSi9O9t6T_wHzwogNqOW-hHgAQz7QicQiJ2Kc1B2BhL__XAXFo8yuRwr5KD14K0cQFih16SNxgz3ajTpwwlnpje10m_Z0UPZVroq1xdOgp_kIawaZ3mPgWL8-u5Q2iudWHtiXTpZ8F5TRrh5Hhlqr6eV9fFLV-73yglccEz3b0Ejo6ODU_letNGGUiZHppuAPKfjw1EUrK7AcbP2-uDHituhtftBuWOB42e-V7vz-RA
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 174ms
55ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fstud.com.ua%2F&domain=stud.com.ua&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://stud.com.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://stud.com.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 20 Nov 2022 02:49:44 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 261060
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fstud.com.ua%2F&domain=stud.com.ua&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=badk4Xw3SGtZcmhPYWZEZHkvU3FiTUc5YzgxbjF6M2hrcDRsbE84RXpzVGRER3haaGdjTEo3VjdpWGxrcGRXSWFhVk13WlhDMC8wZHAvcDBFMEh5QVlSdjJONENSMTY5OS9LMndScXVFZG1BbU5Ncjhubyt1VDhRMEpvcV...

376 B
653 B

188ms
64ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=badk4Xw3SGtZcmhPYWZEZHkvU3FiTUc5YzgxbjF6M2hrcDRsbE84RXpzVGRER3haaGdjTEo3VjdpWGxrcGRXSWFhVk13WlhDMC8wZHAvcDBFMEh5QVlSdjJONENSMTY5OS9LMndScXVFZG1BbU5Ncjhubyt1VDhRMEpvcVowdkdERUlxZ3BIME9iNW5MMVFkYmVkdlgzdUNreWt3SFZBbHdPRUFIUzlway9UdzhmYjZtaENXbG1hS3pkQ2N2Z0JUbnozV0N3VFhldHVrL016d0xUd2VrV1laRGI3ZnVBK01qN2E4djk3K2xKTVRjbkZnPXw&cppv=2

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

860c03f6c1c151f44b2a0f37135538dcfe60251da5d5eaea3071227ca0c2e315

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:45 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1606404
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=badk4Xw3SGtZcmhPYWZEZHkvU3FiTUc5YzgxbjF6M2hrcDRsbE84RXpzVGRER3haaGdjTEo3VjdpWGxrcGRXSWFhVk13WlhDMC8wZHAvcDBFMEh5QVlSdjJONENSMTY5OS9LMndScXVFZG1BbU5Ncjhubyt1VDhRMEpvcVowdkdERUlxZ3BIME9iNW5MMVFkYmVkdlgzdUNreWt3SFZBbHdPRUFIUzlway9UdzhmYjZtaENXbG1hS3pkQ2N2Z0JUbnozV0N3VFhldHVrL016d0xUd2VrV1laRGI3ZnVBK01qN2E4djk3K2xKTVRjbkZnPXw&cppv=2
access-control-allow-origin: https://stud.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 650980
content-length: 0
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 216 B
621 B 196ms
62ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

f245bed8262fd952673d1e564d618932e432c28ae4ca4f8543bdab8ad28086fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://stud.com.ua
date: Sun, 20 Nov 2022 02:49:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 683C 52 KB
17 KB 238ms
59ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://stud.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 20 Nov 2022 02:49:44 GMT
ETag: "623de86a-cf34"
Expires: Mon, 21 Nov 2022 02:49:46 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6CA8 15 KB
6 KB 180ms
54ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://stud.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=145049
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sun, 20 Nov 2022 02:49:44 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Mon, 21 Nov 2022 19:07:13 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 726B 0
0 55ms
53ms Document
text/plain 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13459965
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://stud.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date: Sun, 20 Nov 2022 02:49:44 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap5ams1

GET
H2 204 /
onetag-sys.com/usync/ Frame 9098 0
0 65ms
61ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1668912581037&gdpr=0

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://stud.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 5E9D 603 B
782 B 62ms
60ms Document
text/html 188.42.189.231
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/452998/hb_307789_6902.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.189.231 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 0ac2d4740122adfd4a45b0c363a196977baba657a5d8f2327162e0e9ad492789

Request headers

Referer: https://stud.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 603
content-type: text/html

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=60779ea3-80b3-40af-9c9e-d679f9723e56

0
404 B

190ms
190ms

Image
text/plain

62.149.1.122
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=60779ea3-80b3-40af-9c9e-d679f9723e56
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: HTTP/1.1
Server: 62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 20 Nov 2022 02:49:44 GMT
Server: Adtelligent
Etag: 4aa597f02e2c2245
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=60779ea3-80b3-40af-9c9e-d679f9723e56
date: Sun, 20 Nov 2022 02:49:44 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H2

200

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&gdpr=0
https://stags.bluekai.com/site/92145?id=6e3c42f1-2e98-45e8-ac41-3bb51ac6257f&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D452%26ssp%3Dthemediagrid%26user_id%3D&limit=1
https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=

43 B
145 B

57ms
56ms

Image
image/gif

3.66.124.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H2
Server: 3.66.124.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-124-166.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
date: Sun, 20 Nov 2022 02:49:45 GMT
content-length: 0
bk-server: 3117
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

match
ads.betweendigital.com/ Frame 5E9D
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dbetwe...
https://x.bidswitch.net/sync?dsp_id=354&user_id=ff1d34b81fb14484add670617e083d36&ssp=between&bsw_param=6e3c42f1-2e98-45e8-ac41-3bb51ac6257f&gdpr=&consent=&gdpr_pd=&expires=7
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=3bb24fd5-348b-4b8d-ba5a-eebaecba2ecb

68 B
607 B

60ms
60ms

Image
image/png

188.42.189.231
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=3bb24fd5-348b-4b8d-ba5a-eebaecba2ecb
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.189.231 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=3bb24fd5-348b-4b8d-ba5a-eebaecba2ecb
date: Sun, 20 Nov 2022 02:49:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 5E9D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=&verify=true
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1Wd0loeE1oRTJ1RUhqbTZLdkVlb3haMGRwM3AuMXp6Z0thRnpsT1UtfkE%3D&gdpr=0&gdpr_consent=

68 B
607 B

66ms
65ms

Image
image/png

188.42.189.231
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1Wd0loeE1oRTJ1RUhqbTZLdkVlb3haMGRwM3AuMXp6Z0thRnpsT1UtfkE%3D&gdpr=0&gdpr_consent=
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.189.231 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1Wd0loeE1oRTJ1RUhqbTZLdkVlb3haMGRwM3AuMXp6Z0thRnpsT1UtfkE%3D&gdpr=0&gdpr_consent=
date: Sun, 20 Nov 2022 02:49:44 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 btw
sync.dmp.otm-r.com/match/ Frame 5E9D 0
70 B 195ms
59ms Image
text/plain 178.63.43.235
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/btw?id=9652bf11-dbc1-5244-b63f-f1cdd5466408
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.63.43.235 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.235.43.63.178.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 20 Nov 2022 02:49:44 GMT
server: nginx/1.17.10

GET
H2

200

match
ads.betweendigital.com/ Frame 5E9D
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=5kUwGCQNAZF.AikABlGEkvEY1w

68 B
607 B

66ms
60ms

Image
image/png

188.42.189.231
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=5kUwGCQNAZF.AikABlGEkvEY1w
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.189.231 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:45 GMT
server: nginx
x-backend-id: f23-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=5kUwGCQNAZF.AikABlGEkvEY1w
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0D77 42 B
64 B 102ms
101ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunuWO3ymBlwpGCv257EIkkJzFGcc60wQkvW8zax81nGGGkTsVFTmXh7-4plGpvlM5yyN6gI1XekyqhxhJwjJmTyw0WMBmVPDsn6_1NcZh4WJnJH-QVBDgs-SZp94nRHqcbTBW2WbekaYazmu_TGhowLxIpNaRgvqTn&sai=AMfl-YQfijU1aPzURlHMaYghHKyEPDypQeEXq3Xf4gJnncBRbA0mL6yiYWTMfI1LeH_J0pgwOXRSzHamOcHF0_HoGrrL_6KY_wMoetfFEzcxnkuh3IMuF_UDmIJgGi2vyrY&sig=Cg0ArKJSzGtanfjCwAuaEAE&cid=CAQSPADq26N95K8jsMzZKAmlcO-nVWgX01o0RsacGJS3R_FriJy72OI5ZOnPUJCHrJqu5kFOgU_vxqv_O0VarxgBIBM&id=ampim&o=315,10&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1135&mtos=0,0,1135,1135,1135&tos=0,0,1135,0,0&tfs=333&tls=1468&g=100&h=100&tt=1468&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://stud.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame CD13 4 KB
1 KB 223ms
53ms Document
text/html 151.236.118.146
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=9652bf11-dbc1-5244-b63f-f1cdd5466408&CACHEBUSTER=88197
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.118.146 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Referer: https://ads.betweendigital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 20 Nov 2022 02:49:44 GMT
etag: W/"60bf907f-ee9"
last-modified: Tue, 08 Jun 2021 15:45:03 GMT
server: nginx
x-cdn-edge-cache: HIT
x-cdn-edge-id: 310
x-cdn-request-id: 2f0b320e073589757d5117e8160df4b5

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 4844 16 B
232 B 93ms
92ms Fetch
application/json 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-224-13.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 20 Nov 2022 02:49:44 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 159ms
44ms Preflight 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-224-13.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 20 Nov 2022 02:49:44 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 4844 16 B
232 B 91ms
90ms Fetch
application/json 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-224-13.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 20 Nov 2022 02:49:44 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 152ms
45ms Preflight 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-224-13.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 20 Nov 2022 02:49:44 GMT
server: nginx

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 6CA8 5 KB
6 KB 59ms
59ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=42533133&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 3c07a2502c4a56527ac547d4adf8648b886d808b26a034c89c34bf8283c7c0d4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 20 Nov 2022 02:49:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame E581 16 B
232 B 95ms
93ms Fetch
application/json 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-11-224-13.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 20 Nov 2022 02:49:44 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 126ms
44ms Preflight 3.11.224.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.224.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-224-13.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 20 Nov 2022 02:49:44 GMT
server: nginx

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 683C 0
743 B 55ms
55ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Nov 2022 02:49:44 GMT
AN-X-Request-Uuid: 6333737a-355d-4c6a-b1a7-ff0783b34ec2
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 129E
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=295B3ABB-CBEA-4159-A204-987F7E93F87C&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=295B3ABB-CBEA-4159-A204-987F7E93F87C&gdpr=0&gdpr_consent=

35 B
468 B

70ms
70ms

Document
image/gif

37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=295B3ABB-CBEA-4159-A204-987F7E93F87C&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Sun, 20 Nov 2022 02:49:45 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Sun, 20 Nov 2022 02:49:44 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=295B3ABB-CBEA-4159-A204-987F7E93F87C&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 72A5
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5948669038099671985

42 B
295 B

59ms
57ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5948669038099671985
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 20 Nov 2022 02:49:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5948669038099671985
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 29DC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f59f6379-95c8-4400-ac47-61a9064532f6&gdpr=0&gdpr_consent=

42 B
556 B

95ms
59ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f59f6379-95c8-4400-ac47-61a9064532f6&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 20 Nov 2022 02:49:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sun, 20 Nov 2022 02:49:44 GMT
Expires: Sun, 20 Nov 2022 02:49:43 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 169 32252b7 master cdg-pixel-x11 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f59f6379-95c8-4400-ac47-61a9064532f6&gdpr=0&gdpr_consent=

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 06F7 43 B
363 B 154ms
49ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 02:49:44 GMT
expires: Sun, 20 Nov 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 563317
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame BF0E
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=295B3ABB-CBEA-4159-A204-987F7E93F87C&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=295B3ABB-CBEA-4159-A204-987F7E93F87C&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

213ms
213ms

Document
image/gif

52.95.126.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=295B3ABB-CBEA-4159-A204-987F7E93F87C&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 20 Nov 2022 02:49:45 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 88949HRDEPWZP8XPHDF1

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sun, 20 Nov 2022 02:49:44 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=295B3ABB-CBEA-4159-A204-987F7E93F87C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: GZJD8WPNFQGKW0J6421K

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 970F
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6908932938425473278&gdpr=0&gdpr_consent=

42 B
219 B

197ms
61ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6908932938425473278&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 20 Nov 2022 02:49:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: c5eba1d2-f457-4bd5-8acd-b9317799faf1
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sun, 20 Nov 2022 02:49:44 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6908932938425473278&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 34FE
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=c3akAnxw8A1ocPYDdia-XnQm9wNocqUIcyP-wlLz

42 B
415 B

200ms
58ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=c3akAnxw8A1ocPYDdia-XnQm9wNocqUIcyP-wlLz
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 20 Nov 2022 02:49:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Sun, 20 Nov 2022 02:49:44 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=c3akAnxw8A1ocPYDdia-XnQm9wNocqUIcyP-wlLz
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame E0C7
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7167924968180611211&gdpr=0&gdpr_consent=

42 B
297 B

89ms
60ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7167924968180611211&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 20 Nov 2022 02:49:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Sun, 20 Nov 2022 02:49:44 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7167924968180611211&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame 039D
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFLb3JFN0c4eXdBQUNFRmh0MWs1UQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
433 B

55ms
54ms

Document
image/gif

54.195.228.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.228.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-228-204.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Content-Length: 43
Date: Sun, 20 Nov 2022 02:49:45 GMT
Server: gunicorn
cache-control: no-cache, must-revalidate
content-type: image/gif
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
strict-transport-security: max-age=2592000; includeSubDomains

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 355
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Nov 2022 02:49:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame E120
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=DI4zSDP_Q2Rz-4PN7vrnOVLHgiY

42 B
301 B

60ms
59ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=DI4zSDP_Q2Rz-4PN7vrnOVLHgiY
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 20 Nov 2022 02:49:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 159
Content-Type: text/html; charset=utf-8
Date: Sun, 20 Nov 2022 02:49:45 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=DI4zSDP_Q2Rz-4PN7vrnOVLHgiY

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame BDD8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3mVyAAAAT_zlQAO&gdpr=0&gdpr_consent=&_test=Y3mVyAAAAT_zlQAO

1 B
221 B

59ms
59ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3mVyAAAAT_zlQAO&gdpr=0&gdpr_consent=&_test=Y3mVyAAAAT_zlQAO
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Sun, 20 Nov 2022 02:49:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Sun, 20 Nov 2022 02:49:45 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y3mVyAAAAT_zlQAO&gdpr=0&gdpr_consent=&_test=Y3mVyAAAAT_zlQAO
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4039-HHN
x-timer: S1668912585.098399,VS0,VE0

GET
H2 204 /
csync.loopme.me/ Frame D044 0
0 196ms
63ms Document
text/plain 35.214.223.115
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.223.115 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 115.223.214.35.bc.googleusercontent.com
Software: _ /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

date: Sun, 20 Nov 2022 02:49:44 GMT
server: _

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame B48E
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
418 B

206ms
197ms

Document
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 76cddfc8fb93406b-LHR
content-length: 43
content-type: image/gif; charset=utf-8
date: Sun, 20 Nov 2022 02:49:45 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 76cddfc7bac2406b-LHR
content-type: text/html
date: Sun, 20 Nov 2022 02:49:45 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 2257

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame 7AB7 0
0 365ms
117ms Document
text/plain 5.161.54.172
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.161.54.172 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),

Reverse DNS

static.172.54.161.5.clients.your-server.de

Software

nginx/1.23.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Date: Sun, 20 Nov 2022 02:49:45 GMT
Server: nginx/1.23.1
Strict-Transport-Security: max-age=15768000

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 0118 43 B
279 B 311ms
78ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Sun, 20 Nov 2022 02:49:45 GMT
Vary: Accept-Encoding
X-adserver-worker: avatar-69b1d3f964ac@version_1.530v3
X-core-time: 1ms
X-server-arch: v2

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 7363
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1668912584962
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4263734806

70 B
264 B

58ms
56ms

Document
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4263734806
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sun, 20 Nov 2022 02:49:45 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Sun, 20 Nov 2022 02:49:45 GMT
etag: RX7cc10f521e0843fa94b04ff685c7b77d003
expires: 0
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4263734806
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma: no-cache

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 15DD
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
https://sync.crwdcntrl.net/map/ct=y/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%...
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=3d49aa6e1bc89c27b8806a3b81b6e4e5&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaQXaRjUTMSVaXVVb

42 B
301 B

58ms
58ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaQXaRjUTMSVaXVVb
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 20 Nov 2022 02:49:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaQXaRjUTMSVaXVVb

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4F9F
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:w4pbqrbn1OWAoV5&gdpr=0&gdpr_consent=

42 B
245 B

60ms
59ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:w4pbqrbn1OWAoV5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 20 Nov 2022 02:49:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Sun, 20 Nov 2022 02:49:44 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:w4pbqrbn1OWAoV5&gdpr=0&gdpr_consent=
Pragma: no-cache
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-001aff4bca77297e8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6CA8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KVs6u8vqQVmiBJh_fpP4fA%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

55ms
54ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:44 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=145049
accept-ranges: bytes
content-length: 5549
expires: Mon, 21 Nov 2022 19:07:13 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 6CA8
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4aba6379-95c8-4000-8c21-3fbe2c10f61a

0
128 B

137ms
55ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4aba6379-95c8-4000-8c21-3fbe2c10f61a
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:43 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sun, 20 Nov 2022 02:49:44 GMT
Server: MT3 169 32252b7 master cdg-pixel-x26 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4aba6379-95c8-4000-8c21-3fbe2c10f61a
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 20 Nov 2022 02:49:43 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 6CA8
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=295B3ABB-CBEA-4159-A204-987F7E93F87C&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

70 B
264 B

55ms
55ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 20 Nov 2022 02:49:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6CA8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mjk1QjNBQkItQ0JFQS00MTU5LUEyMDQtOTg3RjdFOTNGODdD&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
245 B

178ms
57ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 20 Nov 2022 02:49:44 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6CA8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGy6CXryBHScwOsKQtCHkJ4&google_cver=1

42 B
380 B

177ms
59ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGy6CXryBHScwOsKQtCHkJ4&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 20 Nov 2022 02:49:43 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGy6CXryBHScwOsKQtCHkJ4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 6CA8 43 B
610 B 185ms
56ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 19 Nov 2022 02:49:44 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6CA8
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2191524053000893781

42 B
217 B

59ms
59ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2191524053000893781
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 20 Nov 2022 02:49:44 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2191524053000893781
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6CA8 70 B
265 B 177ms
55ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 20 Nov 2022 02:49:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6CA8
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=3bb24fd5-348b-4b8d-ba5a-eebaecba2ecb&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=283&user_id=791a4f9b-3d49-4f4e-ace6-8f73c557362e&expires=1&user_group=5&ssp=pubmatic&bsw_param=3bb24fd5-348b-4b8d-ba5a-eebaecba2ecb
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3bb24fd5-348b-4b8d-ba5a-eebaecba2ecb&gdpr=&gdpr_consent=&gdpr_pd=

1 B
165 B

59ms
59ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3bb24fd5-348b-4b8d-ba5a-eebaecba2ecb&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 20 Nov 2022 02:49:44 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=3bb24fd5-348b-4b8d-ba5a-eebaecba2ecb&gdpr=&gdpr_consent=&gdpr_pd=
date: Sun, 20 Nov 2022 02:49:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 295B3ABB-CBEA-4159-A204-987F7E93F87C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6CA8 43 B
426 B 185ms
58ms Image
image/gif 2a05:d018:d29:3602:574e:c78f:197:6bf7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/295B3ABB-CBEA-4159-A204-987F7E93F87C?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:574e:c78f:197:6bf7 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 6CA8
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=295B3ABB-CBEA-4159-A204-987F7E93F87C&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=295B3ABB-CBEA-4159-A204-987F7E93F87C&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-c9V8XoBE2uV2z9Fruu48tBV5PycUvtM-~A&gdpr=0&gdpr_consent=

0
260 B

185ms
54ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-c9V8XoBE2uV2z9Fruu48tBV5PycUvtM-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:44 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-c9V8XoBE2uV2z9Fruu48tBV5PycUvtM-~A&gdpr=0&gdpr_consent=
date: Sun, 20 Nov 2022 02:49:44 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 6CA8 0
104 B 237ms
95ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=295B3ABB-CBEA-4159-A204-987F7E93F87C&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:44 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6CA8
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ece10878-e20d-496d-a0d2-e3c65d070045-637995c8-4348&gdpr=0&gdpr_consent=

42 B
408 B

57ms
57ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ece10878-e20d-496d-a0d2-e3c65d070045-637995c8-4348&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 20 Nov 2022 02:49:45 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:44 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=ece10878-e20d-496d-a0d2-e3c65d070045-637995c8-4348&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6CA8
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3830597427083284717&gdpr=0&gdpr_consent=&us_privacy=

1 B
273 B

65ms
62ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3830597427083284717&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 20 Nov 2022 02:49:44 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3830597427083284717&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sun, 20 Nov 2022 02:49:44 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6CA8
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d4a79a51-91bd-4014-9002-d5facd85cffb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

59ms
59ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d4a79a51-91bd-4014-9002-d5facd85cffb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 20 Nov 2022 02:49:44 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:d4a79a51-91bd-4014-9002-d5facd85cffb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Sun, 20 Nov 2022 02:49:45 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6CA8
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6908932938425473278

42 B
95 B

59ms
59ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6908932938425473278
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 20 Nov 2022 02:49:44 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Sun, 20 Nov 2022 02:49:45 GMT
AN-X-Request-Uuid: a3b3e240-a28c-4718-a05e-5eca7c65668f
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=6908932938425473278
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 210ms
63ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 20 Nov 2022 02:49:44 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 445554
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

match
ads.betweendigital.com/ Frame CD13
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=6e3c42f1-2e98-45e8-ac41-3bb51ac6257f
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=6e3c42f1-2e98-45e8-ac41-3bb51ac6257f
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=b08c533a-6fc8-45d8-be80-a73d97bdce67&user_group=1&ssp=between&bsw_param=6e3c42f1-2e98-45e8-ac41-3bb51ac6257f
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=3bb24fd5-348b-4b8d-ba5a-eebaecba2ecb

68 B
607 B

61ms
61ms

Image
image/png

188.42.189.231
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=3bb24fd5-348b-4b8d-ba5a-eebaecba2ecb
Requested by: Host: stud.com.ua
URL: https://stud.com.ua/
Protocol: H2
Server: 188.42.189.231 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=3bb24fd5-348b-4b8d-ba5a-eebaecba2ecb
date: Sun, 20 Nov 2022 02:49:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

fde09098-687d-11ed-ab15-002590c82437
an.yandex.ru/mapuid/adsniperis/ Frame CD13
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://sync.bumlam.com/?src=aid0&s_data=CAIQARjJq-abBqIBEP3gkJhofRHtqxUAJZDIJDc*
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=fde09098-687d-11ed-ab15-002590c82437
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=fde09098-687d-11ed-ab15-002590c82437&bounce=1
https://sync.bumlam.com/?src=aid1&uid=dRJ9aJVFa2s88Q6SHiD%2BWw&
https://an.yandex.ru/mapuid/adsniperis/fde09098-687d-11ed-ab15-002590c82437
https://an.yandex.ru/mapuid/adsniperis/fde09098-687d-11ed-ab15-002590c82437?redir-setuniq=1

43 B
108 B

96ms
96ms

Image
image/gif

2a02:6b8::90

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/adsniperis/fde09098-687d-11ed-ab15-002590c82437?redir-setuniq=1

Requested by

Host: stud.com.ua
URL: https://stud.com.ua/

Protocol

Server

2a02:6b8::90 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 20 Nov 2022 02:49:46 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 20 Nov 2022 02:49:46 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Nov 2022 02:49:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 20 Nov 2022 02:49:46 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/adsniperis/fde09098-687d-11ed-ab15-002590c82437?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 20 Nov 2022 02:49:46 GMT

GET
H/1.1 200
OK cntcm.aspx Show response
inv-nets.admixer.net/ Frame B9FC 61 B
529 B 55ms
54ms XHR
application/json 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/cntcm.aspx?ssp=03794bc4-679e-4bd8-a1c0-bb41680c2dee

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

91b66ea17929feeda2a50c81865f4181321e61bc21e0bc2354b1ac679e09fd07

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://stud.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 20 Nov 2022 02:49:45 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://stud.com.ua
P3P: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
X-XSS-Protection: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 683C 0
743 B 56ms
55ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Nov 2022 02:49:45 GMT
AN-X-Request-Uuid: 757b96ce-6c56-42ea-a9f4-43512836fb1c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame C126
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

189ms
57ms

Document
text/html

104.109.78.125

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=9652bf11-dbc1-5244-b63f-f1cdd5466408&CACHEBUSTER=88197
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://cache.betweendigital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Nov 2022 02:49:47 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sun, 20 Nov 2022 02:49:47 GMT
location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server: AkamaiGHost

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 6CA8 0
128 B 63ms
54ms Script
text/plain 198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 02:49:46 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C126 34 KB
10 KB 58ms
57ms Script
text/html 104.109.78.125

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d4ee88572845c637e29e806b544dd609880fe151bae28baba0a058e735597942

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 20 Nov 2022 02:49:47 GMT
Content-Encoding: gzip
Last-Modified: Sat, 19 Nov 2022 05:41:58 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=10322
Connection: keep-alive
Content-Length: 10066
Expires: Sun, 20 Nov 2022 05:41:49 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame C126 284 B
536 B 222ms
56ms Image
image/jpg 69.173.144.165

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET 88197
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame CD13 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOePy1x8trtTrYEWuSYXhEE&google_cver=1&google_push=ASkJ3Fatp3540LNOI70wGLbmLzAbWUhpSh3mupXjQuAjYyGnqL7PLOifJijrHmDzuWNyRnAtWrHvfbygqua5uINe3XAaJdAmI0St

Domain: www.tns-counter.ru
URL: https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/88197

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

131 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
stud.com.ua/	1969-12-31 23:59:59	Name: ca Value: DE
.stud.com.ua/	1970-01-20 17:11:12	Name: _ga Value: GA1.3.1876514594.1668912580
.stud.com.ua/	1970-01-20 07:36:38	Name: _gid Value: GA1.3.788317036.1668912580
.stud.com.ua/	1970-01-20 07:35:12	Name: _gat Value: 1
stud.com.ua/	1970-01-20 08:18:24	Name: _pbjs_userid_consent_data Value: 3524755945110770
.stud.com.ua/	1970-01-20 16:20:48	Name: _pubcid Value: 1a8b59f0-24fc-45f8-bf15-f236d0cec670
.stud.com.ua/	1970-01-20 16:56:48	Name: __gads Value: ID=afa453107775fb54:T=1668912580:S=ALNI_MbFNp_BDzJ3JocQHfO6h2-N4TBxhw
.stud.com.ua/	1970-01-20 16:56:48	Name: __gpi Value: UID=00000b842a9c9c62:T=1668912580:RT=1668912580:S=ALNI_MYpK9geF-OJ5497BpGsHGBUfMc0qw
.betweendigital.com/	1970-01-20 16:20:48	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 16:20:48	Name: tuuid Value: 9652bf11-dbc1-5244-b63f-f1cdd5466408
.betweendigital.com/	1970-01-20 16:20:48	Name: ss Value: 1
.betweendigital.com/	1970-01-20 16:20:48	Name: unm Value: 1
.admixer.net/	1970-01-20 09:44:48	Name: am-uid Value: ff1d34b81fb14484add670617e083d36
.lijit.com/	1970-01-20 16:20:48	Name: ljtrtb Value: eJyrrgUAAXUA%2BQ%3D%3D
.lijit.com/	1970-01-20 16:20:48	Name: ljt_reader Value: FrjptBZHN731HNMUTAqf_1cS
a4p.adpartner.pro/	1970-01-20 09:01:36	Name: apuid Value: 60779ea3-80b3-40af-9c9e-d679f9723e56
.adnxs.com/	1970-01-20 09:44:48	Name: icu Value: ChgIq9pcEAoYASABKAEwxavmmwY4AUABSAEQxavmmwYYAA..
.adnxs.com/	1970-01-20 09:44:48	Name: uuid2 Value: 6908932938425473278
.doubleclick.net/	1970-01-20 16:56:48	Name: IDE Value: AHWqTUk3qwCJ2c001t_xYZy6pbd3Rpv11xmh38tr9ZBHQSpGoPsb_iji_L0fEHPO0HQ
.doubleclick.net/	1970-01-20 07:35:13	Name: test_cookie Value: CheckForPermission
.adtelligent.com/	1970-01-20 09:04:29	Name: vmuid Value: 4aa597f02e2c2245
.adtelligent.com/	1970-01-20 09:04:29	Name: a307558 Value: 60779ea3-80b3-40af-9c9e-d679f9723e56
.casalemedia.com/	1970-01-20 16:20:48	Name: CMID Value: Y3mVxu0ej-Lv8WuN8yHpSgAA
.casalemedia.com/	1970-01-20 09:44:48	Name: CMPS Value: 1825
.casalemedia.com/	1970-01-20 09:44:48	Name: CMPRO Value: 1825
.quantserve.com/	1970-01-20 17:05:26	Name: mc Value: 637995c6-5e83c-e1cd8-7636f
.agkn.com/	1970-01-20 16:20:48	Name: ab Value: 0001%3A%2BQY3Dmj%2BKJJO0tqtBLox1dspDrlCwUa5
.agkn.com/	1970-01-20 16:20:48	Name: u Value: C\|0CEArDFJGKwxSRgAAAAAAAQ13AQCAAQpAAAAAAA
.innovid.com/	1970-01-20 09:44:48	Name: uuid Value: e4088c46-35cf-44d8-a7db-ff2d84d83a69-20221119 21:49:42
.pubmatic.com/	1970-01-20 09:44:48	Name: KADUSERCOOKIE Value: 295B3ABB-CBEA-4159-A204-987F7E93F87C
.e.dlx.addthis.com/	1970-01-20 17:05:26	Name: na_tc Value: Y
.doubleclick.net/	1970-01-20 07:35:16	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 09:44:48	Name: CMTS Value: 219
.addthis.com/	1970-01-20 17:05:26	Name: na_tc Value: Y
.dlx.addthis.com/	1970-01-20 08:18:24	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 08:18:24	Name: na_sr Value: 20221120
.dlx.addthis.com/	1970-01-20 07:35:12	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 08:18:24	Name: na_sc_e Value: 0
.addthis.com/	1970-01-20 17:05:26	Name: na_id Value: 2022112002494200039508566777
.addthis.com/	1970-01-20 17:05:26	Name: uid Value: 637995c69e41a10c
.addthis.com/	1970-01-20 17:05:26	Name: ouid Value: 637995c60001c98bf0adb5e143d54da5cf2616c8806183dbe369
.awin1.com/	1970-01-20 07:38:05	Name: awpv16798 Value: 412871\|1668912583\|fc425640-687d-11ed-9792-223985e9a9b7
.awin1.com/	1970-01-20 07:38:05	Name: awpv20044 Value: 412871\|1668912583\|fc425641-687d-11ed-9792-223985e9a9b7
.awin1.com/	1970-01-20 07:39:31	Name: awpv11354 Value: 412871\|1668912583\|fc442b00-687d-11ed-bfbc-22342ff4a6f7
.simptrack.com/	1970-01-20 09:44:48	Name: ntm_tps__4011 Value: NNtNxf50VJe-ooYkgq13pZKjo6KTePHi2TIqLAupOCu-XO8HkAKdx16FyiZC6FQmZrP2y71fe3WIi8uKyATh8z0mHV5bCm5VBH2N26GZF3yNeFqcFOGEKwxgeAy92HfymrVjS6xzwq5XQ6xKWP-Ki7nJ42QBdRA1quGWGJ3bDu_Dllc3XkmNAzTSyc0JeYq-ZYC-6GlkreKO-u1ORxMx5UgCDaCqNTNyI4m7vHMVKvPGcuE0XXjFt6RXUFktlPIBH3dAcL_rQvxt3Z5gK7Q80SGB9tH_yB9r_fDoJadEop32MfgxaGzqOSDx3F3xcWejgNh8_SPOZRiHDDJZNNNNNNNNNVf4U
.simptrack.com/	1970-01-20 09:44:48	Name: v0rur7gqspb3_uid Value: 80d26dc91f28aa68
.zenaps.com/	1970-01-20 07:39:31	Name: awpv11354 Value: 412871\|1668912583\|fc442b00-687d-11ed-bfbc-22342ff4a6f7
.zenaps.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
stud.com.ua/	1970-01-20 16:20:48	Name: edu_chat Value: {%22depth%22:1%2C%22end%22:%222023-11-20T02:49:43.377Z%22}
.awin1.com/	1970-01-20 07:45:17	Name: awpv11938 Value: 412871\|1668912583\|fc712e70-687d-11ed-adce-2234a4c513ba
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
www.conrad.de/	1970-01-20 07:42:24	Name: HTLP_timestamp Value: 1668912583
www.conrad.de/	1970-01-20 07:42:24	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 07:35:14	Name: __cf_bm Value: fP0oxoHrIc7IXQ1gbHbgMmA6hvN0_1ah1cYpzpaowAM-1668912583-0-AeZB+8f5RZF0QR4O/PpGmaKLJei5EU1Kgt3dFsx4mhERawWWcsNVqZNcnDXW12gabCWwpTZ6+DJ2GTQlfYUSWaw=
.congstar.de/	1970-01-20 07:45:20	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1668912583_fc712e70-687d-11ed-adce-2234a4c513ba%22%2C%22sp%22%3A%22awin%22%7D
.blau.de/	1970-01-20 07:45:17	Name: nscT486 Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjY4OTEyNTgzdmxlYTFkZTIwMjIxMTIwMDM0OTQzNzg3MDM3MDIxMzdYMTE3NjYzVjEyMjUxMzExMDZNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NjYz
.blau.de/	1970-01-20 07:45:17	Name: nscQ486 Value: V
.blau.de/	1970-01-20 07:45:17	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022112003494378703702137X117663V1225131106MSreach_SUBIDTEST_view&wfid=117663
.o2online.de/	1970-01-20 07:45:17	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTY2ODkxMjU4M3ZsZWExZGUyMDIyMTEyMDAzNDk0Mzc4NzAzNzAyMTM5WDExNzcwM1YxMjI2MTMyNzAyTVN2aWV3b25laWQ3MnhjcWZnekhqWG1ydXJIWEhndEF0VlZlZkdUMVRNSkNNb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExNzcwMw
.o2online.de/	1970-01-20 07:45:17	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 07:45:17	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022112003494378703702139X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTY2ODkxMjU4M3ZsZWExZGUyMDIyMTEyMDAzNDk0Mzc4NzAzNzAyMTM5WDExNzcwM1YxMjI2MTMyNzAyT
.ads.pubmatic.com/	1970-01-20 07:36:38	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 09:44:48	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 07:36:38	Name: pi Value: 156813:3
.pubmatic.com/	1970-01-20 09:44:48	Name: DPSync3 Value: 1670112000%3A201_197_219%7C1668988800%3A174
.pubmatic.com/	1970-01-20 09:44:48	Name: SyncRTB3 Value: 1671494400%3A203%7C1669507200%3A15_2_223%7C1670198400%3A35%7C1669766400%3A63%7C1670112000%3A56_81_166_21_234_243_88_161_8_233_22_204_99_13_251_3_55_176_220_238_5_7_54_71
.bidswitch.net/	1970-01-20 16:20:48	Name: c Value: 1668912584
.bidswitch.net/	1970-01-20 16:20:48	Name: tuuid_lu Value: 1668912584
.quantserve.com/	1970-01-20 09:44:48	Name: d Value: ELABDgHPJ4EO-TA
.bidswitch.net/	1970-01-20 16:20:48	Name: tuuid Value: 3bb24fd5-348b-4b8d-ba5a-eebaecba2ecb
.analytics.yahoo.com/	1970-01-20 16:20:48	Name: IDSYNC Value: 199l~28e2
.yahoo.com/	1970-01-20 16:21:10	Name: A3 Value: d=AQABBMiVeWMCEI63uS5GihJYXh9UFtpoGlQFEgEBAQHnemODYwAAAAAA_eMAAA&S=AQAAAkK05McxD65lPr1gfIhBlZQ
.sitescout.com/	1970-01-20 16:20:48	Name: ssi Value: ece10878-e20d-496d-a0d2-e3c65d070045#1668912584936
.adhigh.net/	1970-01-20 16:20:48	Name: gi_u Value: 5kUwGCQNAZF.AikABlGEkvEY1w
.mathtag.com/	1970-01-20 17:01:07	Name: uuid Value: 4aba6379-95c8-4000-8c21-3fbe2c10f61a
.adfarm1.adition.com/	1970-01-20 09:44:48	Name: UserID1 Value: 7167924968180611211
.simpli.fi/	1970-01-20 16:22:14	Name: suid Value: 40A525DC6881439FAD7D82A76B2F1A44
.onaudience.com/	1970-01-20 07:36:38	Name: done_redirects147 Value: 1
.turn.com/	1970-01-20 11:54:24	Name: uid Value: 3830597427083284717
.de17a.com/	1970-01-20 16:13:36	Name: guid Value: 1.5948669038099671985
.sitescout.com/	1970-01-20 08:18:24	Name: _ssuma Value: eyI0NSI6MTY2ODkxMjU4NDk4NH0
.adform.net/	1970-01-20 08:18:24	Name: C Value: 1
.w55c.net/	1970-01-20 17:04:00	Name: wfivefivec Value: w4pbqrbn1OWAoV5
.pubmatic.com/	1970-01-20 09:44:48	Name: KRTBCOOKIE_153 Value: 1923-c3akAnxw8A1ocPYDdia-XnQm9wNocqUIcyP-wlLz&KRTB&19420-c3akAnxw8A1ocPYDdia-XnQm9wNocqUIcyP-wlLz&KRTB&22979-c3akAnxw8A1ocPYDdia-XnQm9wNocqUIcyP-wlLz&KRTB&23403-c3akAnxw8A1ocPYDdia-XnQm9wNocqUIcyP-wlLz
.pubmatic.com/	1970-01-20 09:44:48	Name: KRTBCOOKIE_80 Value: 22987-CAESEGy6CXryBHScwOsKQtCHkJ4&KRTB&16514-CAESEGy6CXryBHScwOsKQtCHkJ4&KRTB&23025-CAESEGy6CXryBHScwOsKQtCHkJ4&KRTB&23386-CAESEGy6CXryBHScwOsKQtCHkJ4
.1rx.io/	1970-01-20 16:20:48	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-7cc10f52-1e08-43fa-94b0-4ff685c7b77d-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.adhigh.net/	1970-01-20 16:20:48	Name: btw_sync Value: jZI
.pubmatic.com/	1970-01-20 09:44:48	Name: KRTBCOOKIE_27 Value: 16735-uid:f59f6379-95c8-4400-ac47-61a9064532f6&KRTB&16736-uid:f59f6379-95c8-4400-ac47-61a9064532f6&KRTB&23019-uid:f59f6379-95c8-4400-ac47-61a9064532f6&KRTB&23208-uid:f59f6379-95c8-4400-ac47-61a9064532f6
.pubmatic.com/	1970-01-20 08:18:24	Name: KRTBCOOKIE_1101 Value: 23040-7167924968180611211&KRTB&23369-7167924968180611211
.pubmatic.com/	1970-01-20 09:44:48	Name: KRTBCOOKIE_57 Value: 22776-6908932938425473278&KRTB&23339-6908932938425473278
.pubmatic.com/	1970-01-20 08:18:24	Name: KRTBCOOKIE_22 Value: 14911-3830597427083284717&KRTB&23150-3830597427083284717
.pubmatic.com/	1970-01-20 09:44:48	Name: KRTBCOOKIE_188 Value: 3189-ece10878-e20d-496d-a0d2-e3c65d070045-637995c8-4348&KRTB&23418-ece10878-e20d-496d-a0d2-e3c65d070045-637995c8-4348&KRTB&23424-ece10878-e20d-496d-a0d2-e3c65d070045-637995c8-4348
.everesttech.net/	1970-01-20 16:20:48	Name: everest_g_v2 Value: g_surferid~Y3mVyAAAAT_zlQAO
.bidr.io/	1970-01-20 17:03:42	Name: bito Value: AAKorE7G8ywAACEFht1k5Q
.bidr.io/	1970-01-20 17:03:42	Name: bitoIsSecure Value: ok
.w55c.net/	1970-01-20 08:18:24	Name: matchpubmatic Value: 5
.nrich.ai/	1970-01-20 17:11:12	Name: _nauid Value: 791a4f9b-3d49-4f4e-ace6-8f73c557362e
.adform.net/	1970-01-20 09:01:36	Name: uid Value: 2224553107485577217
.pubmatic.com/	1970-01-20 08:18:24	Name: SPugT Value: 1668912583
.pubmatic.com/	1970-01-20 08:18:24	Name: KRTBCOOKIE_336 Value: 5844-5948669038099671985
.adsby.bidtheatre.com/	1970-01-20 07:45:17	Name: __kuid Value: d4a79a51-91bd-4014-9002-d5facd85cffb.438126585
.onaudience.com/	1970-01-20 16:20:48	Name: cookie Value: 0d209c67f8502551
.onaudience.com/	1970-01-20 07:36:38	Name: done_redirects200 Value: 1
.pubmatic.com/	1970-01-20 09:44:48	Name: KRTBCOOKIE_107 Value: 1471-uid:w4pbqrbn1OWAoV5&KRTB&23421-uid:w4pbqrbn1OWAoV5&KRTB&23429-uid:w4pbqrbn1OWAoV5
.pubmatic.com/	1970-01-20 08:18:24	Name: KRTBCOOKIE_391 Value: 22924-2191524053000893781&KRTB&23263-2191524053000893781
ads.playground.xyz/	1970-01-20 07:44:08	Name: connect.sid Value: s%3A6LaxJms2xRfnAN-pzgEH9dfqjwjD9XLQ.aUW0Rrz%2BROaFkmEWj7VRYnf7U6MIKnJi60OyUpN8ydg
.pubmatic.com/	1970-01-20 09:44:48	Name: KRTBCOOKIE_218 Value: 4056-Y3mVyAAAAT_zlQAO&KRTB&22978-Y3mVyAAAAT_zlQAO&KRTB&23194-Y3mVyAAAAT_zlQAO&KRTB&23209-Y3mVyAAAAT_zlQAO
.pubmatic.com/	1970-01-20 09:44:48	Name: KRTBCOOKIE_466 Value: 16530-3bb24fd5-348b-4b8d-ba5a-eebaecba2ecb
.amazon-adsystem.com/	1970-01-20 12:56:19	Name: ad-id Value: A6kZeg1KT0mKiwbzSLqORlU
.amazon-adsystem.com/	1970-01-20 17:11:12	Name: ad-privacy Value: 0
.stud.com.ua/	1970-01-20 16:56:48	Name: cto_bundle Value: d5ncTV9TJTJGWVNwTiUyQjRzelYlMkJSTEJTWjVuYTAlMkJXanNLTXRjYWRSM2RxYjhXWlRkS01HZmlmVG5zellucFFBbDg3OSUyQlFISXElMkZIZVpGZyUyQnI3aGVIRzF5JTJGR3dVVjMlMkJoTFF4SHlLYVRwQlJEWFZ2RlYwWGRsUXFPRTVTcXFNMXZZRVRVVVN4UQ
.stud.com.ua/	1970-01-20 16:56:48	Name: cto_bidid Value: iz_MNV9PRTlkc01GVUJES0lxdE01NmJ1OTVmMFEzcnlOdnc4NzR2N2hTNFRDQW4lMkZjRElMcUlvQ0lNRUJEZ2t2cDAlMkZ1RTNPRExoJTJGR2hNRUtRT2J0cmN0aEJ2ZyUzRCUzRA
sync.srv.stackadapt.com/	1970-01-20 16:20:48	Name: sa-user-id Value: s%3A0-0c8e3348-33ff-4364-73fb-83cdeefae739.vEbdzkrJR9ZQD05ghWEdDRaFVzFupYSTYOQN967zMOM
.srv.stackadapt.com/	1970-01-20 16:20:48	Name: sa-user-id-v2 Value: s%3ADI4zSDP_Q2Rz-4PN7vrnOVLHgiY.qrypKoadUJGWLpqwOjUMjTW1pGYoSSy%2Bx9rWrHP63Nk
.tribalfusion.com/	1970-01-20 09:44:48	Name: ANON_ID Value: aRntmIPME7fQmKvCiHh8e4tOrVAvs4ho2cZaErwMFfF54BWPritjQMZbMnVpoZaIrj3k95bXK3pfIPFw7VKMu26052Y
.pubmatic.com/	1970-01-20 09:44:48	Name: KRTBCOOKIE_860 Value: 16335-DI4zSDP_Q2Rz-4PN7vrnOVLHgiY&KRTB&23334-DI4zSDP_Q2Rz-4PN7vrnOVLHgiY&KRTB&23417-DI4zSDP_Q2Rz-4PN7vrnOVLHgiY&KRTB&23426-DI4zSDP_Q2Rz-4PN7vrnOVLHgiY
pool.admedo.com/	1970-01-20 16:20:48	Name: tuuid Value: b08c533a-6fc8-45d8-be80-a73d97bdce67
pool.admedo.com/	1970-01-20 16:20:48	Name: c Value: 1668912585
pool.admedo.com/	1970-01-20 16:20:48	Name: tuuid_lu Value: 1668912585
.crwdcntrl.net/	1970-01-20 14:03:58	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 14:03:58	Name: _cc_id Value: 3d49aa6e1bc89c27b8806a3b81b6e4e5
.pubmatic.com/	1970-01-20 08:18:24	Name: KRTBCOOKIE_409 Value: 22966-39puKE4JaQXaRjUTMSVaXVVb
.pubmatic.com/	1970-01-20 08:18:24	Name: PugT Value: 1668912585
.betweendigital.com/	1970-01-20 16:20:48	Name: ut Value: Y3mVyQAJ8uDjCHjD8b03siWipqhujBUzS42AbA==
stud.com.ua/	1970-01-20 08:18:24	Name: admixerId Value: ff1d34b81fb14484add670617e083d36
.bumlam.com/	1970-01-20 17:11:12	Name: suuid3 Value: IiRmZGUwOTA5OC02ODdkLTExZWQtYWIxNS0wMDI1OTBjODI0Mzc*
.aidata.io/	1970-01-20 17:11:12	Name: __upin Value: dRJ9aJVFa2s88Q6SHiD+Ww
.aidata.io/	1970-01-20 17:11:12	Name: __upints Value: 1668912586
x01.aidata.io/	1970-01-20 07:35:12	Name: adsnpr Value: 1
.yandex.ru/	1970-01-20 17:11:12	Name: yuidss Value: 61808851668912586
.yandex.ru/	1970-01-20 17:11:12	Name: yandexuid Value: 61808851668912586

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOePy1x8trtTrYEWuSYXhEE&google_cver=1&google_push=ASkJ3Fatp3540LNOI70wGLbmLzAbWUhpSh3mupXjQuAjYyGnqL7PLOifJijrHmDzuWNyRnAtWrHvfbygqua5uINe3XAaJdAmI0St Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-9237573666471195&fa=1&ifi=10&uci=a!a&btvi=1&xpc=zBjKzfY1Kr&p=https%3A//stud.com.ua Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

63e2d93e744c9c06e92c1b9162c1ca0e.safeframe.googlesyndication.com
a.tribalfusion.com
a1236acaf59c76d1691e79ba6199f3b3.safeframe.googlesyndication.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
ag.innovid.com
an.yandex.ru
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
bidder.criteo.com
c1.adform.net
c2shb.ssp.yahoo.com
cache.betweendigital.com
cdn.admixer.net
cdn.ampproject.org
cdn.track.production.webgains.team
chart.googleapis.com
cm.g.doubleclick.net
cms.quantserve.com
core.iprom.net
cs.admanmedia.com
csync.loopme.me
d.agkn.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.nrich.ai
e.dlx.addthis.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
green.erne.co
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
inv-nets.admixer.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mug.criteo.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
player.adtcdn.com
player.adtelligent.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-inv-eu.admixer.net
prod-rtb.ad4mat.net
pubmatic-match.dotomi.com
px.adhigh.net
rtb.openx.net
s.seedtag.com
s.tribalfusion.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
stags.bluekai.com
static-de.ad4mat.net
static.criteo.net
stud.com.ua
studlancer.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.bumlam.com
sync.crwdcntrl.net
sync.dmp.otm-r.com
sync.mathtag.com
sync.srv.stackadapt.com
tm.simptrack.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
ups.analytics.yahoo.com
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.google.com.ua
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
www.tns-counter.ru
www.zenaps.com
x.bidswitch.net
x01.aidata.io
cs.admanmedia.com
googlecm.hit.gemius.pl
www.tns-counter.ru
104.109.78.125
104.111.239.217
13.248.245.213
13.32.121.66
141.94.170.64
141.94.171.215
141.94.242.204
141.95.33.111
142.250.184.230
144.76.87.156
146.0.227.109
148.251.139.77
151.101.194.49
151.236.118.146
159.65.197.210
172.64.154.237
178.250.0.157
178.250.2.151
178.63.43.235
18.133.151.109
18.156.195.47
18.158.77.24
18.66.147.41
185.184.8.90
185.29.134.244
185.64.189.110
185.64.189.112
185.64.189.115
185.64.190.80
185.89.210.180
185.89.210.82
188.42.189.231
194.190.76.45
195.5.165.20
198.47.127.20
2.18.232.130
2.18.233.180
2001:678:cb4:bbbb::11
213.155.156.164
213.19.147.45
216.52.2.48
216.58.212.130
23.1.110.85
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700::6812:19ad
2606:4700::6812:7e05
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:802::2002
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a02:2638:1::13
2a02:2638::24
2a02:2638::3
2a02:6b8::90
2a02:fa8:8806:12::1400
2a03:90c0:41:2801::254
2a05:d018:d29:3602:574e:c78f:197:6bf7
2a05:d01c:1d8:8101:d786:ef20:82e3:39f7
2a06:98c1:3120::3
2a0c:5c81:5142::2
3.11.224.13
3.126.56.137
3.66.124.166
31.172.81.158
34.102.253.54
34.149.50.64
34.98.67.61
35.157.182.139
35.204.74.118
35.210.53.219
35.214.223.115
35.227.252.103
35.71.131.137
37.157.3.28
45.133.44.3
5.161.54.172
5.45.72.163
5.45.73.237
51.68.39.188
51.89.9.253
52.57.54.93
52.95.126.138
54.195.228.204
54.243.58.43
54.38.197.123
54.77.35.234
62.149.1.122
66.155.71.25
69.173.144.139
69.173.144.165
72.246.169.24
84.200.5.215
85.114.159.118
88.99.63.132
89.108.119.28
00c2f6f71af570c619a4188e7298bbbb08064450b631b6ce11b14976501b2c53
02afd1162542e3ac4fa9e3a3cd7b3c9b552f30a274e34fd5da7b2533192b9c00
07d90eb50e725a6351f6d54f81dc6c2285ea5bd838941f8d642c6aa7a927ac18
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0911114c06f36fc0ea55a0128370fda466aa9191178fe2e0a68c10b76af0d6b5
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0ac2d4740122adfd4a45b0c363a196977baba657a5d8f2327162e0e9ad492789
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336
103b853856bfc76df75179097d28b5a951bba1d982b9e7f8e8ac321935b850c2
10422dc864b5794f3b1609afe32103070e8faa2e296a161d35f536db34ae5f90
1091f1e2ccd70b6e1bce1b047212d0a744dd58311b7c21a57c915c2025ad5966
10b5c9ac34f438b6ba1f666215489f0b7df6ccb28b66873892776cf21941e7e5
110f9df01faaf1c095e17387e051c04eaff94428f9603886ef807e24d9915819
1581977aa39ca8d934cfd40ab9ae68a1de0b4bf3db0c30f0d7345d53440bdeb1
168c790bce25109ea6f5de4218a673a44d789c015d89bf9d7b245e9493680fdb
1712e208001d7ac252f9d01725ec54a909400e7dc1f06a93c541dd39c73aabc1
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d4ee293f01ed18df25cd6e34f00c714550e0ec6e0ee96563c8387518baca0de
1d64da72e542961f701853f75b452ae3885d2c0f781304dfa3d48e52bce99b37
2039916483235401902b27c593c789ecd8bb22e991c73bfc660bdabf5002d825
2054965ddcde1b8d52f79108993e5d8bf55cd07ae96061e28e082bc171d06e71
217a3009b7c0a4ee6dec4e9e7a7799142eeee105aff81073af16a2fa63d43945
21fde74fd368016144c12d1bf0f8486c9d4eaea7af6fb01016ad3e94608132f8
2299aeeac368fd2d5c6a747460990c59c72c447a14e3c786a1f6e008aca556e9
262be405d24e2c19dc4e3ecce75466f864fd5959649e39b8b97fd1c83c54087f
273de9ace5c4e83c3d0e5d2c04140ad012e8a83c36b5bd1a78e709fe699f64ad
29e5bd0de860205475d1b59e10be6ba168924476be298cce645c61e767d9f9f1
2a2e7a9db175f0bb293280acdeca9691ebdd13f07d4e4bbd5eae58296e38432e
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dd91b75a8f29450eb47a384fcd94cd88826405557df434dfbf6fd2ab168abcd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f1b67fbe1369c29bbfc916bb111dda07afa9d4ea79d8ac915a9583e7535d069
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31a92da3d2476f7a4b87e23ab4a82f0189b58af3491ad67be26dc0920e807b2b
3518a80277c11ee9e03085b9c8a0f1b28c37834c830aea1b9ff23d176b481a61
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
379d12bc18d8f62fce29f2e976cc9a2f242cf5587489023a82877d465205bb2b
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
38c184f394967660c214922231ff1e641646cb82a18210d8f2016beda14ac5aa
39604e20e528380300c145e0326b87302a09020a017c9dffa359a069cc0d3b44
39d7aa096f8deeac11bbd830c3c28315c7cbc279827dbfb86bfc865562a822f3
3a0b2e1ab74e77678860f9eda0f8b8583f323993a130fba6e8b7884ba4cdb58e
3aff5e2508fd67e0aa14d8de2213cb56178871275afc38497ecc567239bdf761
3b4b6ad9424d90c084f7f56060396b17d7452517a86c32a4a49c6cfaa86f70e9
3c07a2502c4a56527ac547d4adf8648b886d808b26a034c89c34bf8283c7c0d4
3ccf37dbf96565a4744e0d77bcfafb2eb8d61d67957fed64a319fdd3141fa420
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e8df00ca4316220add7106763cd4045d2e7cdb23cc3503223281f9a78f2fefb
3ee72021b294e4463d1bb9cf22fb5b062f306ac6150ed8cc2e6f0bd7f836186a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
443836f1788048fb1f5b855fac8935b6abf7437af73f1203466032e9e63ca587
4492ac465e53794a865f1192c683108aa437df66aca22ad92279882a923e68ee
4676429835a2b8c9f18b8ac4f303fed85374c183999e7b6d3a0817b85bb56f0c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49b5ce8d75f6bdb3ca5d82d43ed447d165e366bc67febbdd6bbcebae55ff5f88
4b76681cd76c0b8c3812f3df33b394e5f7134d4684173e468121a20cd81c8cad
4d7d76d24cff60fc24847a49621898e7bbab3509a8362fad2df5fd6780beb2e9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5310f0832e01b69951a4b726dbc1b908803f91b78aa226ecbb27eee35d6304d3
53b427aeb95fe1f53cf45b32228e74b72ebaf890b022d6e464b4ca319bcb7713
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5635ac252e70572647d559374be4750b3a02f664851e9b382be9b59585bd0f43
563e2f1f30883d0d6f38af0a3ab53d70f4ad62ac986381da22770808dec525ee
5bed4cf0a63ad9b4c67cbb6357e88c01d34c2065485df7557651fcdd42f931e5
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db
6064376dd2d101705bf6030899190244a59a9a7c7d064e82fcd3cd1d4d593990
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6151c6cb78b2f0ced663b5e32e13658236477225b4416c52e57142f3d610f058
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628d9f993c1dd1ffed1ccf31480dac5792c340abcfe8b5cce6c2c7f5868f9ba1
62a8ba3cf733ea321ecb027323978526c422f1db16d05c2459ab9aaafb8c14ba
633fb954e4c608aff445328431b5b0e37bc4ee62c11c110793906913f1923561
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
65e723713ddf34410c46252335a5ab2c002391916894d37d44744af57ea20e44
6614e69c82a3311f949cde0b9cbb4379b8a24aee15b07a8f419ec280e1a5f1b6
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66678b4c4a54bea1dc81540f2af12125b7f09ffc3a77af9e96005d52f82d5e1c
6ae1579dca85975993d4c278b24490bc08a05c9a04526bebbfbe6f8ceb20e731
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e
6bc7ca08b6253d3467f7ac4b7038dc93fc1078af79cc2783b28175701ab9d44a
6e9c3d168b94b24597bd4e4248d785dc6a94e93f224d65a779302cd7271b446f
6ec28c9bb729f64da5531489131b2ac2c471f11fdc0a5c3d7e590784fb7f93e2
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
7188fe94c7d4ee4772e56dd094c74ebd3486182e2323e91f921b8c9416045f7f
76967d830f6aef06f336d8b7323d7d8a07e08b56080a1b3c8b9ada0b5e7ead26
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
79e806831d33c6ff3b0ff3f4e03da8a015ca1bbd6c5612e13657ccdeb6fccf54
7c1ed20a3a66178e281109e3bf99dd278456eeea71357c6562ebb61aa0c269fe
7c8bb08a2058ff070884520e3e22c0344278a07d00e11373e16b51f83b92c975
7caa57b6c9a4d8404d77b2232fcb1ce1cf66f1e3def2463f215e61cc421d49c7
7d398fc0e57ee1ae5c4728c807bf7ce0979c8d84347ba94716dc046c53384bc7
7fcee64c145a0be734ca1776b27e36dffecbdcf9ae2bdf39b38217951d473e39
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
860c03f6c1c151f44b2a0f37135538dcfe60251da5d5eaea3071227ca0c2e315
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
864daa7d4b7337ff28c466d6aefb03010766043e2cbcb6aaaa82182690464ec9
869802b0676ae800709c65ef9d689d7c2bc3693247ecae342431a8cb5caf4d23
86e52a6ab6d9a83f40ddc2a09084df0a0d291ca4194b5ce17de122001adf46fa
87f901400aa8b8ecd36e3aa1e1526cfa2a12fb4d592a054a1578ddf08d4d0f55
8b8dd3f08d077b9c9c7949fb1c5082946bebf0d58df0369e6ed3639f1348d886
8bd44ab8ece5cf08932d8a88464b7264fd9b5cc2e444cb47b6839d3b3d3dd14c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91b66ea17929feeda2a50c81865f4181321e61bc21e0bc2354b1ac679e09fd07
92e4101f248eb6f3e4d62b62bfa4f67fa8ca6d179d6f5047a31c545bcf86bd85
949bfd0b30c650757c02e009a892b6310fa65b904a063ebc7c09cdf2a96ae6c7
959aae6765a11f907ca2545deeb82b06d634ea5605be1ef2d141f6d7217716a6
95d7bb4a057513e40255adf2482ae46f6b16aa210d746c678b391734b02fde95
977182d44117dcbc0b90e30401c67661f3ed69e442d20e4a91244fca5fa62324
9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9abd094046fa97cc586eb240ff157b0dac4061ae7e0f5149282c285c083e547b
9c107f1c3b05f94f064b509d73831d7cf996ca9582ef96a18c41ec1c26f95564
9c73cb1b857cd6ed9f11f81d94e53b74a5f0de4e6ed5461142b3ccd7705a0ef7
9c7978ecba905d11d79a3f3c0a4efedb60779a5710261b13813c6507b3ba09d4
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e324d37d012282f23161ac60e569a6fa1e57d3decae440424e8b960ab3baf36
9ec0f64e5dbe89db69c74e916f36c0172a2d99ad6f6f2b22ca48e4493f2b3091
9f4619ce185ccf419ca790b2eb7ad34cddc2069d0cd074799bba61efd38b4de1
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a698dc798f7fbfaa85bc9a2548c6897a73448bf9b5e94c81e80296ea8b087569
a77ddd6e1f9a51be62ecf6fe0ac747f0e24420bb72cf4c1bc7421b7faddccf5c
a850379c69109f62304d9ef74d33cee0182b39ed66318bd31d10896e8c07958f
ac5482765476de9f3967da83c41743730b849e7ce79e263ee4e73434285768f9
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3
b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0
b353cd7f22b22d1880bad88087ce835ed56af66c24d95ef6963977a3dc24b347
b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b56ed1be0654ee7ee91da6713da40479c282019b84c1cf2a0277ce2453c45037
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb71137320fab908f6ba14a42fdae2222c28fe0c2c8d4b592b92b0e3eebebd27
c02693930661ec36a19ffd13fa984ddd5aeed9caa1cb3082efbf066b704fb389
c0b32638f9618f00199de9e38d7e4c93df186ed8836d161d26ac7f248bb3ad38
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c5d758605f202c77326c7d1a11957247217b8389557c0081a6229c617dceb65e
c61efac73f492cfca88ae2c13697f76ce320b6ecc5f016e9d815e6c5f8647122
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
cb2c1858f7b7300c0e2cf05973b7e7e111790bb259717d187ba10eef624838be
cc64d1756f7ea9bbd51bb9a79776949b84d251159bea5c0a4fc9f5f037925eb4
cd5ed0f45c06e7fdc61f53a44260d4a1dd8abd8f0efbe961ffee5b7a36c6845c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d494ece81e552d23a3d019cfd40524b94a55f776544422a6e12f85324bca6586
d4ee88572845c637e29e806b544dd609880fe151bae28baba0a058e735597942
d690786187fce6782d9d8fd0cbf3bb49dd2859084aea2e4c4507df3637686ac0
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d9d4840b715ac42b6ab57ced3a3de9c0ee17a4165fc05828827edf64030ddfc4
db785a42ba5dc5c49955dad604ff85ac4f25882a6d0a909619dc2334dace3ec1
dc4523d96f0aa486216b3c1b4624d1c7e319c7bf9ef68b52789549acdf355d3f
dcb60530afb017495b08f620320a6ae51d79d9dbcb593a06e59cfdb0c5cc24df
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd5263b164623b519d01810c4010be59f5789e0d359add15fd21a8e3bf033541
df70df7f822bc99de633a11d1b719418484b25fbaa487ec0d511fdf68a5db404
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0cdeb84dad946db1074c0bda0786016205320f7b4fc742b51c38b381865797c
e2d28cd54b81a9001c16f540fc7509ce03e1d43c61aef963d581a986cf8396ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49cb8d4ed5be7117e80a0cbf962dd1b692493ce77f3cdb546f72757ca4004d3
e54f13c51bf2891d6e85abdfd68762d0b01064447d7aefd21b69f6896c1f92bf
e56708b89838e332f7b843688f27a4d28bcd0f4f1268fc71cea58a23fa675160
e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67
e8decfdbca90823a9fc08c399cc7f568a993e77d31fe7e2ab87aa75276b5cfaa
eb1f96dd5a504afb0a607e64213438ff5239a03951ca063b2b2367c36f4b1989
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed06e8f62a4e88cfb2c286a6d068c158d4a69fa802074ed12c90ad8e786e03e9
ef0b114bd627ee7f7dc4da421d9c37ed3929f1b9d381b020fac7d442da090de9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f245bed8262fd952673d1e564d618932e432c28ae4ca4f8543bdab8ad28086fc
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
f43973ee0ee121287cca23c16a48de9fce9a5701eaa6724be93d702654a9677f
f4d008c89af76e79e2ee744507b024d51366495d63891c26ab9fc6b8c4ad4efa
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f53c2be11118712a77ab2b34d919824cb9578e1acc6340f156514fe3543e944a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f716e51a722e337c511181483abd9bc0d21b9b80a0ce1878949d691cf84fcbb2
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f9aa32f54935801cd898f3b9dddf31d089f79ee8c32dd065e9ef2da000b738b3
fdd929f4e7f24ceca1f21a2548a5b7ed985acf6a294ae92beab97c07558de1fa

stud.com.ua Open in urlscan Pro 5.45.72.163 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

375 Requests

89 %HTTPS

31 %IPv6

87 Domains

126 Subdomains

81 IPs

15 Countries

4576 kBTransfer

9594 kBSize

131 Cookies

4 Outgoing links

Page URL History

Redirected requests

375 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

stud.com.ua Open in urlscan Pro
5.45.72.163 Public Scan

Screenshot
Live screenshot

Full Image

375
Requests

89 %
HTTPS

31 %
IPv6

87
Domains

126
Subdomains

81
IPs

15
Countries

4576 kB
Transfer

9594 kB
Size

131
Cookies

375 HTTP transactions
10 data transactions