vsim.ua Open in urlscan Pro
2606:4700:3035::ac43:d201 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vsim.ua/
Effective URL:
https://vsim.ua/
Submission: On September 25 via api (September 25th 2022, 8:37:16 am UTC) from GB — Scanned from GB

Summary HTTP 226 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 67 IPs in 11 countries across 57 domains to perform 226 HTTP transactions. The main IP is 2606:4700:3035::ac43:d201, located in United States and belongs to CLOUDFLARENET, US. The main domain is vsim.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 9th 2022. Valid for: a year.

This is the only time vsim.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 63	2606:4700:303... 2606:4700:3035::ac43:d201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:831::200d	15169 (GOOGLE) (GOOGLE)
8	45.133.44.3 45.133.44.3	7018 (ATT-INTER...) (ATT-INTERNET4)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
4	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
12	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
4	2a06:8640:454::2 2a06:8640:454::2	55081 (24SHELLS) (24SHELLS)
2	31.41.216.82 31.41.216.82	42655 (BESTHOSTI...) (BESTHOSTING-AS)
1	35.214.184.209 35.214.184.209	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	198.47.127.22 198.47.127.22	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 2	185.172.90.252 185.172.90.252	49981 (WORLDSTREAM) (WORLDSTREAM)
7	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
2	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
11	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.51.9.98 184.51.9.98	16625 (AKAMAI-AS) (AKAMAI-AS)
2	184.51.9.34 184.51.9.34	16625 (AKAMAI-AS) (AKAMAI-AS)
2	92.123.9.160 92.123.9.160	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1	23.227.139.243 23.227.139.243	55081 (24SHELLS) (24SHELLS)
2 3	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 3	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
1	2600:1f18:659... 2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4	14618 (AMAZON-AES) (AMAZON-AES)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	2a05:d018:24:... 2a05:d018:24:b001:bd35:2c7d:1af2:e9a4	16509 (AMAZON-02) (AMAZON-02)
2 2	52.30.136.252 52.30.136.252	16509 (AMAZON-02) (AMAZON-02)
1	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	34.111.131.239 34.111.131.239	15169 (GOOGLE) (GOOGLE)
1	185.86.138.143 185.86.138.143	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	34.247.1.169 34.247.1.169	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	52.212.110.18 52.212.110.18	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	52.30.33.235 52.30.33.235	16509 (AMAZON-02) (AMAZON-02)
1	162.55.233.29 162.55.233.29	24940 (HETZNER-AS) (HETZNER-AS)
2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	13.32.99.43 13.32.99.43	16509 (AMAZON-02) (AMAZON-02)
1 1	3.218.193.24 3.218.193.24	() ()
1 2	52.95.115.196 52.95.115.196	16509 (AMAZON-02) (AMAZON-02)
1	104.96.159.57 104.96.159.57	() ()
1 1	52.51.174.182 52.51.174.182	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	3.120.20.226 3.120.20.226	() ()
2 6	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	52.46.128.147 52.46.128.147	() ()
1	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d018:d29... 2a05:d018:d29:3605:e8e1:b74:225e:e4ed	16509 (AMAZON-02) (AMAZON-02)
1 1	54.205.25.10 54.205.25.10	() ()
1	2606:4700::68... 2606:4700::6812:d4c	() ()
226	67

63 2606:4700:3035::ac43:d201 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

vsim.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7eaf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

id.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:8640:454::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.41.216.82 (Ukraine)

ASN42655 (BESTHOSTING-AS, UA)
PTR: dedic.dc.besthosting.ua

tracker_beam.20minut.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.184.209 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 209.184.214.35.bc.googleusercontent.com

api.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d5199266011f08527e30864a2a64f8a5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.22 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.172.90.252 (Naaldwijk, Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.9.98 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-98.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.51.9.34 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-34.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.9.160 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-9-160.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b001:bd35:2c7d:1af2:e9a4 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.136.252 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-136-252.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Schopfheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.131.239 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.143 (France)

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.1.169 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-1-169.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.110.18 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-110-18.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.33.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-33-235.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.233.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States)

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-43.fra60.r.cloudfront.net

engine.widespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.218.193.24 (None, ) 1 redirects

ASN- ()

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.115.196 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.159.57 (None, )

ASN- ()

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.174.182 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-174-182.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.20.226 (None, ) 2 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.128.147 (None, ) 1 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:e8e1:b74:225e:e4ed (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.205.25.10 (None, ) 1 redirects

ASN- ()

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d4c (None, )

ASN- ()

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	vsim.ua 1 redirects vsim.ua	1 MB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 d5199266011f08527e30864a2a64f8a5.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 142	531 KB
17	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	193 KB
12	google.com accounts.google.com — Cisco Umbrella Rank: 77 ampcid.google.com — Cisco Umbrella Rank: 2077 region1.analytics.google.com — Cisco Umbrella Rank: 5636 adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	77 KB
11	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 1707 mwzeom.zeotap.com — Cisco Umbrella Rank: 1669	4 KB
9	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 228 acdn.adnxs.com — Cisco Umbrella Rank: 611	40 KB
9	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 5896 ghb.adtelligent.com — Cisco Umbrella Rank: 5717 sync.adtelligent.com — Cisco Umbrella Rank: 4320	150 KB
8	gravitec.net cdn.gravitec.net — Cisco Umbrella Rank: 22967 id.gravitec.net — Cisco Umbrella Rank: 132346	58 KB
7	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 479 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528	6 KB
6	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 433 ads.pubmatic.com — Cisco Umbrella Rank: 462 image6.pubmatic.com — Cisco Umbrella Rank: 648	12 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 359	109 KB
4	amazon-adsystem.com 2 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1232 s.amazon-adsystem.com	3 KB
4	rubiconproject.com eus.rubiconproject.com — Cisco Umbrella Rank: 564 pixel.rubiconproject.com — Cisco Umbrella Rank: 335 token.rubiconproject.com — Cisco Umbrella Rank: 667	11 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 406 mug.criteo.com — Cisco Umbrella Rank: 2876	1 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	15 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	199 KB
3	krxd.net 1 redirects beacon.krxd.net — Cisco Umbrella Rank: 513 usermatch.krxd.net	941 B
3	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 436	768 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	131 KB
3	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3335 adservice.google.co.uk — Cisco Umbrella Rank: 5376	1 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 797	28 KB
2	bidswitch.net 2 redirects x.bidswitch.net	2 KB
2	everesttech.net sync-tm.everesttech.net — Cisco Umbrella Rank: 562	237 B
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 869 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468	1 KB
2	crwdcntrl.net 2 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 838	787 B
2	weborama.fr 2 redirects idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26264	682 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	2 KB
2	tidaltv.com 2 redirects sync.tidaltv.com — Cisco Umbrella Rank: 1343	749 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 342	529 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 615 cdn.indexww.com	2 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 748	144 KB
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 5593	1 KB
2	20minut.ua tracker_beam.20minut.ua	135 B
2	gravitec.media cdn.gravitec.media — Cisco Umbrella Rank: 42666 api.gravitec.media — Cisco Umbrella Rank: 33808	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	122 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	578 B
1	ad4m.at ad4m.at — Cisco Umbrella Rank: 2111
1	imrworldwide.com 1 redirects obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 47246	214 B
1	bluekai.com tags.bluekai.com	145 B
1	widespace.com engine.widespace.com — Cisco Umbrella Rank: 65527	209 B
1	richaudience.com sync.richaudience.com — Cisco Umbrella Rank: 2134	359 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 947	356 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 448	527 B
1	smartadserver.com sync.smartadserver.com — Cisco Umbrella Rank: 1540	21 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1578	596 B
1	exelator.com loadeu.exelator.com — Cisco Umbrella Rank: 7099	324 B
1	fwmrm.net dmp.v.fwmrm.net — Cisco Umbrella Rank: 10822	411 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 697	161 B
1	adform.net dmp.adform.net — Cisco Umbrella Rank: 5011	331 B
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 9079	259 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 463	617 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	1 KB
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6489	169 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1075	41 KB
0	leokross.com Failed leokross.com Failed
226	57

	Domain	Requested by
63	vsim.ua	1 redirects vsim.ua
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com vsim.ua
12	securepubads.g.doubleclick.net	vsim.ua securepubads.g.doubleclick.net www.googletagservices.com
10	mwzeom.zeotap.com	spl.zeotap.com
7	ib.adnxs.com	player.adtelligent.com spl.zeotap.com acdn.adnxs.com
7	cdn.gravitec.net	vsim.ua cdn.gravitec.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.google.com	tpc.googlesyndication.com vsim.ua securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	www.facebook.com	connect.facebook.net
4	ghb.adtelligent.com	player.adtelligent.com
4	player.adtelligent.com	vsim.ua player.adtelligent.com
4	connect.facebook.net	vsim.ua connect.facebook.net
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	pixel.tapad.com	2 redirects spl.zeotap.com
3	cm.g.doubleclick.net	2 redirects spl.zeotap.com
3	www.googletagservices.com	securepubads.g.doubleclick.net
3	accounts.google.com	vsim.ua accounts.google.com
3	unpkg.com	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	x.bidswitch.net	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects spl.zeotap.com
2	sync-tm.everesttech.net	spl.zeotap.com ssum-sec.casalemedia.com
2	beacon.krxd.net	spl.zeotap.com
2	bcp.crwdcntrl.net	2 redirects
2	idsync.frontend.weborama.fr	2 redirects
2	dpm.demdex.net	2 redirects
2	sync.tidaltv.com	2 redirects
2	image6.pubmatic.com	spl.zeotap.com ads.pubmatic.com
2	match.adsrvr.org	spl.zeotap.com ssum-sec.casalemedia.com
2	eus.rubiconproject.com	player.adtelligent.com eus.rubiconproject.com
2	ads.pubmatic.com	player.adtelligent.com
2	acdn.adnxs.com	player.adtelligent.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	static.xx.fbcdn.net	www.facebook.com
2	pbjs.e-planning.net	1 redirects
2	hbopenbid.pubmatic.com	player.adtelligent.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.co.uk	securepubads.g.doubleclick.net
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	tracker_beam.20minut.ua	vsim.ua
2	www.googletagmanager.com	vsim.ua www.googletagmanager.com
2	www.google-analytics.com	vsim.ua www.google-analytics.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	sync.srv.stackadapt.com	1 redirects
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	ad4m.at	ssum-sec.casalemedia.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	pixel.rubiconproject.com	spl.zeotap.com
1	obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	1 redirects
1	tags.bluekai.com	spl.zeotap.com
1	usermatch.krxd.net	1 redirects
1	engine.widespace.com	spl.zeotap.com
1	sync.richaudience.com	spl.zeotap.com
1	odr.mookie1.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	sync.smartadserver.com	spl.zeotap.com
1	dsp.adfarm1.adition.com	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	trc.taboola.com	spl.zeotap.com
1	dmp.adform.net	spl.zeotap.com
1	sync.adtelligent.com
1	a4p.adpartner.pro	1 redirects
1	js-sec.indexww.com	player.adtelligent.com
1	spl.zeotap.com	player.adtelligent.com
1	id5-sync.com	player.adtelligent.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	htlb.casalemedia.com	player.adtelligent.com
1	prebid-eu.creativecdn.com	player.adtelligent.com
1	d5199266011f08527e30864a2a64f8a5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.co.uk
1	region1.analytics.google.com	www.googletagmanager.com
1	api.gravitec.media	cdn.gravitec.media
1	cdn.gravitec.media	cdn.gravitec.net
1	ampcid.google.com	www.google-analytics.com
1	id.gravitec.net	cdn.gravitec.net
1	www.googleoptimize.com	vsim.ua
0	leokross.com Failed	vsim.ua
226	83

This site contains links to these domains. Also see Links.

Domain
vn.20minut.ua
zt.20minut.ua
te.20minut.ua
kazatin.com
invite.viber.com
t.me
www.facebook.com
news.google.com
www.instagram.com
www.youtube.com
www.besthosting.ua
ua.depositphotos.com
www.eeas.europa.eu
www.irf.ua

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-09` - `2023-06-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-04` - `2022-10-02`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2022-03-22` - `2023-04-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
player.adtelligent.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
cdn.gravitec.media R3	`2022-09-22` - `2022-12-21`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-08-05` - `2022-11-03`	3 months	crt.sh
*.20minut.ua Sectigo RSA Domain Validation Secure Server CA	`2021-10-18` - `2022-10-18`	a year	crt.sh
api.gravitec.media R3	`2022-08-14` - `2022-11-12`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-29` - `2022-12-30`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
*.tapad.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-03-10`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-03` - `2023-03-07`	a year	crt.sh
widespace.com Amazon	`2022-02-23` - `2023-03-24`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh

This page contains 22 frames:

Primary Page: https://vsim.ua/
Frame ID: D2B011614FA9663F2675EB1147FD1997
Requests: 108 HTTP requests in this frame

Frame: https://vsim.ua/site_login/iframe
Frame ID: C69DFE8B884364D92CCE1E70A38EBE29
Requests: 4 HTTP requests in this frame

Frame: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1664092800
Frame ID: 606FAB73A95999B732EB65FFC48553D4
Requests: 6 HTTP requests in this frame

Frame: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1664092800
Frame ID: 8B6BA112A74D898BB62AE32609E3F856
Requests: 6 HTTP requests in this frame

Frame: https://id.gravitec.net/
Frame ID: 6EC9736FC5FE0674A5D8DCA511F9C0F6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a787927f11b2c%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff38090e425b33e8%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=250
Frame ID: 678778D1DD051ADF325FD512F7E5C63F
Requests: 3 HTTP requests in this frame

Frame: https://d5199266011f08527e30864a2a64f8a5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7447667AB251529CCA8BA0F51C827839
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FE98C697AE8EFF9E9FD77A2F5FBB5DFA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E2D9B6FF58D6C1FC3A22A9CFDB83B9C8
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 664A671733F63AE6EB3E56DD60C804C5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Frame ID: 47507B6F5F516F9E09E324A5C3A31B62
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsta96qsaKiw9R9wntakoA5gAUzDSGjxaktnR9-zgQhqMD_8VL_TlAdGiLaFduOkNWDMgjcyD0k2f5iWCjiIi0BzMycrpSsdhSM0sgqvAHcvJgTp9WRe7iuo9OFwIUkThpH58WcuL_OyQz92EEm0ifyhVBayq-rI02VGe3aMv94upZRY-Ex30bQGYfYr2OYBo0lRxvXCXixIm7IzJrEn3Fcun47zkygbj18WpKPBdPZIcrYdg0HbkSfkbBMnCbLCKT47dXZqBZKwa-MbNjNNdaJBIIfcaneAqQDUreH9chsQbf3X5nZixhodmtJEcFI41g9B1Q&sai=AMfl-YTRcpCMlAZleTKpz6OS87cWNiRcU7bpkg2oxvk_glZ8PgzK6YtP2tQu6Ec9AKQCVfY6c792UY6rUJ8CCR9uybt3_tsrOMhngBjHDgCDperZiVD2v7JDnzy8h5FlUrA65HM&sig=Cg0ArKJSzBYj3aAIZYUlEAE&uach_m=[UACH]&adurl=
Frame ID: D32262AB6F8C1AA53EACB8A8871CA41F
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdGHr9Z1IkmMsE94JGGeZqVLc1JenuwE8eemCeyT4RhPK9yRSyBzW-Q31fe1RFHuiFTlsYPIUBfzUAxufXVxvmdyRBG7o9mwEWS9Jhj7cgYL1mI5sbNEUZ06H9wAYkq3HCc6N1Jt4E2mEEKWc1k7jTBa5trIPvuhSxXvlxaQDNVmLtOMc-0D91AsJPElYpI55WQeyXO_9pBgYezunwIK936-VqKH6oYCOcZoY3ZINATReN9cuksfKnk_PYQVPKzd68A5ZCbJUb1cv7uPwJrmoG61Aj9Peugjuuj1BAQ20OaGnsqMfFqwbctQEX7iP1pkJiEA&sai=AMfl-YQBb8yhdgAjETTmMgVB3-Nq56KVeEBdb6yT11zkGrdO318vpv0ZYbxJ4lXRsWMGrRTpUVOqX50ryjDESLKM6zfl1f6iENMIA5SoHY8DKeuli4w3kZHfNg7WtjtfeeKg2K0&sig=Cg0ArKJSzAezuBucTLKBEAE&uach_m=[UACH]&adurl=
Frame ID: FFE865AB52FE0AFA101DBED97EAE6922
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5IbhMlRrufxz4RvQHy0cXfBSRwKYxpp4zNKTeUNkjDq4XrNHtDDMT10byuRFCeR-QytfS-RcqpZltjPzwsPogDOmJQHT1bhzNDVcFVNHx91DaWe4Yu7llqgbtPdvP8FvTkR01ewytxH-8Av9hAgDGEiTNuvk9urPa17kNES-j2yo-rc36l-1iY9chnDz9CFdvHz-pKqh49-YgPJm-lPYxenWkBI12kTo-6JpoXykJ3EtkMqBy7ywHdRubcBeyEu6HvTSHwhjo2YGErVEniEIWch9kyIA8rah5LRibrk-C2bekRzggvHHuqU3uWXgLXAV7mVI&sai=AMfl-YR_tyax-hOAWLdcwB7mR35f0mz7XEMvf9EB-63za120YaVXmwqQEyBFQAuQiCAQeyXaSJb_T2_335WXXoyavhPn3F9_XN061CUF33_NaH3oG9JOW2WkrivpYJ-YmPYIC_U&sig=Cg0ArKJSzP74CUnKvOrFEAE&uach_m=[UACH]&adurl=
Frame ID: A4A6E3D0B2777E69EE6192E894E48FF5
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: ACCC4E4D36F3A1E9C603210D42F4EB44
Requests: 3 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: D3100D624C8CCC9F41909C02975A7DB0
Requests: 30 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C9B6DAD9564FC73C5FC3D9F65701598A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Frame ID: A6611FA00CD7CDE9A9317B04C7EDB1A1
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A81B6847640BBD5185DE38AAA1D51467
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: A802E956E5A5A50F12BE1CD4001CAD38
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Frame ID: 4A3B17FA33DB8F53E4EABCA58521FA4D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 07C07D338AEEBF04BCD83AB27337C649
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Всім - Новини Хмельницького

Page URL History Show full URLs

http://vsim.ua/ HTTP 301
https://vsim.ua/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

226
Requests

91 %
HTTPS

42 %
IPv6

57
Domains

83
Subdomains

67
IPs

11
Countries

3263 kB
Transfer

8339 kB
Size

51
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://vn.20minut.ua/
Title: Вінниця

Search URL Search Domain Scan URL

URL: https://zt.20minut.ua/
Title: Житомир

Search URL Search Domain Scan URL

URL: https://te.20minut.ua/
Title: Тернопіль

Search URL Search Domain Scan URL

URL: https://kazatin.com/
Title: Козятин

Search URL Search Domain Scan URL

URL: https://invite.viber.com/?g2=AQAlCG5A7vvn5UlcXTVOPYYe8%2BNbbSdYNqt%2FAkWqrcA8b94WcKGEqaRwpKqWVh9M

Search URL Search Domain Scan URL

URL: https://t.me/vsimnews

Search URL Search Domain Scan URL

URL: https://www.facebook.com/vsim.ua/

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMOzqjwswxLKjAw?hl=uk&gl=UA&ceid=UA%3Auk

Search URL Search Domain Scan URL

URL: https://www.instagram.com/vsim_ka/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/%D0%86%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B2%D0%B8%D0%B4%D0%B0%D0%BD%D0%BD%D1%8F%D0%92%D0%A1%D0%86%D0%9C

Search URL Search Domain Scan URL

URL: http://www.besthosting.ua/

Search URL Search Domain Scan URL

URL: https://ua.depositphotos.com/

Search URL Search Domain Scan URL

URL: https://www.eeas.europa.eu/delegations/ukraine_en

Search URL Search Domain Scan URL

URL: https://www.irf.ua/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vsim.ua/ HTTP 301
https://vsim.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://unpkg.com/imask HTTP 302
https://unpkg.com/imask@6.4.3 HTTP 302
https://unpkg.com/imask@6.4.3/dist/imask.js

Request Chain 108

https://pbjs.e-planning.net/pbjs/1/2e43c/1/vsim.ua/ROS?rnd=0.545904147662506&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&gdpr=0&e_pubcid=d7db8ffe-4da1-4c01-b29f-0dd8525a78e3 HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.545904147662506&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&gdpr=0&e_pubcid=d7db8ffe-4da1-4c01-b29f-0dd8525a78e3

Request Chain 174

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=U_ayTHxidEI0bHdsMExlMW0zOGl2ZjhKSGpQOC93N2dBNEoyaW5uMlYxd1lzK0dHSXkyZ3VwYlI0ZGVMWHI0R0JHL1l5ckJUQTVXd2lXVGlsNytSL3Vrc21qaVBuVVgzTGZYK0VSeXhWelFmak9DR09RSFBwd2pERXZSa3p4VElyTTBlK2hZWE81MHh4REJJRmJFZWNzdEV6RTlnVTdhaW9WUVBDWnFIcTY5Q1A3OVRocWFsNEFiaG1wUEF1ODhOTXVXVUdOelp3ZHdhYkxZNFFLdlNmWUV1WmdQMGk2Q0hvZmFtNlR5bElxRmtFQXVjPXw&cppv=2

Request Chain 183

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=3cc50df4-4362-45d2-add4-d165cd81b791

Request Chain 186

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D43443022-9278-47df-74d0-02d0cd579cca%26reqId%3Db7d4d801-d3a6-4d81-628c-5b2ebaa6d61e%26zdid%3D1361 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D43443022-9278-47df-74d0-02d0cd579cca%26reqId%3Db7d4d801-d3a6-4d81-628c-5b2ebaa6d61e%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=4b01d2ad-a080-4595-bce9-a76b458b2df7&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361

Request Chain 192

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361&s_h=1 HTTP 302
https://mwzeom.zeotap.com/mw?cid=c3202e01-1cb6-4530-a4aa-41e387510801&zpartnerid=317&gdpr=1&gdpr_consent=

Request Chain 193

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=43443022-9278-47df-74d0-02d0cd579cca&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D43443022-9278-47df-74d0-02d0cd579cca%26reqId%3Db7d4d801-d3a6-4d81-628c-5b2ebaa6d61e%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=43443022-9278-47df-74d0-02d0cd579cca&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D43443022-9278-47df-74d0-02d0cd579cca%26reqId%3Db7d4d801-d3a6-4d81-628c-5b2ebaa6d61e%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=44557057200104597693809169099159366593&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361

Request Chain 195

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D43443022-9278-47df-74d0-02d0cd579cca%26reqId%3Db7d4d801-d3a6-4d81-628c-5b2ebaa6d61e%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7147233735604566167&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361

Request Chain 197

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=43443022-9278-47df-74d0-02d0cd579cca&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D43443022-9278-47df-74d0-02d0cd579cca%26reqId%3Db7d4d801-d3a6-4d81-628c-5b2ebaa6d61e%26zdid%3D1361 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=43443022-9278-47df-74d0-02d0cd579cca&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D43443022-9278-47df-74d0-02d0cd579cca%26reqId%3Db7d4d801-d3a6-4d81-628c-5b2ebaa6d61e%26zdid%3D1361&bounce=1&random=4107019640 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=PyDBUvgBuvQOTf7h1clF6O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361

Request Chain 199

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=43443022-9278-47df-74d0-02d0cd579cca?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=43443022-9278-47df-74d0-02d0cd579cca?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361

Request Chain 200

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-LRyyK0RE2oou1i7.pjUm2b8htklcFfIrJQ--~A&zpartnerid=570&env=mWeb

Request Chain 201

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=2AlcFsEkph7qnnfRgCw2pGgYxLuQLaqa%2BS41iYitP1U%3D

Request Chain 207

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361

Request Chain 208

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=43443022-9278-47df-74d0-02d0cd579cca&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=43443022-9278-47df-74d0-02d0cd579cca&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361&dcc=t

Request Chain 210

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D43443022-9278-47df-74d0-02d0cd579cca%26reqId%3Db7d4d801-d3a6-4d81-628c-5b2ebaa6d61e%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361

Request Chain 212

https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=43443022-9278-47df-74d0-02d0cd579cca&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D43443022-9278-47df-74d0-02d0cd579cca%26reqId%3Db7d4d801-d3a6-4d81-628c-5b2ebaa6d61e%26zdid%3D1361 HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=461&user_group=1&expires=5&user_id=43443022-9278-47df-74d0-02d0cd579cca&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBBSW_UUID%7D%26cookie_age%3D%24%7BCOOKIE_AGE%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D43443022-9278-47df-74d0-02d0cd579cca%26reqId%3Db7d4d801-d3a6-4d81-628c-5b2ebaa6d61e%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361

Request Chain 215

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 220

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzATNybOZelKALNEqf5GLgAAEY0AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENpZRz4huwHDkUQT9q1m1l8&google_cver=1

Request Chain 221

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YzATNybOZelKALNEqf5GLgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEItwbMtip2_0mJ3gaqggM9U&google_cver=1

Request Chain 222

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzATNybOZelKALNEqf5GLgAAEY0AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzATNybOZelKALNEqf5GLgAAEY0AAAAB&dcc=t

Request Chain 227

https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=EHss-O_fSudhSOk7gaR519mKxGk

226 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
vsim.ua/
Redirect Chain

http://vsim.ua/
https://vsim.ua/

175 KB
37 KB

739ms
674ms

Document
text/html

2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f135076aa23aa534996a5eb60fcfb80fbc363d694443e1cc981a3f70716915d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, s-maxage=30
cf-cache-status: DYNAMIC
cf-ray: 75026f955f75888f-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 25 Sep 2022 08:37:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nK9EuW3QU5rtYWiw1yNCFy91C4ZHc4b82gbTCoA%2F%2FXErmdCY12t9mhHWa33JLHbeiJCwV4YEYL9gW7jJXAQ6bj%2BpjEehPn2CcRkOA%2BuBuVs09hpaNzPtkRaLkOhHCX3NFCnqRF56"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: BYPASS
x-dev: Desktop
x-stat: 1

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 75026f940fbcdd13-LHR
Connection: keep-alive
Content-Type: text/html
Date: Sun, 25 Sep 2022 08:37:05 GMT
Location: https://vsim.ua/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ho3HWAxqIEWSq6WzoPjj4ccWHCxxFMx0tGXSLK%2BHV3HV%2BXh22X6RQa9TqV3KLYhD4JqRoS70%2BTZkAsErqnMQ4f59Gr4HbTMrXfgy0uQkQwJptkYZ28Wq6FJTmU90oUrODEV1CAFl"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 3831ad9.css
vsim.ua/css/ 629 KB
98 KB 45ms
44ms Stylesheet
text/css 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/css/3831ad9.css?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9c424eb31fac71d827f3497f4b2a92d9e7e4985db6ce7b379e74aa75fff7f50

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 146694
cf-polished: origSize=646179
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 23 Sep 2022 15:06:44 GMT
server: cloudflare
etag: W/"632dcb84-9dc23"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=queRTFcKG4JD%2BGopk%2F323L3zDtUPaFSDWVnPL%2FJ2i%2BtnFwHTdF3Y64O7HO9NdH%2FGbNxM3JW9ylYW16KMhuyK1nUHWXhRdJJqGsHjOrCe72N5aJCyqaR5lFmUkT6PNzvVfs%2FWLTwL"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 75026f999fbe888f-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Logo_new_vsim_v8.png
vsim.ua/img/ 5 KB
5 KB 37ms
36ms Image
image/png 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/Logo_new_vsim_v8.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8b9e3e8e1276c694f2cb8c6957a36d9d8ec542a8fd8d2166ed58d6897aaaa30

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7253155
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4716
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
etag: "5e4d36b2-126c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBYJObo1Dtiu0d%2FDjEFMOdCZewoxR4Nj886leInozni%2BRCe6Klte6EZojC5V8UdviiqPTaY2XE%2FfW%2BYSSIxS4vFCYg1CPiTqY6NMJOgePfuptiGeDaWSG0pJbS1Y644WSTcozW99"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75026f999fc0888f-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 news_today.svg
vsim.ua/html/20min-page/web/img/icon-title/ 1 KB
1008 B 57ms
56ms Image
image/svg+xml 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/icon-title/news_today.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd6bfabd983e40a92cd350180c9a98cd9e3f282335f73b2c2537ba3d4c9332d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 920
etag: W/"5e4d36b2-467"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BmgxZvM5mTZ9AUuF0D%2BqQzRRHzm5mCWgxS74hHG39Pk%2FIoF87pA0xgipyfjNsOovzc3rn1nvaFA7zX8asrbJ3HF1qASKiccyzEnfFYsL3seAduQTwlP8eWeZ7u0nKAcWHUdMs7%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 75026f99afeb888f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 8ffb14cb46cdb5fbc156e7ce18cb8c408f83e06e.jpeg
vsim.ua/img/cache/reference/panel_link/0026/31/ 4 KB
4 KB 57ms
57ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/reference/panel_link/0026/31/8ffb14cb46cdb5fbc156e7ce18cb8c408f83e06e.jpeg?hash=2022-02-25-14-28-31
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaf2c9137e521e1f030246115b742374c4594cc7facea8f516f19f44ffe05571

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Feb 2022 12:28:56 GMT
server: cloudflare
age: 5533
etag: "6218cb88-e27"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUqNcYxD%2B5ixpuc3q3%2FWxJXsDq5mQEj0oqmCcyX1dvLRe2f3ycAWiKwGTFNNYJnKFt%2BdNyFU6aEx9Lyf6uv9TzeISv%2BkeTFLmPa3a33yACIwKCjnF1h9lOg26A7%2Fv0TBEhAQNhCN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 75026f99afed888f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3623

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
591 B 57ms
56ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 895508
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 285
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
etag: "5e4d36b2-11d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WIN4wAw%2FOT0WcutpTNowYUBwYjllOCV1jmDtIAQ5SXKc%2Byyuj7ffJBMuiLfda2p6lmH1FXxTwyMlY5sgY5OQZupDCFQvTJ8ppMoPqG%2FQWVY9ATALpVqLG9SMFXZSmaSd43VbuabV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75026f99afee888f-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Often_comment.svg
vsim.ua/html/20min-page/web/img/icon-title/ 929 B
905 B 57ms
56ms Image
image/svg+xml 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/icon-title/Often_comment.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81753a8f9689cc6359d1219ef65e37e7827db414e82711378357de5377c18a7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 5532
etag: W/"5e4d36b2-3a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvhvFA8e%2BX6nE%2BD1WLfYw4SE%2BZyIoHSRkXLC7Uxnh%2BisgV9bb5YktGWQQLLL3PCLSwPyI0YgH09FVGn6CaNPFZj5LmboWc1lf3fyY6VvsgJPs11pebxKFigGpj2StVSG315wJJf8"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 75026f99afef888f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
588 B 55ms
55ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 146694
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 285
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
etag: "5e4d36b2-11d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oN1ZzX2HT1JBFIW2Y5cGh9vMIT5krTAEuWFDe32Q1JbHviKoVYy5rV0EphhZ0tJzD7z7eUUEp4nZUrypt7JJj0o3g39rYwa60jIIk6tsgMRK1TqEHsnTJxAl8RHKVLgScxWmX5nh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75026f99bff1888f-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Newslater.svg
vsim.ua/bundles/twentyminutuamain/img/icon-title/ 766 B
850 B 55ms
55ms Image
image/svg+xml 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/icon-title/Newslater.svg?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f7395272e337bd77d47ff9ba8f42f01348f039527171842d0cd2f802e322721

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
age: 60006
etag: W/"5e4d36b1-2fe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bM%2F0T20AJfybn6MaVIFOSUDs76k3hGI42J4QWYZhUMmw%2F4%2BqMOn7uCacOUQmVT6qtAOFElgV%2F4ASY3lw11fYSwOqV%2BBX9XG%2Frq5Xea9Uh0m2zKahdgDLIvYzQNvazMiVsCxuvOC0"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 75026f99bff3888f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 04757c045656223f79bdfdb8cb09896f9b1eaf03.png
vsim.ua/img/cache/reference/rubric_partner/0021/76/ 8 KB
8 KB 215ms
214ms Image
image/png 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/reference/rubric_partner/0021/76/04757c045656223f79bdfdb8cb09896f9b1eaf03.png?hash=2021-01-22-11-59-23
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f0c2b0a2c352645b53399aff7d600aef3a1d49377280b4dbe6d6d8cc291a935

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Feb 2022 16:26:41 GMT
server: cloudflare
etag: "620a82c1-200e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=seqi%2BmnF92yacQbcTdioxhWKnsEsQmrZXzl1E99bIea0nLAns%2BrNfYOfjBy2ikyinyUvnVy2kkQb2VuH0O%2F5Cw9EOoT2YuutUzsjIAZhHeRgaTBTW1icgzicbhxozLcYInTgfysA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 75026f99dea9dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8206

GET
H3 200 iframe Show response
vsim.ua/site_login/ Frame C69D 7 KB
2 KB 280ms
279ms Document
text/html 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/site_login/iframe
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b4d484cac1487df99878a181ea821368c54632906c57427535f9f4e842125a6

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 75026f99eeb5dd80-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 25 Sep 2022 08:37:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nIvPAl6rb9gFlcSKZzwGWDXVwggHctS7SrC3iebu%2BLeE8kmXv%2Bkh6FUrzl5b6pdFk%2BYa%2BriB%2BRtfQiInrK1cXzTMiTe3m%2BgY4AK2OXiDHVVqIJPLZagzO2c%2FCgOPWRYDo8zYTKpu"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: BYPASS
x-dev: Desktop
x-stat: 1

GET
H3 200 EU_hor.png
vsim.ua/html/20min-page/web/img/ 77 KB
77 KB 68ms
67ms Image
image/png 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/EU_hor.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0f3f63b8aa81276ab867ee8172db9e3f7a03df59f3c868670c35cd7c635c762

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2169625
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78494
last-modified: Wed, 27 Apr 2022 07:07:05 GMT
server: cloudflare
etag: "6268eb99-1329e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FS%2F6MOZH4Lc18US9m7%2Bzg1Mva%2Fj4GsQxBO3KmMdb28u6OyhQmsoXIekSUGxYBb%2FwYCzIXkOcYpJHlC8e3%2BtfTXwTuMewFcOQ4Q7gpQdj5KLeLvfNREGc%2F8jM4xDdCLgI97keKWO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75026f99eeafdd80-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Vidrod%C5%BEennia-Logos-Horizontal-16-01.png
vsim.ua/html/20min-page/web/img/ 13 KB
14 KB 37ms
36ms Image
image/png 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/Vidrod%C5%BEennia-Logos-Horizontal-16-01.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88b263a05e0fa2a8084852de8152c02ade2b1cb33a2d9bbb780a2d9561e48c63

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2084200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13734
last-modified: Wed, 27 Apr 2022 07:07:05 GMT
server: cloudflare
etag: "6268eb99-35a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQoYTy%2BSrx%2B6QiUbRGzj0syv1KmDfABl0eT3cE5d0rbutfpxynhnG%2BChTPCX4xQFkhDpb2y07zp5Y3V33VkP2yx1PSFK%2FkA%2BvWJ509ARsNoVglo7XnpIQ1wE2iU4SRfIklcNysMj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75026f99eeb2dd80-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ANRVU_logo.jpg
vsim.ua/html/20min-page/web/img/ 63 KB
64 KB 131ms
130ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/ANRVU_logo.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66fbe356f6e297ef03954cdb269883d5352c2463a0d3367ade4b077088658ab5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2175016
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64782
last-modified: Wed, 13 Jul 2022 08:36:37 GMT
server: cloudflare
etag: "62ce8415-fd0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfs%2B8iluwJ1Ygc%2BtyrE9GbEB1DAiNZbEYnLC%2Bc8p92kZW4mHr7dVraCT4Hlh1X5vcsJBu1mCJZ5Xd5K1iBguYnA7vtCN3zUTLMjbBgo%2BADQWt1Wj4H82yNH0f6jc8gUT37eKZ0zZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75026f99eeb4dd80-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Push_notifacation.svg
vsim.ua/html/20min-page/web/img/sub_image/ 2 KB
1 KB 140ms
140ms Image
image/svg+xml 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Push_notifacation.svg?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b50736d5ec0097525d6ff80d1b680bbbec44ada253b9f2c8171d76ec1350c28e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 6020
etag: W/"5e4d36b2-75a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4yy78b5hafjTSEliLivHgBUl2SX%2B%2BtYEqfy4vleIVlRdwducqjUNEGyB444dkS%2Fc%2BkyoagZXmZ%2FoHc8xMab0okHkJa0b%2FESlnanl4iRsbJqvssFLODT6m5UzrKR8CiQH%2FQ46Lld0"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 75026f99eebedd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Instagram.svg
vsim.ua/html/20min-page/web/img/sub_image/ 2 KB
1 KB 141ms
139ms Image
image/svg+xml 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Instagram.svg?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f42c410eba2c4dc22b4c39f686000a1a7093a01b84551a19ffc30b26c72a86a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 6020
etag: W/"5e4d36b2-884"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTgWjCJSg%2FEbL4CT2rfYB4s2xCdihNRluSWUznzCiF2U%2BVpyPootVQtbiB1qHTAed5g8vD7A%2FcFKRZqENZixcDGlybw7KtlsGLzzrJmdKFlI5%2BCPqLUX1ovwsljxWL60wZFDnVFB"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 75026f99eec1dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Email.svg
vsim.ua/html/20min-page/web/img/sub_image/ 3 KB
2 KB 141ms
140ms Image
image/svg+xml 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Email.svg?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eccd88565d076df2201301bafbec831407665672e90f547f4de6c0cf850be75a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 6020
etag: W/"5e4d36b2-aa0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xgDywPzGVU0LCiTKhmmq8H%2BgMtBsenWLRfIL0qRMvcoEDLCwtHCx4VEA8ytUQfPFnPmB7ejxHd2NavlHUvnYcsgbgy2tVumMUSv%2FREqnCfuDQwTZJxlNEkFU392aT6MDpOmwapq"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 75026f99eec2dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Telegram.svg
vsim.ua/html/20min-page/web/img/sub_image/ 2 KB
1 KB 141ms
140ms Image
image/svg+xml 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Telegram.svg?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f303a0de1cfe53713218d7f8b6d58cb3a85e0946f81cf0e4b79d1ce76e3a97b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 6020
etag: W/"5e4d36b2-7c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWigx3cL8Fe16o46ZoQRNSPnM%2FFOpleOtSKC50wwxQ6OO6A8XGcYkp%2BzkjX4cRn7hvvvvcFdIFfILidOq3BI47mcuZ7n2f4dKWc5899Y%2Fh36DD5XyWsvfcZeuT4vU4c37Pgam3xC"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 75026f99eec3dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Viber.svg
vsim.ua/html/20min-page/web/img/sub_image/ 4 KB
2 KB 141ms
141ms Image
image/svg+xml 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/Viber.svg?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91c51f424031f6d025726982227527bc60cdc06c4bbe948cda46c66c54c2a695

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 6020
etag: W/"5e4d36b2-1132"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPueuk7gFVQEQ%2FJ%2FNfcAoHw3Tcy4xdzO4N4Lx%2F5kcqDxVXcM2Ad2PDqPtxfOITcs%2FBaC7ZoVjLEW%2FWSJb5%2FHWlbcAGvAGdq1sAKlFHTd5bNIIl2KgrqrMeC6U7D0lMv0hhT4Q9W6"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 75026f99eec4dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 GN.svg
vsim.ua/html/20min-page/web/img/sub_image/ 5 KB
3 KB 142ms
141ms Image
image/svg+xml 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/sub_image/GN.svg?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34b32035c62caeb6ba158476cdc55287421596f7db6cfc52ca84d7a7bede75aa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
age: 6020
etag: W/"5e4d36b2-145a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVLBhcSiZOiO%2BP0kz3p5R6Fv2eIW1Sb6sIwFFL8RpZcu7TT0g1esGe%2BWmnCRHNH%2BiECC6AILLPagSkkarrY0tICHlBaWTp%2Fy6H3zTxeKoa4Z%2F0wVcAKPV9CaNyEa4rnTQvRV5iRi"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 75026f99eec5dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 email-decode.min.js Show response
vsim.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 142ms
142ms Script
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsim.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Sep 2022 17:11:54 GMT
server: cloudflare
etag: W/"632b45da-4d7"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FCaSoX5b2T2nj%2BR8ozyvBL4UhR2zv9rYD9QBFHQbxYLaMVXK5mAfw%2FSysWLzurxgCnmJELtzJBO4gJapfuIS9o49%2Fe62pgJMSjLUXRCZZUhajkoBHJEfTHSGOiCY9Ce3hJMqy0A"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 75026f99eec6dd80-LHR
vary: Accept-Encoding
expires: Tue, 27 Sep 2022 08:37:06 GMT

GET
H3 200 rocket-loader.min.js Show response
vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 140ms
140ms Script
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Sep 2022 17:11:54 GMT
server: cloudflare
etag: W/"632b45da-302c"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsu0vR3sBWV1gthMHKXGqjeb7DFTpq%2BxDCA5fu1J%2FK8PZvINAkUgh0z9m54Gg5uC%2FVK%2FLW3bPnuMKIvxisGQw3AZT8g2Uguoo9oQLvHJDaPhDKv8TZKPM4duW7RUxnIX2mLpZwZO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 75026f99eecadd80-LHR
vary: Accept-Encoding
expires: Tue, 27 Sep 2022 08:37:06 GMT

GET
H3 200 viber-f.svg
vsim.ua/bundles/twentyminutuamain/img/ 3 KB
2 KB 226ms
225ms Image
image/svg+xml 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/viber-f.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?eed6a3e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e51999eebc0b9e4ac7b5387bf86f7c05970eb7b77df960003955d399e232c5c1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?eed6a3e0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
etag: W/"5e4d36b1-bff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZq4fo2rCvQS6rP2tS6Yg%2BB9OZqm9sVFCmq6TSe6jUaOexDYAN4ASEc3cVBwvhxs6NVXIFMHHZh0392BHIYpZTHXKyx%2FRueQTpVe2l8b4snhoGbE7EtP9j3dL6bZLdBeYRKGdD8j"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 75026f9a3f3add80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 g_n_icon.svg
vsim.ua/bundles/twentyminutuamain/img/ 1 KB
1 KB 250ms
250ms Image
image/svg+xml 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/g_n_icon.svg
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?eed6a3e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e98501745c1500c02ede59eb329ac24f220509633741250b371199ecc9020ea8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?eed6a3e0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
etag: W/"5e4d36b1-478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FrH67Gj5xeQ6UAdK%2FYioYgnzzpJMboeOfQnANvkaTMR0dZxuoDxUwYyzaflGgsWM9MePOdI5hmGI%2Fwuf%2F8dsv%2BjB0zuGFa45LvpCeGGk72sKjRB7NlYQKZV4JZ3KYlbIvzSEUvRc"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 75026f9a3f3ddd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 telegram-f.png
vsim.ua/bundles/twentyminutuamain/img/ 548 B
1 KB 259ms
258ms Image
image/png 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/telegram-f.png
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?eed6a3e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa058ce5fd598607573ff9194857267322682a83b3547840b211bce2ef4bd5c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?eed6a3e0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
etag: "5e4d36b1-224"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyLtTQ3aWE86TUydOos8zEK7Q28idXaQ1VmtBDoY%2ByvJP9U7dfEHxU6gKOUBdKx4gAlePAh7Bqah4cwCx38tPutn3cUlu5i6z%2B2eol3%2Fry63fuCEipYWUb%2BgR%2BDPY%2B672wsebfd3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 75026f9a3f3fdd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 548
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fontawesome-webfont.woff2
vsim.ua/bundles/twentyminutuamain/fonts/ 70 KB
71 KB 97ms
97ms Font
font/woff2 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/bundles/twentyminutuamain/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?eed6a3e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://vsim.ua/css/3831ad9.css?eed6a3e0
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2084199
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71896
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
etag: "5e4d36b1-118d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LuV9ZCLr8pjQb8oGZXtK1wqdj5hUZTe9GTbUqYgPknkyAHKZ25iHn8Xqb7sQS1fRF0GJ%2Fv%2FXu09uGIMP5bYV69Me53KOfA%2Bc1SzSDLhjcJYDHVSkrpt33oEu59NeAHp1JOfGwrzj"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75026f9a3f49dd80-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 MaterialIcons-Regular.woff2
vsim.ua/bundles/twentyminutuamain/fonts/ 43 KB
44 KB 108ms
108ms Font
font/woff2 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/bundles/twentyminutuamain/fonts/MaterialIcons-Regular.woff2
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?eed6a3e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726

Request headers

Referer: https://vsim.ua/css/3831ad9.css?eed6a3e0
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2084199
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44300
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
etag: "5e4d36b1-ad0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IK1ri1ZIdrixY7ShEmjKHZCOZcO3V85iie6J38bu4rDClK1KnW%2BYhCfy1%2FVU8c%2FHvoWISwmpNwTlZ%2FZjMYBxMLwQSuLIkIPawTLto%2BNBgG%2Bc14XleBjZ9vDxMUK8bWTA2jQIWQcQ"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75026f9a4f51dd80-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET aGeq.js
leokross.com/vAW/ 0
0

GET
H3 200 0728b5d.js Show response
vsim.ua/js/ 879 KB
246 KB 59ms
59ms Script
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/js/0728b5d.js?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca2da4362115518ffdfe27c6fa107bc239a879f36ff3e6bd5db0db5c4917c079

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 148403
cf-polished: origSize=900210
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 23 Sep 2022 15:06:35 GMT
server: cloudflare
etag: W/"632dcb7b-dbc72"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1e%2FfI4x6YIYguwOZ2ur1tWnm5cXSi%2Bs5Bk0Pfv36tgUjojxmE5v5QvQqCm6eFxh%2BU%2Bm4V2MajvCbJnGsDcDNuM0tjR6uTMisrTAGu5GFDLUIHio%2Bt9nuNIEaGu3S8f2hZEjTj5ZW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 75026f9b18cfdd80-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

imask.js Show response
unpkg.com/imask@6.4.3/dist/
Redirect Chain

https://unpkg.com/imask
https://unpkg.com/imask@6.4.3
https://unpkg.com/imask@6.4.3/dist/imask.js

135 KB
28 KB

43ms
43ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/imask@6.4.3/dist/imask.js

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a4c2ecf677f70d4d9d1b3ef31558bb18a0bee17b8f1f38ce5ca65f8871118ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 485036
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"21ac7-KqSYXxY+9Y5mzCD11c6bKZsRmN0"
fly-request-id: 01GDBE3T5KXHH1J5S32QW759N7-lhr
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75026f9c0ee5dd81-LHR

Redirect headers

date: Sun, 25 Sep 2022 08:37:06 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GDBE3T2ZK5XJTY8KC0ZXMHEH-lhr
server: cloudflare
age: 485037
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /imask@6.4.3/dist/imask.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 75026f9bce99dd81-LHR
access-control-allow-origin: *

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 172ms
57ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6242fa366e970762eb4d706dc116e9c1ba361781c527a4c0efcec694624c83ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://vsim.ua/
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: IJK6c5Ctz45IOlbIqQVCww==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 0B9VlNH41JrRij6tTUloFw6g5v5y1F4NkA3EIYW2M+FhIGaqWMtam0P/pYwtIbfQa1+rHS05w7x33wIT+6e6uw==
x-fb-trip-id: 720026100
x-fb-content-md5: 57d8fd9dcdabceaa81f2dc235252f02b
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 25 Sep 2022 08:37:06 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "acc13c9409a9d81e25f3a6807e01e110"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 25 Sep 2022 08:43:51 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 186 KB
74 KB 173ms
70ms Script
application/javascript 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4ed244f14205a6a842b6079ca5fdd2ee68c836ea76d92ef9bde52ffcfdc305f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hJe9otYoSWZR-UYxg_nt-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-hJe9otYoSWZR-UYxg_nt-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sun, 25 Sep 2022 08:37:06 GMT

GET
H3 200 ed8d0db.js Show response
vsim.ua/js/ 95 KB
34 KB 47ms
46ms Script
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/js/ed8d0db.js?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc9c2a692b2e51f7452889365de85134341d53f8d36539cdaef3a8277db2edd1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 148403
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 23 Sep 2022 15:06:47 GMT
server: cloudflare
etag: W/"632dcb87-17b3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sMM2u8yIwjpDHu1552BiUibZrMXWmffPrVSSNKs9kYn1ZDG5EssUayApj%2BWlnbb51SK1ph9NB6msDhCMyKYoAmz9dJljIDRbFf1vrnzs1eBDdwNN7ruwAPArUJ2auswz9IZLXel"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 75026f9b18d4dd80-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/ 64 KB
18 KB 122ms
58ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: ae45377af9d89238bdd28995edb79dc857c596ee256268874c5478e020807211

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 11:41:55 GMT
server: nginx
etag: W/"6321be03-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 14 Sep 2022 11:46:21 GMT
cache-control: max-age=10
x-proxy-cache: REVALIDATED

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 104 KB
41 KB 139ms
49ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-NWSHLFG

Requested by

Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d69bfe8ee79f9288bafffdd55e8d5260907e85cdbff714928b4e1d8daa6a2ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41510
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Sep 2022 08:37:06 GMT

GET
H3 200 invisible.js Show response
vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 606F 38 KB
14 KB 36ms
36ms Script
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1664092800
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3282ed9387a9f8eefde74c704cad9627d505be40b2b2e71c7517e00f4e5e46ef

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsiQaYmaiYGTQjEre94M9KtyfJTXnKgK%2Fe479dDPCncS%2FjWLLoggkUhBXmvJEB6Er8I5zWrYTN8DtSSWBODkEOiktAtdz5gx8Q8RIQI%2FkztIlLzwVTTBof1DFwrxEACLtzpwvYon"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75026f9b18d7dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/ Frame 606F 18 KB
7 KB 44ms
44ms Other
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 514e6a53831907b552aa2654592ded59a3a07523e688c6c214020236566d88fa

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NrqvzmZgcRcAXCv%2FB%2Fndj2BjZu3TtZr%2Br3WFKdIRKnBQMup1byZjfVfEFW%2Bc7knOqYLmOphEgxrDCOFSh5Vrj0JQUHqGoLVIpYImgbHus70Uj6tYkA0xBHVo9qxgw4mL8y9eCRxT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75026f9b593cdd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 fc40332.css
vsim.ua/css/ Frame C69D 177 KB
31 KB 40ms
39ms Stylesheet
text/css 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/css/fc40332.css?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/site_login/iframe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3151eb02230f6f505658b2df91cb14159810f9e4a083ce21920b76297a7989

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/site_login/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 148953
cf-polished: origSize=181636
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 23 Sep 2022 15:05:01 GMT
server: cloudflare
etag: W/"632dcb1d-2c584"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IcSbLNB6%2BnwQpPneshkbKKMUncMSueo6wgL8gGi%2B5ZkzsRMzFX4Zq8O1Vq8JSOT%2FWW67UWFW7Ghfu8hdHoBJtYhThJuA1ntc5RJBsOCbBrDWt8egvQaFKUGrWILZu77J94MxXBP3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 75026f9ba99bdd80-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 rocket-loader.min.js Show response
vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame C69D 12 KB
4 KB 32ms
31ms Script
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/site_login/iframe

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/site_login/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Sep 2022 17:11:54 GMT
server: cloudflare
etag: W/"632b45da-302c"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZD971llRt%2FEQz5a7V2amTgbUARX3UOpeFTVjUQeZFZrM%2F%2Fqj2Dj1e1JA55lG01tj8XtdfiC%2BjWBxFso5d6THAedm%2BFMvSuX1QQy8QnQbo%2BRhIfdzLQfQKmX%2FWGU5WuFujIrfOlU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 75026f9ba99cdd80-LHR
vary: Accept-Encoding
expires: Tue, 27 Sep 2022 08:37:06 GMT

GET
H3 200 dba7e9c.js Show response
vsim.ua/js/ Frame C69D 246 KB
73 KB 50ms
49ms Script
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/js/dba7e9c.js?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbd991c12551f95524a9ca44db10706d942e698b9ef56d6111fe568c5cf193ef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/site_login/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 148951
cf-polished: origSize=251457
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 23 Sep 2022 15:05:08 GMT
server: cloudflare
etag: W/"632dcb24-3d641"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zY2XybnPXsvo%2FwtFtLJuEepDIItCRuSJIeCX6BbF99axYOV%2BpwGKmqfMIhrBCS3UkI%2BTjLFgAKG2zRskXgE2J75U5TmkfhTLw3%2FatOfl9a94FNQOTbXfqKuFJ3Ig2VqY5EZnxsB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 75026f9c0a65dd80-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 invisible.js Show response
vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 8B6B 43 KB
15 KB 48ms
47ms Script
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1664092800
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c8e0c0cb289c706c0fc0d1f444e5440650c68f89b3bac77b031013cd9376d0f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnkJcoC2HBImiVJgAopw7NdnyPv6%2FBBoM8nKjtcrfUAj2yC8yOSMQ5iUl6Ka5W76466%2BWAKBBru1O%2Fn9uVPEqMFUI%2F5jZvurW1Ny%2FlR0mb1GIuY%2FyNr%2FoPL75vrV8qDrKbqhpzBa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75026f9c0a69dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hb_306660_6693.js Show response
player.adtelligent.com/prebidlink/462248/ 365 KB
112 KB 169ms
67ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/462248/hb_306660_6693.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4794ee8f55c96958afc723aeb58936bf215622bd8f2c61ea8a3f842737ae2224

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 10:42:47 GMT
server: nginx
etag: W/"632d8da7-5b271"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 27 Sep 2022 08:37:06 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 254ms
125ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da80d5d67e564e0aae877774fdfc2f5c921f2f1704be1267513ca165728130aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27831
x-xss-protection: 0
server: sffe
etag: "1344 / 954 of 1000 / last-modified: 1663970755"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 25 Sep 2022 08:37:06 GMT

GET
H2 200 wrapper_hb_306660_6693.js Show response
player.adtelligent.com/prebidlink/462248/ 2 KB
1 KB 218ms
116ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/462248/wrapper_hb_306660_6693.js
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b3d15910ea85878148af2fc4043f938a1237e7ea33a5daa6e78e877b0f2f0fd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 16:47:32 GMT
server: nginx
etag: W/"632de324-6e3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 27 Sep 2022 08:37:06 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 5 KB
1 KB 106ms
49ms Fetch
application/json 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=d9345397765ace7e36f5036f718db82e
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: bb81a3f6452967a392101c3127a76d8b5f22cafd70f8baa1046cc753aa5a0824

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
x-correlation-id: d5996a6525a1406b8bb422fab9848b3e
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
content-encoding: gzip
x-proxy-cache: MISS

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 4868
date: Sun, 25 Sep 2022 07:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Sun, 25 Sep 2022 09:15:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 138 KB
50 KB 145ms
56ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TST74WS

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3fe9fc2373b0e671dce8c4c814b41c9fbc25afde91400595d0514027bd26619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50251
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Sep 2022 08:37:06 GMT

GET
H3 200 remplib.js Show response
vsim.ua/bundles/twentyminutuapaywall/js/ 93 KB
32 KB 46ms
45ms Script
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/bundles/twentyminutuapaywall/js/remplib.js?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30015300955352764840758227634ade8cc98299ccadc46cf9f3f6681385a756

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 148402
cf-polished: origSize=197222
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 10 Sep 2021 08:36:22 GMT
server: cloudflare
etag: W/"613b1906-30266"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0MsAgSZ71RVbcgJ3UW1DmpcaUUr%2Ffmu91zJRLX2CJO6ZCgaszyu%2BqktbXVpNXQHiJWmhtGtCuDcmW4%2BuPuv7OWu93dhcDxgBwwZWVOhg5tahZD1e5DRJr4r7%2FNVu4vk5kC0OGwH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 75026f9c6af2dd80-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
26 KB 105ms
51ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-xss-protection: 0
pragma: public
x-fb-debug: 39cYSLgP+Jokgwb9m+KChBUURKVwthqNDTZ47ts5MwFX3AO3iYR/jb7vKHp/2XmG4ybuFWvUj9yafdTMfaAf2Q==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 25 Sep 2022 08:37:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 185 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a62693b523955f6ddca2965c2e8be1a7bcb1d41e6e98f6834abf23f0090bed6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 75026f955f75888f Show response
vsim.ua/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 606F 2 B
642 B 66ms
66ms XHR
text/plain 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/cv/result/75026f955f75888f
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1664092800
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iF3fWRT78e0VyIa9kd6h%2BT2qvqQslIn%2FK5s9ld%2FCJvvniCYi3qmZApfd3q0S1M%2BVCOhQVX8i9KvZoBDm9KX55stSqv08AOmaRcwCVjxETc4Zt5eq9v7VvUpQ5AIZoq5GikezUuDq"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 75026f9dccafdd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 invisible.js Show response
vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 606F 38 KB
14 KB 37ms
37ms Script
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1664092800
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bb89fcee3206612e53b94fccbbe6b7acf8d5ddef60943f2757d401b4d336289

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbbSX0OKHUQlI%2BPDrUXKwZUnV1Z3%2BzPJu%2BtLpQpcvooKK%2F6SpYF4ExxCtnosjOkTx3Vfb9r8vISZmt9aT7GksywKw60zRR%2FQboLKxVt3E29YSsLRN%2BKsR4rZWwn%2BBepsEke6a2tM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75026f9dccc4dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
793 B 36ms
36ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/js/ed8d0db.js?eed6a3e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2084201
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 285
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
etag: "5e4d36b2-11d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjqHY4Ys30Q6FrQSjcekwc%2FXokFZ%2BJSJwPqaDb%2BcFajHDrd%2Fj1u%2F6sOKHaHaZ77KZDnXgDl4g8ax9fyPtB%2Bya7vmnDGaborjtZEgawEpU51u4WXNH77roceXp0dYh8OuKpemr0g0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75026f9dfcf7dd80-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bg-img--small.jpg
vsim.ua/bundles/twentyminutuamain/img/ 5 KB
6 KB 44ms
43ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/bundles/twentyminutuamain/img/bg-img--small.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/css/3831ad9.css?eed6a3e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc36c65f1dc213532add7eda26bfcf948894764eb17f1ef9c7ca14a296d3534c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/css/3831ad9.css?eed6a3e0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 225945
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5504
last-modified: Wed, 19 Feb 2020 13:22:57 GMT
server: cloudflare
etag: "5e4d36b1-1580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y13z%2BV5mdFuwBroGJgRzSk8LNL5%2FrTF2P3l%2BAEQpExx76iDrMoY5yXeeVwHz8rvhQfBeCxKi56nHB7VuyLNZuSQR2XPZg5yM%2BOoKci3OCjMKUnxCghrIiOb%2BSYKDl821LH3%2FqcwN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75026f9e5dafdd80-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
794 B 47ms
46ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg?eed6a3e0
Requested by: Host: vsim.ua
URL: https://vsim.ua/js/ed8d0db.js?eed6a3e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 148403
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 285
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
etag: "5e4d36b2-11d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgjYBoH3eO7hMloMthJCmMzbncVnIa6PrMT7VB%2B3YEndu%2F8jqdTgSlnjtTYApapLvi5Q%2FMAdPX8zHuTvb8sWclYEge8NvHLE8Sfrh%2B83r2T%2BFQRWRpAjTH%2BitybOYLrmRunHUVuo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75026f9e6dd8dd80-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 check Show response
vsim.ua/site_login/login/ 20 B
470 B 101ms
101ms XHR
application/json 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/site_login/login/check
Requested by: Host: vsim.ua
URL: https://vsim.ua/js/ed8d0db.js?eed6a3e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9976a53c60fa10eebb92eb813e79d085205a151a4c7cf2c11d715cc3fcabc5d9

Request headers

Accept: */*
Referer: https://vsim.ua/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-dev: Desktop
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JdWB68mCeAJYwHvCgRdlgYqwRIYgxiMG0ojrtd49hRHjxmRgdA0qfFQf3fNM9%2BBnCk3VAUfOEunzSnhsdl%2BSjauqn78kKlp5eeHOXSzwUGfcOjfNJvi03Gk6lX1W0ah7Ze2W7pC"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private
x-cache: BYPASS
cf-ray: 75026f9f0ee2dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-stat: 1

GET
H3 200 invisible.js Show response
vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 8B6B 36 KB
14 KB 45ms
45ms Script
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1664092800
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8ff86cac8a1151ce5aa4f85eb9481dc5bf7d16ed2df9b20c4b50aeecd7ef119

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dJ8%2BbsxYr1p13aZyKPk4VAkMOI0jWADNlw2Z0r8YHzIVHISKxTEmyky1iUy9%2BRsNnfzsE%2FzA1XPJgwTO%2Fal3hg463reTSghrZ5uZQzZhmlncQn%2FH4d%2BZneTl%2F4PdtvtCTQeky7Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75026f9f4f49dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 2292510e9245b0b646a3cac53f4f279eb3338a82.webp
vsim.ua/img/cache/news_rtp_large/news/0029/03/ 43 KB
44 KB 39ms
38ms Image
image/webp 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0029/03/2292510e9245b0b646a3cac53f4f279eb3338a82.webp?hash=2022-09-24-12-27-43
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a47331ddd26cd46d60cb09d45fd9c4a272d2bea45d15e91be47605f24ac4b23c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
cf-cache-status: HIT
last-modified: Sat, 24 Sep 2022 10:14:35 GMT
server: cloudflare
age: 664
etag: "632ed88b-adec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jOrPHCkCst9pRwV6fZHTJg8pocl4663QK%2FmcQAN%2FHIYFBvjkBNEMV1%2B83jzvQ3BwIizcTSUQpYkvTHSslUkv2vHyXhGzd8o%2FxI14MM%2FoGAwjkhVlGyan5Qa10og7BOCAoiwpe17G"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 75026f9f6f62dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44524

GET
H3 200 fded61fe52238d62608f95a7d2253448ef47403d.webp
vsim.ua/img/cache/news_rtp_large/news/0029/04/ 37 KB
38 KB 275ms
273ms Image
image/webp 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0029/04/fded61fe52238d62608f95a7d2253448ef47403d.webp?hash=2022-09-25-09-51-51
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a519fd9ae7df4e17ceaea044096fe29df10b7158f41dc5e20b57e617372f318b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
cf-cache-status: MISS
last-modified: Sun, 25 Sep 2022 06:55:27 GMT
server: cloudflare
etag: "632ffb5f-9596"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzcE8aYh3jKE1GYpwhJZ0QCH7fapqtvWJpsCzqS1uWDqhwM8sVSvcis3MGz0%2Bx031yZUco2FKjlFJRXBxdL8G4xgiZQ31ntOnHwmatbdd1FIIOXxMPpzMHjO3kKr8rzcAhgcjPdx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 75026f9f6f6cdd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38294

GET
H3 200 2791334-fotokonkurs-tse-moe-misto-nadsilayte-svitlini-ta-otrimayte-podarunki.jpeg
vsim.ua/img/cache/competition_photos_rtp_small/competition_photos/0028/92/ 67 KB
67 KB 303ms
301ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/competition_photos_rtp_small/competition_photos/0028/92/2791334-fotokonkurs-tse-moe-misto-nadsilayte-svitlini-ta-otrimayte-podarunki.jpeg?hash=2022-09-13-16-16-17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e39e41d9862cec7b5777e7a1ea5310856b3451f5569155f25c6ebeea372b4353

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
cf-cache-status: MISS
last-modified: Tue, 13 Sep 2022 13:16:17 GMT
server: cloudflare
etag: "632082a1-10a3c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=So7YUQ2VipmtTms6w8wGmHMv9on%2FjM%2FukHO2FCk%2Fcez0LMuAqH6KfJSIeFO5oseEM1RWMzVsU7r0bScVcfXymwp7DEe1Nk3K00VQTEIVKX8%2FVdtLZJmw0GSMkwq3fhdgcyt%2B9oFq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 75026f9f6f6ddd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68156

GET
H3 200 4a84a97403142f20122572eebb7018265fcea9ee.webp
vsim.ua/img/cache/news_rtp_small/news/0029/04/ 26 KB
27 KB 291ms
289ms Image
image/webp 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0029/04/4a84a97403142f20122572eebb7018265fcea9ee.webp?hash=2022-09-25-10-57-47
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baf6990d122f4438735a3b53c7a639fd3b4fbac42d4a5077e41beb6f27f4f47c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
cf-cache-status: MISS
last-modified: Sun, 25 Sep 2022 08:15:52 GMT
server: cloudflare
etag: "63300e38-68b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFNYsvVpmU%2BstOml57bS3iBe7bHbhfRZwk8%2B2zJDFJVvNMHhLxBzc4zfJ%2B4e2TwPvwHv8VItDXkmke7G%2FFPfyj0BlkHN4j3Iuk654Dp%2FahUI7UxUJdsMfK%2BbVyRY%2FrP6vu%2BINhCe"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 75026f9f6f6fdd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26808

GET
H3 200 5f6a2871d1b502ba044da5a9027e263bea035f4d.webp
vsim.ua/img/cache/news_rtp_small/news/0029/03/ 27 KB
28 KB 272ms
270ms Image
image/webp 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0029/03/5f6a2871d1b502ba044da5a9027e263bea035f4d.webp?hash=2022-09-24-16-57-39
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e5bb2f9ff71b743a5bcfe7da0868b078b92ec1fd5125777bc5bd8eadea52d87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
cf-cache-status: MISS
last-modified: Sun, 25 Sep 2022 08:06:49 GMT
server: cloudflare
etag: "63300c19-6da4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bz%2F%2B5O22gJ1lyRmPD8nMvFDC56UMBo6Elj1o%2BdKAf3yZ9Dw4NtJeSg4L2BQnzXByCsyTwLgf3BqzU26eZkPyqeoHScD%2FJyuduVsG4VcoHboJYyX0un9NBkTKHgOBSHkkueAFUacX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 75026f9f6f70dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28068

GET
H3 200 be542357882b46f67f628ddb7e474009c97e3f18.webp
vsim.ua/img/cache/news_rtp_small/news/0029/04/ 29 KB
29 KB 259ms
257ms Image
image/webp 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0029/04/be542357882b46f67f628ddb7e474009c97e3f18.webp?hash=2022-09-24-18-55-50
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c47aba0fbc165e39d0f97097142fc943c05de5c566a596cd454e5978ed8f1e51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
cf-cache-status: MISS
last-modified: Sun, 25 Sep 2022 08:06:50 GMT
server: cloudflare
etag: "63300c1a-73fe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfbVOFFKfvmo3B1YM6%2B999sYowfQvvZPGiPNrUsshIXsfKXf%2FozXzyWE%2F7gZfmSo4vizXOILl85D5kgMlBga6MJ%2BUleKC44mei5Flv1q3bKqMjewbM7t1Dbkk3EuPfZYSvF1AB66"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 75026f9f6f71dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29694

GET
H3 200 6b1c8b847c3925d58a5bec6a7914b19dd87e299c.webp
vsim.ua/img/cache/news_rtp_small/news/0029/03/ 31 KB
32 KB 284ms
282ms Image
image/webp 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0029/03/6b1c8b847c3925d58a5bec6a7914b19dd87e299c.webp?hash=2022-09-24-17-19-57
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf2e3d328bbdd313442dbefd32d519b6f086117c8d04d01c6fb58f9743e96112

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
cf-cache-status: MISS
last-modified: Sun, 25 Sep 2022 06:55:28 GMT
server: cloudflare
etag: "632ffb60-7c8a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mnzpJZpAGmSP2ukwTkLxIpCtqOoH7KJzo8A8anOQ74WlnrYlOLTUmbWruXLBD0jQ0KbBT2PSWZWm3PBauwDY6tHwgaPEKJVI5JCW422kkSyznANY7GV%2Bs4FndYpMGiGj0ZTYAcnj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 75026f9f6f72dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31882

GET
H3 200 893fe3f61906b406d235e1944a0b4ab555206516.webp
vsim.ua/img/cache/news_rtp_small/news/0029/03/ 14 KB
14 KB 269ms
267ms Image
image/webp 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0029/03/893fe3f61906b406d235e1944a0b4ab555206516.webp?hash=2022-09-24-17-55-28
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 812488d5f91106f21a34962cb6a4fc3c54ca9ecb68e888c60b04036014052387

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 15:23:14 GMT
server: cloudflare
etag: "632f20e2-3786"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4t%2B5s1d5wrMD5P4rWEXVk2NTzbKAJmKcTTxFQqOpnIu7fGI5fk0F8L1m2CPFro%2FBfAt2nALO4JkKrqQnjbm4Yevr3vhWLVwkNNtQaWV6%2BJRhAQ%2Bm5OMZcAIpUlr%2BdJBaYA6xO7hb"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 75026f9f6f74dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14214

GET
H3 200 0ab0c43e2c53d679c53a63e5e1f7c0bae2dfbe35.webp
vsim.ua/img/cache/news_rtp_small/news/0029/04/ 29 KB
29 KB 287ms
286ms Image
image/webp 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0029/04/0ab0c43e2c53d679c53a63e5e1f7c0bae2dfbe35.webp?hash=2022-09-24-19-49-29
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c0dc7a4b417c19ceca84024a95040c8f9157960405ffd09494f458bfb0eba43

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 16:53:06 GMT
server: cloudflare
etag: "632f35f2-72ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3xr3yIn86I2Kcx7uqUH4XGieiLeMxPLwgf9DYY9NpktDS1Z3RDf05z9jmr9gCvWZVJYrQ9AB9r6sAb9h95pZP0P1znBqi0TZrKVvgIhMRt7eLzf7YJehqCtKQtHy1v%2BjbZVkbIN"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 75026f9f6f75dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29386

GET
H3 200 2d8c24e929a919e330a2f4fc96e3decafa478e87.webp
vsim.ua/img/cache/news_rtp_small/news/0029/02/ 23 KB
23 KB 298ms
297ms Image
image/webp 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_small/news/0029/02/2d8c24e929a919e330a2f4fc96e3decafa478e87.webp?hash=2022-09-23-12-43-01
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ff6207bce1f7c4f45398e9266beeba966f3837dc0b41abc36feeb1dd43cc680

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 10:14:40 GMT
server: cloudflare
etag: "632ed890-5aea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OOJVgbrdvMYiy2WOJnroI84JnIvpsb677n8U0qMzi2EWnDxHa2or9qcMzRoemrNSKCJhjIT%2F5jtxzdtIblmCEgc3veiymlQRuszp0m3nQSJ%2FHN3K%2Fjm%2Be7j0RaTGIJjsPFIhPQi"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 75026f9f6f76dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23274

GET
H3 200 2802013-dyakuemo-za-takogo-sina-hmelnichani-proschalis-z-22-richnim-oleksandrom-borbutskim.jpeg
vsim.ua/img/cache/news_rtp_large/news/0029/03/ 13 KB
14 KB 300ms
298ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0029/03/2802013-dyakuemo-za-takogo-sina-hmelnichani-proschalis-z-22-richnim-oleksandrom-borbutskim.jpeg?hash=2022-09-23-15-33-09
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e8a02b1b1759a6eb16615705ca8f1e754ec98f4e73c3d2d9b5e7d9027522d21

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
cf-cache-status: MISS
last-modified: Fri, 23 Sep 2022 12:33:52 GMT
server: cloudflare
etag: "632da7b0-34a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKMxmcFATtmofbPrPeMn1iYD8AF%2BUdIfy5tRpsnpuyaNMPUeCFsRnbYJ%2Bj99cr9U750%2BkC6CeyrkKRCC5lDxGjtb43rNNuqPdJkza2E7uUIo3UHc7ucBHloIy2Un9LlSFyiMv%2FZT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 75026f9f6f77dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13477

GET
H3 200 2801787-hmelnichchina-v-zhalobi-zaginuv-voyin-daniyil-bratanich.jpeg
vsim.ua/img/cache/news_rtp_large/news/0029/02/ 16 KB
16 KB 297ms
296ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/img/cache/news_rtp_large/news/0029/02/2801787-hmelnichchina-v-zhalobi-zaginuv-voyin-daniyil-bratanich.jpeg?hash=2022-09-23-13-22-22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43232c97233f24fc246e2f80fe271132aaed1bb5094e9fcb0cd7193159f098cc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
cf-cache-status: MISS
last-modified: Fri, 23 Sep 2022 16:59:46 GMT
server: cloudflare
etag: "632de602-3e7d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fR2TTZpxTR83aLD%2B8BNAHHTMY3XHoFNGoTt730QXENRyaAOJzleDe4S0uTM%2BH8ifxpA0YHmKUxKT3pW9EcbQ7szgpcclZB4zzI9s5qcXTnE%2BoheEwN7gId8la%2FIaeiF%2BfBX8bI0U"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 75026f9f6f78dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15997

GET
H3 200 style
accounts.google.com/gsi/ 533 B
328 B 140ms
55ms Stylesheet
text/css 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OyRaxbzMe4WdOt6pEdpBXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-OyRaxbzMe4WdOt6pEdpBXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sun, 25 Sep 2022 08:37:07 GMT

GET
H3 200 status Show response
accounts.google.com/gsi/ 40 B
94 B 177ms
96ms XHR
application/json 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=218226485810-uqk03eati6qp5glmb6e91f2u24152enh.apps.googleusercontent.com&as=d3eNelQKvBD3qhF%2BETS4Rw

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6db72c237bfc53e75b1428c680c24017fc569f5794837e9288fd8d740363a15a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jbMeU0MPQsGFrcsfUljxWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-jbMeU0MPQsGFrcsfUljxWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 319 KB
87 KB 133ms
64ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=3ef5eb50269c89eea1199d9008c77079

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2b742e2f0bbfdf4c4b4be399be1ccc596cc8d4f45d7a5f506fd949daa2707abd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://vsim.ua/
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 2ykP3W9OAiw+5l1fupEyvQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88955
x-fb-rlafr: 0
x-fb-debug: WPUatHRSZkt1FvyAJ58tu8LOlfJzrm/ZmCgM911l0yq+9EELDJjRj7KY32/3vaptoVxhxUbyaS5sJ0fEutXZtA==
x-fb-content-md5: 500398f7ddb80beb3719663051595d07
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 25 Sep 2022 08:37:07 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "abb98f6eca5f9cbf47864528691e42ad"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 25 Sep 2023 07:39:55 GMT

GET
H3 200 pica.js
vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/ Frame 8B6B 19 KB
7 KB 48ms
47ms Other
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dec9a71e91eb40afddb6eb31357f7b4d5701523a2b3bff0bb992e808ad467f8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjkrvT90HK6%2BnZr5ek5MAzyAo7X4U%2BI62Or0QjLN0GBq8gZ0uLlGkS%2F9n6rNmWow631e%2F3b6M%2B9wry40W1kex42a1x%2BGci5rehhcYnw2oh6z6g6gmWrob9rWvPgvPeJxWGt87sty"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75026f9f9fabdd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
id.gravitec.net/ Frame 6EC9 621 B
700 B 165ms
40ms Document
text/html 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://id.gravitec.net/
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=315360000 public
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 25 Sep 2022 08:37:07 GMT
etag: W/"5e9485b6-26d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 13 Apr 2020 15:31:02 GMT
pragma: public
server: CDN77-Turbo
x-77-cache: HIT
x-77-nzt: Abk73BB/gbf/bEF3Ag
x-77-nzt-ray: FAT+fKY4nuY
x-77-pop: frankfurtDE
x-accel-expires: @1938085063
x-age: 41369964
x-cache: HIT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 3 B
455 B 140ms
50ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://vsim.ua
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H3 200 506134916849111 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 505ms
505ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/506134916849111?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

623271e8c873fe29ec241ba7a856787aa39b9c91c7f166ebb2aa98e8a13c1446

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: g0tmvrV3NA5yj3pNINW1levWiG5fKMN+A1/2XOe7Iyn3zF1pbY6GksJXcFEz9kzGIw6XGUqOWCnFSCaQY5hbpw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 25 Sep 2022 08:37:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hbw_master_306660_6693.js Show response
player.adtelligent.com/prebidlink/x462248/ 182 KB
33 KB 37ms
37ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/x462248/hbw_master_306660_6693.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462248/wrapper_hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: d35d07a1d35e8378e2caa15ad04eaf3c29b2b2136437a983b06e52119fccbcf3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 16:47:32 GMT
server: nginx
etag: W/"632de324-2d833"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 27 Sep 2022 08:37:07 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H3 200 pubads_impl_2022092001.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 163ms
54ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 12:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74064
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131075
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 24 Sep 2023 12:02:43 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 104 B
115 B 189ms
79ms XHR
application/json 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ee58d63b466de0f67a216954ad930f8cfa99fcb23b97c3c27e9c714520d2fa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 08:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90
x-xss-protection: 0
expires: Sun, 25 Sep 2022 08:37:07 GMT

GET
H2 200 track.min.js Show response
cdn.gravitec.media/ 4 KB
2 KB 97ms
29ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.media/track.min.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
content-encoding: gzip
last-modified: Wed, 27 Nov 2019 14:51:46 GMT
server: nginx/1.18.0
etag: W/"5dde8d82-11d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 24 Dec 2022 08:37:07 GMT
cache-control: max-age=7776000
x-proxy-cache: HIT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
73 KB 142ms
57ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0CS1NTGGLB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TST74WS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72ce43cf7134f917bc3e69217aa4a76ebf2a258d6e3ec9816cccaa280d845f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74508
x-xss-protection: 0
expires: Sun, 25 Sep 2022 08:37:07 GMT

GET
H3 200 pica.js
vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/ Frame 606F 19 KB
7 KB 40ms
40ms Other
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed4c1680bc0bd84a88fa8ce7cd799b8941a8a28eb1de778b5254bf39d091a75e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2BHFFjYa7A%2Fdd3LOjmPT9L2QfUUY0gYrMV05BAGe0o9rqsbxFmP7RxFPaiGLBDt5DvpyBAS5nHXifiHRZtYmV4XHOWxG%2Bithvfk67o%2BplY242aGESSrmUGJFtBEgC2spAQDJxQNf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75026fa0086cdd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 152 B
415 B 457ms
118ms XHR
application/json 2a06:8640:454::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x462248/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 5fbcc4ff94d56fb37b33e838466308a145e902acc9640acbfc529e7fe88f3d34

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 25 Sep 2022 08:37:07 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 152

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
424 B 456ms
117ms XHR
image/gif 2a06:8640:454::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=306660&site_id=6693&pbjsv=v6.25.1-c&full_page_url=https%3A%2F%2Fvsim.ua%2F&adid=h37oqo.4b&features=81952&vpbv=N087&lifecycle_tte=1980
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x462248/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 25 Sep 2022 08:37:07 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H3 200 pica.js
vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/ Frame 8B6B 27 KB
9 KB 40ms
40ms Other
application/javascript 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07acae444a1054e7fa0031c294432332f630b3351b73b9010b3de594bc30e571

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lerMWVRxpkTm1wxnwA44qpDuP%2FudszLmPIRrNHrN336L1DEUgQxJz8vq2xIvO5rSLU707YKU13PCJOCKF9tgYes4KrLPsaBAH3Q3k07rGF1NsEx1pxTP0VMLne%2FHrglnMT1nPtUA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 75026fa02882dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 202 pageview Show response
tracker_beam.20minut.ua/track/ 0
135 B 85ms
85ms XHR
text/plain 31.41.216.82
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker_beam.20minut.ua/track/pageview
Requested by: Host: vsim.ua
URL: https://vsim.ua/bundles/twentyminutuapaywall/js/remplib.js?eed6a3e0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.82 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://vsim.ua
date: Sun, 25 Sep 2022 08:37:07 GMT
access-control-allow-credentials: false
server: nginx/1.16.1
content-length: 0
access-control-max-age: 3600

OPTIONS
H2 200 pageview
tracker_beam.20minut.ua/track/ Frame 0
0 272ms
85ms Preflight 31.41.216.82
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker_beam.20minut.ua/track/pageview
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.41.216.82 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: dedic.dc.besthosting.ua
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://vsim.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://vsim.ua
access-control-max-age: 3600
content-length: 0
date: Sun, 25 Sep 2022 08:37:07 GMT
server: nginx/1.16.1

GET
H2 201 track
api.gravitec.media/api/stats/ 0
0 124ms
38ms Fetch 35.214.184.209
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gravitec.media/api/stats/track?app_key=d9345397765ace7e36f5036f718db82e&user_id=74fb284b-2e22-439c-af9b-cc34ef4657dc&utmb=a81264a4-6458-4b34-81fd-fec36c9c96e9&path=https%3A%2F%2Fvsim.ua%2F&referrer=

Requested by

Host: cdn.gravitec.media
URL: https://cdn.gravitec.media/track.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.214.184.209 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

209.184.214.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:37:07 GMT
x-correlation-id: afa102cd458ccd0c14f89be39afa9fd4
x-content-type-options: nosniff
server: nginx
x-frame-options: DENY
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
expires: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 132ms
48ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=2034099657&t=pageview&_s=1&dl=https%3A%2F%2Fvsim.ua%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%81%D1%96%D0%BC%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A5%D0%BC%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D1%8C%D0%BA%D0%BE%D0%B3%D0%BE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAQCAC~&jid=529432100&gjid=1997630242&cid=1695379211.1664095027&tid=UA-43975937-2&_gid=2029171849.1664095027&_r=1&_slc=1&cd1=NotAuthorizedUser&z=111601681

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:37:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 75026f99eeb5dd80 Show response
vsim.ua/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 8B6B 2 B
648 B 50ms
49ms XHR
text/plain 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/cv/result/75026f99eeb5dd80
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1664092800
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmDMt07kTwTkT4i1rY8ZUCjA5au0LUM1j9RV9SsemWIswyGnLohBhzNTrM7nwALCNe4VfMq95jXHgxCMDz%2B%2FfS%2F%2BxZc3Ago%2Br4wO9B9CnKn6gjvCoeDfGVvMg0e%2FauYC9hwlRIDf"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 75026fa25b62dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 75026f955f75888f Show response
vsim.ua/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 606F 2 B
643 B 46ms
46ms XHR
text/plain 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/cv/result/75026f955f75888f
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1664092800
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 25 Sep 2022 08:37:07 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEvHsAR2pcwXzzR%2FHJyhsPrPCWtO90xb780hF5TWKa4CHLS%2BE3OumkpZz5Xw89tkFCbrbq1qDPf%2FdxzDER5h6%2BbSbWAR1Ku34FEKbyymuxJztd%2B%2F0Ne2O3wfR3EOOT2dNgIEmSjX"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 75026fa3edbbdd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 75026f99eeb5dd80 Show response
vsim.ua/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 8B6B 2 B
643 B 55ms
55ms XHR
text/plain 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/cv/result/75026f99eeb5dd80
Requested by: Host: vsim.ua
URL: https://vsim.ua/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1664092800
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 25 Sep 2022 08:37:08 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzAaOKeDH2TqVCOc49o05ZFvSlSUeTWuYeDE5sIQFvP1Jpt6j15LoMfeTmcMrtHHTHkcEQgDxH9GWxe1rUxLaYfY%2BJ%2Fj6M%2BHDSNHEzBpV16WnwjEoKk7%2Bhq%2FDZ63eaCz%2BxgizDT5"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 75026fa4ff45dd80-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
433 B 107ms
36ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-43975937-2&cid=1695379211.1664095027&jid=529432100&gjid=1997630242&_gid=2029171849.1664095027&_u=YEBAAEAAAAQCAC~&z=318565109

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 25 Sep 2022 08:37:08 GMT
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bg_img.jpg
vsim.ua/html/20min-page/web/img/ 285 B
789 B 37ms
37ms Image
image/jpeg 2606:4700:3035::ac43:d201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vsim.ua/html/20min-page/web/img/bg_img.jpg
Requested by: Host: vsim.ua
URL: https://vsim.ua/js/ed8d0db.js?eed6a3e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:d201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2084203
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 285
last-modified: Wed, 19 Feb 2020 13:22:58 GMT
server: cloudflare
etag: "5e4d36b2-11d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79exyxsoDi0K5vaXJpsBCPWklqDyU8BIQQyBSYakLf5G2lF8vae0Gr%2BN3x1VKrxMs2m14KQ99UmuBpgJVZEOJ5YcdfnDExG%2BnYvAfOjyImTlJ7y9vExrrWy2JTlXY50tA3fMp1w8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 75026fa4ff49dd80-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 183ms
60ms Image
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=178301089580185&ev=fb_page_view&dl=https%3A%2F%2Fvsim.ua%2F&rl=&if=false&ts=1664095028038&sw=1600&sh=1200&at=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sun, 25 Sep 2022 08:37:08 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
341 B 114ms
41ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-0CS1NTGGLB&gtm=2oe9l0&_p=2034099657&_gaz=1&cid=1695379211.1664095027&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664095028&sct=1&seg=0&dl=https%3A%2F%2Fvsim.ua%2F&dt=%D0%92%D1%81%D1%96%D0%BC%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A5%D0%BC%D0%B5%D0%BB%D1%8C%D0%BD%D0%B8%D1%86%D1%8C%D0%BA%D0%BE%D0%B3%D0%BE&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0CS1NTGGLB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:37:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 35ms
35ms Ping
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0CS1NTGGLB&cid=1695379211.1664095027&gtm=2oe9l0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0CS1NTGGLB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:37:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 170ms
81ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0CS1NTGGLB&cid=1695379211.1664095027&gtm=2oe9l0&aip=1&z=1566029342

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:37:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/306633/ 2 KB
1 KB 175ms
106ms XHR
application/json 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/306633/config.json?cb=https%3A%2F%2Fvsim.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462248/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9cd862ac8acb668c11f7d2f4aa7b7ae892aa8af0b64a59a17a89c7a2d5358253

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 25 Sep 2022 08:37:08 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 12:01:12 GMT
server: nginx
etag: W/"632da008-8ed"
content-type: application/json
access-control-allow-origin: https://vsim.ua
expires: Tue, 27 Sep 2022 08:37:08 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 login_button.php Show response
www.facebook.com/v12.0/plugins/ Frame 6787 31 KB
14 KB 336ms
285ms Document
text/html 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a787927f11b2c%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff38090e425b33e8%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=250

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=3ef5eb50269c89eea1199d9008c77079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90d7a5754121570b0b1507615f7ab998ffaee55cc09c8bc51d2fd7c1b302cea5

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-origin
date: Sun, 25 Sep 2022 08:37:08 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: Z1Xhr6hA++rn+Z5+OHqNP9atu9qjnblGdmqP0mc92Z+s5bfjFKKn714wpwwDZKMgkwOqk5osbZVDS6qDyqvH0A==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 205ms
75ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 08:37:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 140ms
50ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 08:37:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
12 KB 654ms
654ms XHR
text/plain 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1275083275348837&correlator=2501194170918870&eid=44761478%2C31067825%2C31068919&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&iu_parts=45035109%2Cvsim_main_(300x250)&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x400&ifi=1&adks=978356717&sfv=1-0-38&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1664095028130&lmt=1664095028&dlt=1664095026156&idt=1914&adxs=1092&adys=228&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvsim.ua%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=300&ga_vid=1695379211.1664095027&ga_sid=1664095028&ga_hid=2034099657&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a8d480b7d73186d7b9c6ffe5dde1ad7f2d272b07f7703a6a6961cbb773afbfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12190
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vsim.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 145ms
56ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91fd054ab51af4adc6c2d0e7d45176e5ad26a8523231cc3dc9328f1352ac46b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 08:37:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11119
x-xss-protection: 0

GET
H2 200 container.html Show response
d5199266011f08527e30864a2a64f8a5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7447 6 KB
4 KB 182ms
49ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d5199266011f08527e30864a2a64f8a5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 08:37:08 GMT
expires: Mon, 25 Sep 2023 08:37:08 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 57ms
57ms Image
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=506134916849111&ev=PageView&dl=https%3A%2F%2Fvsim.ua%2F&rl=&if=false&ts=1664095028166&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664095028165.1039484575&it=1664095027141&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sun, 25 Sep 2022 08:37:08 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
169 B 122ms
44ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462248/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Sun, 25 Sep 2022 08:37:08 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
54 B 204ms
65ms XHR
text/plain 198.47.127.22
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462248/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Sun, 25 Sep 2022 08:37:06 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
110 B 178ms
43ms XHR
text/plain 198.47.127.22
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462248/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Sun, 25 Sep 2022 08:37:08 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/vsim.ua/ROS?rnd=0.545904147662506&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%...
https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.545904147662506&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=ht...

551 B
961 B

37ms
37ms

XHR
application/json

185.172.90.252
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.545904147662506&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&gdpr=0&e_pubcid=d7db8ffe-4da1-4c01-b29f-0dd8525a78e3
Protocol: H2
Server: 185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 2dba54900b10d798dbd18a0d067b8256a3d3fa3597515cfb295cea1bda8c480f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:08 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://vsim.ua
expires: Sun, 25 Sep 2022 08:37:08 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 551
x-sid: AMS-929

Redirect headers

date: Sun, 25 Sep 2022 08:37:08 GMT
server: openresty
access-control-allow-origin: https://vsim.ua
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2e43c/1/vsim.ua/ROS?ct=1&r=pbjs&rnd=0.545904147662506&e=1200x250_0%3A1200x250%2C1200x400%2B1200x250_1%3A1200x250%2C1200x400%2B1200x250_2%3A1200x250%2C1200x400&ur=https%3A%2F%2Fvsim.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFF&crs=UTF-8&fr=https%3A%2F%2Fvsim.ua%2F&gdpr=0&e_pubcid=d7db8ffe-4da1-4c01-b29f-0dd8525a78e3
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-929

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 823 B
580 B 119ms
118ms XHR
application/json 2a06:8640:454::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462248/hb_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 97142ca9b7470b40a00c7e09fbbdc838c1dc9dbefdaa2c2f57701e3f6ae9493f

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 25 Sep 2022 08:37:08 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://vsim.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 278

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 373 B
1 KB 247ms
141ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462248/hb_306660_6693.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d2c94adf35f70c7486977c43a4750bf1efd8f71e42f978035387154dd88e29f1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 25 Sep 2022 08:37:08 GMT
X-Proxy-Origin: 217.138.196.105; 217.138.196.105; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c917f1b2-0916-460e-8c39-c255dfdacf69
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vsim.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 373
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
558 B 184ms
77ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=863026&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2233f4936b1e9c5cc%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fvsim.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%226.25.1-c%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223436792e1483a1d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F45035109%2F20minut_news8(1200x250)%23div-gpt-ad-1632837984961-0%22%7D%7D%2C%7B%22id%22%3A%22350defe39e0b8fd%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F45035109%2F20minut_news9(1200x250)%23div-gpt-ad-1632838225160-0%22%7D%7D%2C%7B%22id%22%3A%2236f3562b9181f7a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%221200x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F45035109%2F20minut_news10(1200x250)%23div-gpt-ad-1632838267602-0%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d7db8ffe-4da1-4c01-b29f-0dd8525a78e3%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462248/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 131c0609dbbb803f60117b2b7cb6f228f31ad973802cb5f94eab9d1034a3d7d6

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:37:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9vCgZrtYyYI1MN7zSYPb%2BSA7m8G50SCulN1i9AF9P%2FJOoAaLpTBXCnjqJ8U2bhNRLQRJ11Fhejc%2BBXcp6efKmSxuOkbAcpfGxl9mt6IwuXFeUoMx1VLgMcorDpGn0d4qKDodSeG"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://vsim.ua
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 75026fa70c4a067e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 378 B
1 KB 322ms
220ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462248/hb_306660_6693.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

9d5a2fe4d562fcec6d3b3ebe2e064b26135b8fa72fd94c5f3623daedad726e72

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 25 Sep 2022 08:37:08 GMT
X-Proxy-Origin: 217.138.196.105; 217.138.196.105; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ba5295ff-a2a1-494b-886b-4f9064224400
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://vsim.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 378
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 0.bundle.js Show response
cdn.gravitec.net/modules/ 9 KB
4 KB 31ms
30ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/0.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:08 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-2550"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 1.bundle.js Show response
cdn.gravitec.net/modules/ 32 KB
8 KB 35ms
35ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/1.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/d9345397765ace7e36f5036f718db82e/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:08 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-8092"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 139ms
51ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Sep 2022 08:37:08 GMT

GET
H2 200 lato.woff2
cdn.gravitec.net/fonts/ 14 KB
14 KB 38ms
38ms Font
application/octet-stream 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/lato.woff2
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Request headers

Referer: https://vsim.ua/
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:08 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-36dc"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:28 GMT
cache-control: max-age=10
accept-ranges: bytes
content-length: 14044
x-proxy-cache: HIT

GET
H2 200 sourcesanspro.woff2
cdn.gravitec.net/fonts/ 8 KB
8 KB 35ms
34ms Font
application/octet-stream 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/sourcesanspro.woff2
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441

Request headers

Referer: https://vsim.ua/
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:08 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-1e44"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
accept-ranges: bytes
content-length: 7748
x-proxy-cache: HIT

GET
H2 200 362437226.jpeg
cdn.gravitec.net/images/users/1651162056492056576/ 4 KB
4 KB 29ms
29ms Image
image/jpeg 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gravitec.net/images/users/1651162056492056576/362437226.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 4a7ba87ff08127253564f6d997be58f8e11109edf659f6677f6af8f8459a69d7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 25 Sep 2022 08:37:08 GMT
last-modified: Wed, 05 Feb 2020 13:46:42 GMT
server: nginx
etag: "5e3ac742-e67"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 3687
x-proxy-cache: HIT

GET
H2 200 ruxaZoupmFj.png
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame 6787 323 B
763 B 169ms
52ms Image
image/png 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/ruxaZoupmFj.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/login_button.php?app_id=178301089580185&auto_logout_link=false&button_type=continue_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a787927f11b2c%26domain%3Dvsim.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvsim.ua%252Ff38090e425b33e8%26relation%3Dparent.parent&container_width=0&layout=rounded&locale=uk_UA&login_text=&sdk=joey&size=medium&use_continue_as=true&width=250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

092cb8a7c234247243577529fa46f11c66216fb8c2b91a9e12d6bda73b739ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:08 GMT
x-content-type-options: nosniff
content-md5: mEtfkiuN8zERyZQcBN9jeg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 323
x-fb-rlafr: 0
x-fb-debug: 8jzcJ82qWtYN5H2XZhxG9zUEf6b4A8cHNnJblOfU0MFtVQ0jFGQ/1uOW/j7hJQEpp4GSDxSxTIDN7BmGGw+Hxw==
x-fb-trip-id: 720026100
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 20 Sep 2023 03:04:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FE98 13 KB
5 KB 126ms
40ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 3073
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 07:45:55 GMT
expires: Mon, 25 Sep 2023 07:45:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E2D9 783 B
1 KB 139ms
51ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bb05b8e74876aef31c029d7a03cb845ddc794ad81e6d56a90a334ab24dff9e6c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2PP85j93lzrAEf8RfI2lcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-2PP85j93lzrAEf8RfI2lcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 08:37:08 GMT
expires: Sun, 25 Sep 2022 08:37:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 QO3gsQVBcmE.js Show response
static.xx.fbcdn.net/rsrc.php/v3ixCr4/yu/l/uk_UA/ Frame 6787 570 KB
143 KB 162ms
53ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ixCr4/yu/l/uk_UA/QO3gsQVBcmE.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

38bc6dd0b99d8f3192c498597062251b8ba7d580d600bb05833112438664a26c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:08 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5j82TgN0nPnYlcJ27I1xUA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 146272
x-fb-rlafr: 0
x-fb-debug: H6ACcmpcdXimnzTdraIT6YyXe//J+sJ1YTTYoSXJ3wxblJuTK58p+SKgt0pvTojjO38HF8aCW5kGRIEqbRzp/Q==
x-fb-trip-id: 720026100
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 23 Sep 2023 18:54:50 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 131ms
50ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 08:37:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 130ms
48ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vsim.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 08:37:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 131 KB
24 KB 255ms
255ms XHR
text/plain 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1275083275348837&correlator=2885038821185592&eid=44761478%2C31067825%2C31068919&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&iu_parts=45035109%2C20minut_news8(1200x250)%2C20minut_news9(1200x250)%2C20minut_news10(1200x250)&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=1200x250%7C1200x400%2C1200x250%7C1200x400%2C1200x250%7C1200x400&ifi=2&adks=2483578089%2C4059114074%2C1842437250&sfv=1-0-38&fsapi=false&prev_scp=city_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Ccity_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Ccity_20minut%3Dkhmelnytskyi%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1664095028545&lmt=1664095028&dlt=1664095026156&idt=1914&adxs=204%2C204%2C204&adys=2021%2C6207%2C7857&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3&ucis=2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fvsim.ua%2F&frm=20&vis=1&psz=1192x250%7C1192x250%7C1192x250&msz=1200x250%7C1200x250%7C1200x250&fws=4%2C4%2C4&ohw=1192%2C1192%2C1192&ga_vid=1695379211.1664095027&ga_sid=1664095028&ga_hid=2034099657&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b65bbedb0b9d7907fc3590c21968cfd265b8f2aba5c5c83c951d0dd1cb8c0cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24633
x-xss-protection: 0
google-lineitem-id: 6109867904,6109084549,6075292307
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138404062025,138404064980,138399229928
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame FE98 36 KB
16 KB 124ms
42ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 05:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 182284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 05:59:04 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 664A 0
18 B 105ms
51ms Document
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://vsim.ua
Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://vsim.ua
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 08:37:08 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E2D9 0
0 128ms
77ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092001&jk=1275083275348837&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012209072154000/ Frame 4750 220 KB
61 KB 166ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 487692
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61518
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b9e6b1d3ca7cc68d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 4750 14 KB
5 KB 236ms
110ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 487692
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5208
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dcaf3864e0ab6b08"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 4750 94 KB
28 KB 242ms
116ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 487692
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28888
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "95b4b320f7966d1a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 4750 5 KB
2 KB 256ms
131ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 487692
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1908
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5561dff7c028bd87"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 4750 40 KB
13 KB 257ms
132ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 487692
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12958
x-xss-protection: 0
server: sffe
date: Mon, 19 Sep 2022 17:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "00747b471d2f1a24"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 17:08:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4750 6 KB
1 KB 215ms
76ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 25 Sep 2022 06:58:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 25 Sep 2022 08:37:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Sep 2022 08:37:08 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4750 3 KB
3 KB 46ms
40ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 09:36:15 GMT
x-content-type-options: nosniff
server: cafe
age: 82853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14587847488922671356
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Sun, 25 Sep 2022 09:36:15 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4750 344 B
368 B 46ms
40ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 09:36:15 GMT
x-content-type-options: nosniff
server: cafe
age: 82853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sun, 25 Sep 2022 09:36:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4750 0
0 138ms
50ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQtS_T3eEn8hRy88DA_lXBvB89J06P2zHA4h_um_Q1EnYtUC78PIKyHl4mgcSy-JMbWjfkfn0uXYa37_btilDuDZYKEHw
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4750 0
0 103ms
98ms Image
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CMEMMNBMwY_DfDJangQeEm73QAvfpsZds8snP8vkP8ti6vdMBEAEgtb3JIWC7hoCA0AqgAYHCjKMCyAEJqQJM986DoDeyPuACAKgDAcgDCqoEmwJP0BpDmDXXwzNs7d0pSbYuYpB88QQ_8_MotWXnbMbADJ-bEnayy9dLyJHrQmLwoMWVWziZ0_Wp9dMQuIr2vGg_G_gxL8JaQWJDwX7PCOvXfq5Afga58gAxTymvkTYMckEOf_gb6o1pLNdylB83cmduUAIOdTBnGZqsa_nPpSVweLHLrb-j72LI4of7Y4xMkAN5fOs6sv0p1U3dmqTswC0j-oa6kWtCAhReQz0-DdhLbi0IWnu5DBoc5-Des_ERs9hPAfMjYII2Pd5EiE1fX2XWk1dx2isF5aW2mjHd_i7Odrgafg95Jz8JXImUWVh-CxTkIw6yC6PPOpohiwfSC01RXbZ8p1tF7aPtJtugvEgTzhE5LtIUSEHZvcA_wAT29KHNxgPgBAGSBQQIBBgBkgUECAUYBKAGLoAH573z3AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCb0gXSCBIIiOGAEBABGB0yA6qCAToCgECACgHICwG4E-QD2BMN0BUBgBcBshceChwIABIUcHViLTkxNjExMDk1NjYwOTQ2MTQY1f4T&sigh=w6oSrlY6baw&uach_m=[UACH]&template_id=484
Requested by: Host: vsim.ua
URL: https://vsim.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/10199569559438235356/ Frame 4750 26 KB
26 KB 43ms
43ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10199569559438235356/2076313506083323656

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

712827436e68e6ea4ae103e7f89dfcd76e7bb06a0a745867dda4b2a6e23c3a7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 07:05:41 GMT
x-content-type-options: nosniff
age: 178287
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26343
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 15:42:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Sep 2023 07:05:41 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5350333710594517136/ Frame 4750 2 KB
2 KB 59ms
59ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5350333710594517136/downsize_200k_v1?w=100&h=100

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fae3caf75651a8caa33d9cb0e78fb20bcfde4f753c83a2905ef5c067ba56c36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 21:07:07 GMT
x-content-type-options: nosniff
age: 214201
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1859
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 15:40:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 22 Sep 2023 21:07:07 GMT

GET
DATA 200
OK truncated
/ Frame 4750 219 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea74fd140fcbe09467d5b5774f7ca77509a76009d2bb7aebb99f4a1af5f7038b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4750 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89d06ae06a1924e4d37d997747574ca1a13a4e10027b5ea299e727588e5f78a8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D322 0
0 88ms
88ms Fetch
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsta96qsaKiw9R9wntakoA5gAUzDSGjxaktnR9-zgQhqMD_8VL_TlAdGiLaFduOkNWDMgjcyD0k2f5iWCjiIi0BzMycrpSsdhSM0sgqvAHcvJgTp9WRe7iuo9OFwIUkThpH58WcuL_OyQz92EEm0ifyhVBayq-rI02VGe3aMv94upZRY-Ex30bQGYfYr2OYBo0lRxvXCXixIm7IzJrEn3Fcun47zkygbj18WpKPBdPZIcrYdg0HbkSfkbBMnCbLCKT47dXZqBZKwa-MbNjNNdaJBIIfcaneAqQDUreH9chsQbf3X5nZixhodmtJEcFI41g9B1Q&sai=AMfl-YTRcpCMlAZleTKpz6OS87cWNiRcU7bpkg2oxvk_glZ8PgzK6YtP2tQu6Ec9AKQCVfY6c792UY6rUJ8CCR9uybt3_tsrOMhngBjHDgCDperZiVD2v7JDnzy8h5FlUrA65HM&sig=Cg0ArKJSzBYj3aAIZYUlEAE&uach_m=[UACH]&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 08:37:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 25 Sep 2022 08:37:08 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame D322 23 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 08:29:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame D322 3 KB
1 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 08:28:40 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D322 0
0 94ms
49ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTEpzTbwTuDVt6lWXUSAbkwK75ySScPgnIbx5kUlCJL_W_gkEC0FWrBuV8Ci3yITlXtCbvOfROpWlzqpmZrePwF0UgzwA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D322 140 KB
44 KB 153ms
64ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Sep 2022 08:37:08 GMT

GET
H3 200 7505058470188652144
tpc.googlesyndication.com/simgad/ Frame D322 58 KB
58 KB 59ms
59ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7505058470188652144

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b97e46a5cd5da941d8fd49a3da94a844b704cdb6186bc9dfa34cb2e1900cbb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 09:52:20 GMT
x-content-type-options: nosniff
age: 513888
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59457
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 08:34:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 09:52:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FFE8 0
0 89ms
89ms Fetch
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdGHr9Z1IkmMsE94JGGeZqVLc1JenuwE8eemCeyT4RhPK9yRSyBzW-Q31fe1RFHuiFTlsYPIUBfzUAxufXVxvmdyRBG7o9mwEWS9Jhj7cgYL1mI5sbNEUZ06H9wAYkq3HCc6N1Jt4E2mEEKWc1k7jTBa5trIPvuhSxXvlxaQDNVmLtOMc-0D91AsJPElYpI55WQeyXO_9pBgYezunwIK936-VqKH6oYCOcZoY3ZINATReN9cuksfKnk_PYQVPKzd68A5ZCbJUb1cv7uPwJrmoG61Aj9Peugjuuj1BAQ20OaGnsqMfFqwbctQEX7iP1pkJiEA&sai=AMfl-YQBb8yhdgAjETTmMgVB3-Nq56KVeEBdb6yT11zkGrdO318vpv0ZYbxJ4lXRsWMGrRTpUVOqX50ryjDESLKM6zfl1f6iENMIA5SoHY8DKeuli4w3kZHfNg7WtjtfeeKg2K0&sig=Cg0ArKJSzAezuBucTLKBEAE&uach_m=[UACH]&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 08:37:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 25 Sep 2022 08:37:08 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame FFE8 23 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 08:29:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame FFE8 3 KB
1 KB 61ms
59ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 08:28:40 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FFE8 0
0 83ms
48ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQWN2_sX95WWa8-UAyMASa-cWCrcO8BiOlpQ3XeESXvArXIMyFubcoey6JzSkcyjzPqa6I4VlBZE_zT6SExFbBufWArog
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FFE8 140 KB
44 KB 199ms
119ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Sep 2022 08:37:08 GMT

GET
H3 200 3727030250312727360
tpc.googlesyndication.com/simgad/ Frame FFE8 144 KB
145 KB 61ms
60ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3727030250312727360

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b7dae5b6b79db79b1f08c73aa1da73491c195fdfeda4287121443d712c58f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 14:10:02 GMT
x-content-type-options: nosniff
age: 152826
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147938
x-xss-protection: 0
last-modified: Mon, 30 May 2022 09:06:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Sep 2023 14:10:02 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A4A6 0
0 88ms
88ms Fetch
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5IbhMlRrufxz4RvQHy0cXfBSRwKYxpp4zNKTeUNkjDq4XrNHtDDMT10byuRFCeR-QytfS-RcqpZltjPzwsPogDOmJQHT1bhzNDVcFVNHx91DaWe4Yu7llqgbtPdvP8FvTkR01ewytxH-8Av9hAgDGEiTNuvk9urPa17kNES-j2yo-rc36l-1iY9chnDz9CFdvHz-pKqh49-YgPJm-lPYxenWkBI12kTo-6JpoXykJ3EtkMqBy7ywHdRubcBeyEu6HvTSHwhjo2YGErVEniEIWch9kyIA8rah5LRibrk-C2bekRzggvHHuqU3uWXgLXAV7mVI&sai=AMfl-YR_tyax-hOAWLdcwB7mR35f0mz7XEMvf9EB-63za120YaVXmwqQEyBFQAuQiCAQeyXaSJb_T2_335WXXoyavhPn3F9_XN061CUF33_NaH3oG9JOW2WkrivpYJ-YmPYIC_U&sig=Cg0ArKJSzP74CUnKvOrFEAE&uach_m=[UACH]&adurl=

Requested by

Host: vsim.ua
URL: https://vsim.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 08:37:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 25 Sep 2022 08:37:08 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/ Frame A4A6 23 KB
9 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 08:29:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame A4A6 3 KB
1 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 08:28:40 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A4A6 0
0 75ms
51ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1M7rJ_JfbAQXMf206PP-P928o4AudmBt4surALOt4my8Qhj_TsU8XxO2eJgnAZbP497RTEZ6qsxeNVBCWXr6r40JCjA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A4A6 140 KB
44 KB 198ms
128ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 25 Sep 2022 08:37:08 GMT

GET
H3 200 8705847518909385374
tpc.googlesyndication.com/simgad/ Frame A4A6 223 KB
223 KB 63ms
62ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8705847518909385374

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2ba68d0f0fa78d9e5837e49cb8a30671143afa6d57cd2d40c2f0a85c9cc28b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:06:58 GMT
x-content-type-options: nosniff
age: 315010
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 228712
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 12:27:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Sep 2023 17:06:58 GMT

GET
DATA 200
OK truncated
/ Frame D322 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4a862e4357489e3a52fd1c554ed21344001b35704217a2fd119fd44361e628f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FFE8 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50bea0a3f680879b29116467868628308e121412804e9928a1da61d540d1c4bb

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A4A6 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 363f22dc397d2b8b6898610e9aad941e9a95e0a9a525e6d31191a7f89f282349

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FE98 0
11 B 42ms
42ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gxS_mA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4750 15 KB
16 KB 130ms
41ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 489137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 16:44:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4750 15 KB
15 KB 137ms
51ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vsim.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 489444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 16:39:45 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D322 0
0 90ms
89ms Fetch
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdzPd6ZiSOxNskAq0fq4yGuagn-3EM5GPj7ZCTNghCwqTGy81BN3WGvJMzbmpn8TlAj4LU_yHC5Mw2MroAK4LokFv_dLwG_nYTITcb9pCiHIsJDxN56UWgJw4e_B5koPyyBI70imlY0HksM2YrWJAqIEUFS9-g3Ew_byX6gzSPNNbFx-TFufT-5lERvF0pHdQ4aEjFzEEvyuKdad6CUhxWA2BbD_rhVJp49osWxropSHMbA1bG26e93eS3UyCCiLO3gP2tuucsDBe3VuF_u4yTq0tp-jneyjR9nwnJX3zajeio87nArFt7hUs9FkulXZEXchfC&sai=AMfl-YTS28ZGb_KxdUaCmkwm7tUfPmb4LcVoURVWvTch7Yb9JbaB2nYj1W4wXw-0wolkVX26RrXTPj6169hTM99XvkAslC7s2_msmVi7ZP7PeODqFDevFi5SdXWiRhPqc5FPHEU&sig=Cg0ArKJSzFfhwbWINHvmEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 08:37:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 25 Sep 2022 08:37:09 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FFE8 0
0 90ms
90ms Fetch
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVkeptzpdSgeQcdMuJEsx2JiWO3SirFd8Y7fyVWshi1d4hdrj77hOw7mb2Kx0Cvlo71ZHvCYkvqCt7GZZowyOI6ixYpDLo5nQx9IbUUuaBm14Ju1C0KXM0MQnp8VZYjsfHmiwk2dUDELsLfnCciO20HKjCrqa7lEgl3KvzwJJra19PdRrdzeEg_cSqaTGvVPYyrumh4npciNSlPnfjKblhpTs7XguTrufwMo3RlTOGbaW_BCTTq1UE4DOMhC2dbXyE9WLr1xJY2-rGxSTIz6eSul443UnkPUoc6eR03RrZJaXNqQXOvcrt0Y_Om4GehCpvbvrF&sai=AMfl-YTOmYwLzyhT2Iylxg2XtFymTzP_fUXTxDJG7JLY9an3ndK_T6AqCl6YAeXr--vUmuYPar2qS6nptqTLbU8fO0I636H5q2b7HOvTUy3p9uV4MqrZuuk8Ay9WsIO8fccYHdI&sig=Cg0ArKJSzHSfbbTlMtaDEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 08:37:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 25 Sep 2022 08:37:09 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A4A6 0
0 88ms
87ms Fetch
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssifBDvJW2TaO0CtYLG-__3dq_PJgnV0N0zICDTWX_ciALVJlW89fBjRgYv41W2UKVODoL6BBeHpKW62-sE4rlfjbUkL0YXqA5tjAXEjz6ZBEkfwfbHRCtHXO-M5bhXYX71SXgL3p2imjdaNlPdqNxf-HPddEnl7ezxt9C3xdCk1kHhy0JVZ2hKefuOlTFT_4quUH0UXjfRxjFF4Y6XMkezxEmlxGbzuZYQmS84PRUvkplhixTPMhxJXcFNLVmldLjLzU3mNy0_jzSGjPL59pkMYbayGzV6mCu1V_a3Cd-IeP0j0NIa8XtuqWuenA8IlCMxl7hR_w&sai=AMfl-YS0ms8dnvR0c3RpISSvTyrt7KaerOcCxRvMRV6ek3SQ8jwYH_l7PTtnL3NYPUMgZXPAiRkpU68ktSVj2DOlNN_Fx1USD-Dt2mrW2HIzh02KBxNEq8wKgmpDWCxCEMUoZPc&sig=Cg0ArKJSzFwHMPROy0H4EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 25 Sep 2022 08:37:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 25 Sep 2022 08:37:09 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
218 B 103ms
103ms XHR
text/plain 2a06:8640:454::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/x462248/hbw_master_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://vsim.ua
Date: Sun, 25 Sep 2022 08:37:09 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 78ms
77ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092001&jk=1275083275348837&bg=!oaKloubNAAYIxsuQKMY7ACkAdvg8Wo6sbflVW3O_PbM37vB65bw53vpuaMiSJtbewt0YhFq4lDZX-gIAAACeUgAAAANoAQcKAIL-RtxmcClKeM7dVFmV3FwOpjmPqP38_LgJBqyfFck_Vlpwdxcn6ZkuwCQwOP72s73hCSgh03dv8B9IUtladwKZ41KYcUggAossP5S4EU_w4gY25t8W79Qop-4OqwJ2CcyqNdiOwiuwF-FbG5qADVPvvsLBe5axn-xH5BrR24kmFkGjmQKPDiuayM7cf5AIBhzTeJpt06hff5xhHlCoBAjbyj3f2Y72Su1jg5WUHKQXIwKEnFO008MZhPIS3MBAgxQxHmJKUFbEY88qk6VW1crFEDQ-HYkJ2s_gOxM0X7n7sQFESkM61CZlbxiSn9TQNCTnDdroOv3Srj3V2BXDzVRJHIUTnhomxQvQsdowHmfiayApf3aQkSnemuT7mCJYd12OH5SjhbNyILHSiDacKP73s1CjFVJLt4Ub2ZqQA-45AkoO1KnT76mBzaiPzbedqmCHwi9hkf04kfe72gZlbHokxLaSNSPRKiKDkPqloRncQnWcLDART6stgrdleiQQXH4NbL-b7RLMtfGVph5a4sdCLlkO1hZA0qApKWsOjMauyJBTMaJpnsf1wptkn_pTKl-2uCt87TxvX4kuCh_X-Pe5wm3HPoCPP9xxfELzSL5c1ew_1mxl-Y_4wPMjj6WNX0mMG0zhlGqzEi4LabYYqzKKVcYKMulToOaN9IuL60BRlVxr3J2dd343RJZPrwQA6rTQQFCPw28QxgFdKHQO9cuVrE6LTF8MblmRkB-EbubhrM5zCU7UUk_b-cdrUHAhgwd6Dz_sXawR2BWyNQ0cGZUVCU0QyCzjgWgPqLBZITJ5ehOMSsuUxmGXRa-JKt8cVQGSNPucBnuTUuKLhTfhmohcZnw4nWuOvqgK360BQQExMSWgPUnmS3YLln12YGYmmKq2L53Rr4Xn0bKBenGtKuxL3IRrrCOwDojnInVUt8dS577s_29YLCX-BpxvtaRlErs36GxsaWKk5FvSVsFFmYgjq4oN67MfQvsuLQkc6vEuLU3jC3D_QREyiKAh0UltyormsLMZvYhjcRtT0ZEiCyljdMp9Ow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4750 42 B
64 B 82ms
82ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJ538x72oG7p_ErzoclrYbAUCkQYFKljW-9xPHpeS8f6hvbKuTTznzZIooZ3-SZua1clUWI9imHf5DWQCsQ9Cxt5n1LWe3QD6QYDgFmP8J-rglFw3duF1wPRxJmR3ElQclUmn6uco&sai=AMfl-YQpM3QDVSGuEcpTnR4GCbh8Q8mFvzEgX7dLcvjFTymevmqvddZt-RSDYZXcbvr45EDomSK7Z3_yPnxFmtIx9rAE3LDfgQCbHtBb9fzfxJyR_bwn26AF6WmcbgZaH6UH&sig=Cg0ArKJSzCz_1-BwLu7AEAE&id=ampim&o=1092,228&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=420&tls=1420&g=99.89374876022339&h=99.89374876022339&tt=1420&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:37:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 182ms
54ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://vsim.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 25 Sep 2022 08:37:10 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 480220
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvsim.ua%2F&domain=vsim.ua&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=U_ayTHxidEI0bHdsMExlMW0zOGl2ZjhKSGpQOC93N2dBNEoyaW5uMlYxd1lzK0dHSXkyZ3VwYlI0ZGVMWHI0R0JHL1l5ckJUQTVXd2lXVGlsNytSL3Vrc21qaVBuVVgzTGZYK0VSeXhWelFmak9DR09RSFBwd2pERXZSa3...

330 B
626 B

106ms
36ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=U_ayTHxidEI0bHdsMExlMW0zOGl2ZjhKSGpQOC93N2dBNEoyaW5uMlYxd1lzK0dHSXkyZ3VwYlI0ZGVMWHI0R0JHL1l5ckJUQTVXd2lXVGlsNytSL3Vrc21qaVBuVVgzTGZYK0VSeXhWelFmak9DR09RSFBwd2pERXZSa3p4VElyTTBlK2hZWE81MHh4REJJRmJFZWNzdEV6RTlnVTdhaW9WUVBDWnFIcTY5Q1A3OVRocWFsNEFiaG1wUEF1ODhOTXVXVUdOelp3ZHdhYkxZNFFLdlNmWUV1WmdQMGk2Q0hvZmFtNlR5bElxRmtFQXVjPXw&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a6c2789e31f5d4550e07b5ccc80342d49e6fdd0d46bced0fd791cbe43f295731

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:37:12 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1216736
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:37:11 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=U_ayTHxidEI0bHdsMExlMW0zOGl2ZjhKSGpQOC93N2dBNEoyaW5uMlYxd1lzK0dHSXkyZ3VwYlI0ZGVMWHI0R0JHL1l5ckJUQTVXd2lXVGlsNytSL3Vrc21qaVBuVVgzTGZYK0VSeXhWelFmak9DR09RSFBwd2pERXZSa3p4VElyTTBlK2hZWE81MHh4REJJRmJFZWNzdEV6RTlnVTdhaW9WUVBDWnFIcTY5Q1A3OVRocWFsNEFiaG1wUEF1ODhOTXVXVUdOelp3ZHdhYkxZNFFLdlNmWUV1WmdQMGk2Q0hvZmFtNlR5bElxRmtFQXVjPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://vsim.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 464499
content-length: 0
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 216 B
617 B 159ms
48ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462248/hb_306660_6693.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

d7cfe3368373f6c8dfd7bf5e05daa79430d32b878b311c83c7e8eddde4210da2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vsim.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vsim.ua
date: Sun, 25 Sep 2022 08:37:11 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame ACCC 52 KB
17 KB 140ms
29ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462248/hb_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 194
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 25 Sep 2022 08:37:11 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 18 Sep 2022 08:33:42 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1289
X-Served-By: cache-lga21937-LGA, cache-lcy19267-LCY
X-Timer: S1664095032.665131,VS0,VE0

GET
H2 200 / Show response
spl.zeotap.com/ Frame D310 8 KB
2 KB 132ms
48ms Document
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462248/hb_306660_6693.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cc2bbaa90b3899f8fb8106cc45f49e74cc70e80dab7ab42e22a44ab69de4061

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://vsim.ua
cf-cache-status: DYNAMIC
cf-ray: 75026fbbb81b073a-LHR
content-encoding: br
content-type: text/html
date: Sun, 25 Sep 2022 08:37:11 GMT
server: cloudflare
vary: Origin
via: 1.1 google

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame C9B6 3 KB
2 KB 243ms
52ms Document
text/html 184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462248/hb_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Sun, 25 Sep 2022 08:37:11 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A661 15 KB
6 KB 411ms
50ms Document
text/html 184.51.9.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462248/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=45724
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sun, 25 Sep 2022 08:37:11 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sun, 25 Sep 2022 21:19:15 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A81B 52 KB
17 KB 136ms
30ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462248/hb_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 194
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 25 Sep 2022 08:37:11 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 18 Sep 2022 08:33:42 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1404
X-Served-By: cache-lga21937-LGA, cache-lcy19247-LCY
X-Timer: S1664095032.665380,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A802 281 B
554 B 260ms
51ms Document
text/html 92.123.9.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462248/hb_306660_6693.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-9-160.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 25 Sep 2022 08:37:11 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4A3B 15 KB
6 KB 409ms
51ms Document
text/html 184.51.9.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/462248/hb_306660_6693.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://vsim.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=45724
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sun, 25 Sep 2022 08:37:11 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sun, 25 Sep 2022 21:19:15 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=3cc50df4-4362-45d2-add4-d165cd81b791

0
404 B

715ms
104ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=3cc50df4-4362-45d2-add4-d165cd81b791
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vsim.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 25 Sep 2022 08:37:11 GMT
Server: Adtelligent
Etag: 30495de0f77f45e0
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=3cc50df4-4362-45d2-add4-d165cd81b791
date: Sun, 25 Sep 2022 08:37:11 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame D310 0
0 45ms
44ms Image
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame D310 170 B
502 B 176ms
52ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:37:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D310
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
https://mwzeom.zeotap.com/mw?cid=4b01d2ad-a080-4595-bce9-a76b458b2df7&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81...

95 B
180 B

103ms
89ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=4b01d2ad-a080-4595-bce9-a76b458b2df7&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:11 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 75026fbd8a55073a-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=4b01d2ad-a080-4595-bce9-a76b458b2df7&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
date: Sun, 25 Sep 2022 08:37:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame D310 0
331 B 242ms
48ms Image
text/plain 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:37:11 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D310 70 B
265 B 149ms
43ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D43443022-9278-47df-74d0-02d0cd579cca%26reqId%3Db7d4d801-d3a6-4d81-628c-5b2ebaa6d61e%26zdid%3D1361&gdpr=0&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:37:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame D310 0
161 B 123ms
36ms Image
text/plain 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Sun, 25 Sep 2022 08:37:11 GMT
via: 1.1 varnish
server: nginx
x-timer: S1664095032.802501,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-lcy19221-LCY

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame D310 0
411 B 886ms
105ms Image
text/html 2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Sep 2022 08:37:12 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame D310 0
166 B 135ms
29ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D43443022-9278-47df-74d0-02d0cd579cca%26reqId%3Db7d4d801-d3a6-4d81-628c-5b2ebaa6d61e%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D310
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=136...
https://mwzeom.zeotap.com/mw?cid=c3202e01-1cb6-4530-a4aa-41e387510801&zpartnerid=317&gdpr=1&gdpr_consent=

95 B
152 B

46ms
46ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=c3202e01-1cb6-4530-a4aa-41e387510801&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 75026fc0de6e073a-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=c3202e01-1cb6-4530-a4aa-41e387510801&zpartnerid=317&gdpr=1&gdpr_consent=
pragma: no-cache
date: Sun, 25 Sep 2022 08:37:12 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D310
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=43443022-9278-47df-74d0-02d0cd579cca&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=43443022-9278-47df-74d0-02d0cd579cca&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=44557057200104597693809169099159366593&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-...

95 B
175 B

65ms
64ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=44557057200104597693809169099159366593&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 75026fbdca99073a-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

DCS: dcs-prod-irl1-1-v042-0d47f9f46.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: bvHL97cUS34=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=44557057200104597693809169099159366593&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame D310 0
324 B 188ms
41ms Image
text/plain 18.198.126.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D310
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7147233735604566167&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-...

95 B
152 B

48ms
48ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=7147233735604566167&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 75026fbdeab9073a-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7147233735604566167&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
Date: Sun, 25 Sep 2022 08:37:11 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3 200 receive
pixel.tapad.com/idsync/ex/ Frame D310 95 B
113 B 71ms
37ms Image
image/png 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=43443022-9278-47df-74d0-02d0cd579cca

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

QUIC, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:11 GMT
via: 1.1 google
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D310
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=43443022-9278-47df-74d0-02d0cd579cca&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://idsync.frontend.weborama.fr/ids?key=zeotap&value=43443022-9278-47df-74d0-02d0cd579cca&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
https://mwzeom.zeotap.com/mw?webouuid=PyDBUvgBuvQOTf7h1clF6O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d...

95 B
152 B

68ms
68ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?webouuid=PyDBUvgBuvQOTf7h1clF6O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 75026fbe5b80073a-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:37:11 GMT
via: 1.1 google
last-modified: Sun, 25 Sep 2022 08:37:12 GMT
server: Weborama Collect Frontend
location: https://mwzeom.zeotap.com/mw?webouuid=PyDBUvgBuvQOTf7h1clF6O&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 404
Not Found getuid
sync.smartadserver.com/ Frame D310 21 B
21 B 530ms
36ms Image
text/plain 185.86.138.143
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D43443022-9278-47df-74d0-02d0cd579cca%26reqId%3Db7d4d801-d3a6-4d81-628c-5b2ebaa6d61e%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.143 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 673c79de9e33392bc95881a3d58488cf44e0509352a299e09bf119e2b09d170a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:12 GMT
content-length: 21
content-type: text/plain; charset=utf-8

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D310
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=43443022-9278-47df-74d0-02d0cd579cca?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=43443022-9278-47df-74d0-02d0cd579cca?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361

95 B
152 B

42ms
42ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 75026fc0be52073a-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:37:12 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
expires: 0
cache-control: no-cache
x-server: 10.45.25.50
content-length: 0
x-consent: absent

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D310
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-LRyyK0RE2oou1i7.pjUm2b8htklcFfIrJQ--~A&zpartnerid=570&env=mWeb

95 B
152 B

45ms
44ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=y-LRyyK0RE2oou1i7.pjUm2b8htklcFfIrJQ--~A&zpartnerid=570&env=mWeb
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 75026fc08e13073a-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Sun, 25 Sep 2022 08:37:12 GMT
via: http/1.1 spdc0110.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
location: https://mwzeom.zeotap.com/mw?cid=y-LRyyK0RE2oou1i7.pjUm2b8htklcFfIrJQ--~A&zpartnerid=570&env=mWeb
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D310
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=2AlcFsEkph7qnnfRgCw2pGgYxLuQLaqa%2BS41iYitP1U%3D

95 B
152 B

51ms
51ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=2AlcFsEkph7qnnfRgCw2pGgYxLuQLaqa%2BS41iYitP1U%3D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 75026fc08e14073a-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:37:12 GMT
server: AAWebServer
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=2AlcFsEkph7qnnfRgCw2pGgYxLuQLaqa%2BS41iYitP1U%3D
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame D310 43 B
356 B 385ms
41ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=43443022-9278-47df-74d0-02d0cd579cca&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:37:12 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame D310 0
338 B 369ms
39ms Image
text/plain 52.30.33.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.33.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-33-235.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:12 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1664095032
x-served-by: beacon-n010-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame D310 95 B
359 B 373ms
47ms Image
image/png 162.55.233.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=43443022-9278-47df-74d0-02d0cd579cca&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.29.233.55.162.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:12 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/png

GET
H2 503 cQZGoH6Q
sync-tm.everesttech.net/upi/pid/ Frame D310 0
177 B 266ms
29ms Image
text/plain 151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D43443022-9278-47df-74d0-02d0cd579cca%26reqId%3Db7d4d801-d3a6-4d81-628c-5b2ebaa6d61e%26zdid%3D1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:37:12 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664095032.362037,VS0,VE0
x-cache: MISS
cache-control: no-cache
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-lcy19221-LCY

GET
H2 204 v1
engine.widespace.com/map/ext/api/trackingcallback/ Frame D310 0
209 B 162ms
70ms Image
text/plain 13.32.99.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-43.fra60.r.cloudfront.net
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:12 GMT
via: 1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
server: nginx/1.20.1
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: muB6XXi1pZftwkfiixZPpj0w2DCKE-USs4wqjSC4n_8KR3EnzBQvSg==
x-cache: Miss from cloudfront

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame D310
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6...

0
336 B

39ms
39ms

Image
text/plain

52.30.33.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 52.30.33.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-33-235.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:12 GMT
cache-control: private, no-cache, no-store
x-request-time: D=22 t=1664095032
x-served-by: beacon-n021-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
date: Sun, 25 Sep 2022 08:37:12 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a015-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame D310
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=43443022-9278-47df-74d0-02d0cd579cca&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=43443022-9278-47df-74d0-02d0cd579cca&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d...

43 B
568 B

45ms
45ms

Image
image/gif

52.95.115.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=43443022-9278-47df-74d0-02d0cd579cca&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361&dcc=t

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

HTTP/1.1

Server

52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Sep 2022 08:37:12 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 76A0XTQW5DKQ5V2M2R48
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 25 Sep 2022 08:37:12 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: CAZX9KS2ADB5Q3CJXP3T
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=43443022-9278-47df-74d0-02d0cd579cca&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 87734
tags.bluekai.com/site/ Frame D310 0
145 B 359ms
232ms Image
text/plain 104.96.159.57

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=43443022-9278-47df-74d0-02d0cd579cca&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.159.57 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:12 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D310
Redirect Chain

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D43443...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361

95 B
152 B

45ms
45ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 75026fc19f8a073a-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
date: Sun, 25 Sep 2022 08:37:12 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H/1.1 204
No Content token
pixel.rubiconproject.com/ Frame D310 0
214 B 179ms
45ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/token?pid=41544&puid=43443022-9278-47df-74d0-02d0cd579cca&pt=d[&gdpr=0&gdpr_consent=]
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D310
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=43443022-9278-47df-74d0-02d0cd579cca&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBBSW_UUID%7D%26cookie_age%3D%24...
https://x.bidswitch.net/ul_cb/syncd?dsp_id=461&user_group=1&expires=5&user_id=43443022-9278-47df-74d0-02d0cd579cca&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBBSW_UUID%7D%26cookie_age...
https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d...

95 B
152 B

50ms
50ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 75026fc2b8a8073a-LHR
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=${BBSW_UUID}&cookie_age=${COOKIE_AGE}&env=mWeb&zpartnerid=1771&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361
Date: Sun, 25 Sep 2022 08:37:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame ACCC 0
747 B 36ms
35ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Sep 2022 08:37:11 GMT
X-Proxy-Origin: 217.138.196.105; 217.138.196.105; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 096023cc-1c81-458d-8cd2-6224d828dd38
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A81B 0
747 B 77ms
40ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Sep 2022 08:37:11 GMT
X-Proxy-Origin: 217.138.196.105; 217.138.196.105; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6e266389-7dbd-4d04-8319-0d3a98c95f66
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 07C0
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

126ms
79ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 523249a6a4524fbd4acbc3cbb3ae8a3182b1849936b7cb0646535dcd19947de9

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 75026fc0798e7509-LHR
content-encoding: br
content-type: text/html
date: Sun, 25 Sep 2022 08:37:12 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvHZfaAt%2BIK3pFPvcMmYnRj0bkmvxZy%2FsLE%2Fa173O4OR9CPXCKUc3O4YRIpMZz53LO1pPqP%2FJmIxzhTAmQmtiSIcVIVw7I5cCcQs4pl5qannXb4BrHcD2nGSOvlnlZvfudy5WqA6BVdduQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 75026fbd9fd0dd84-LHR
content-length: 0
date: Sun, 25 Sep 2022 08:37:11 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oLRAJOqOpQ0Qp3h%2FVE5urdPtYj8hx9cMX6rgLUj%2FmLuoH9w%2BtuGKoQKZUy9pJofDr9vrRp495KjgnLj5%2BPeRUQAC%2BVMUzEksuDrogzTHL006XcGXZLxM%2BF%2B3qL4Usw38AmzBJiszAwxDw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A802 31 KB
10 KB 52ms
51ms Script
text/html 92.123.9.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-9-160.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d71bfc0d1a5784aeda48917a7c7d2aa2c77d37ec0657b23a858a91d7280d881a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 25 Sep 2022 08:37:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 22:38:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81592
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9422
Expires: Mon, 26 Sep 2022 07:17:03 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame A802 284 B
536 B 539ms
43ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 286ms
41ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 25 Sep 2022 08:37:12 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 458335
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A661 0
39 B 29ms
29ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=35188212&p=161562&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161562&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:11 GMT
content-length: 0

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 07C0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzATNybOZelKALNEqf5GLgAAEY0AAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENpZRz4huwHDkUQT9q1m1l8&google_cver=1

43 B
845 B

75ms
75ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENpZRz4huwHDkUQT9q1m1l8&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 75026fc1db9f7509-LHR
pragma: no-cache
date: Sun, 25 Sep 2022 08:37:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7%2BNpX%2B6n06og7MAnorlZD6XB4fBdcQN7RtdL13Fei%2FcO%2B7GctNIsyYm3i0ENav%2BpRcLbqWo0alTGho7C5WpHgYZ0Dz%2FO908lAF6AhVgJLzh8ntKfaWoumj57BiMl0tCnmYUqqBzXnMGDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:37:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENpZRz4huwHDkUQT9q1m1l8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 07C0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YzATNybOZelKALNEqf5GLgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEItwbMtip2_0mJ3gaqggM9U&google_cver=1

43 B
879 B

138ms
92ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEItwbMtip2_0mJ3gaqggM9U&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 75026fc2cf8572df-LHR
pragma: no-cache
date: Sun, 25 Sep 2022 08:37:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1ot1t1tMFyI22d6SW%2FjM%2FQtj2K%2B1gaj6j00F%2F9yWhOk2mh3EUkmjUgjh78JdhGVzPeMWb5PTKEM9dmaNd3i951iTjPSWEoh1URMrs0QR4mkwci9zymbTrVoIJ8M68MjrA286Tza20%2FyYw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:37:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEItwbMtip2_0mJ3gaqggM9U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 07C0
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzATNybOZelKALNEqf5GLgAAEY0AAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzATNybOZelKALNEqf5GLgAAEY0AAAAB&dcc=t

43 B
855 B

137ms
137ms

Image
image/gif

52.46.128.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzATNybOZelKALNEqf5GLgAAEY0AAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.128.147 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Sep 2022 08:37:13 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 0E9X758K7N6PE6AFZHX6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 25 Sep 2022 08:37:12 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: RPBMJPKHF481YRQKE45P
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzATNybOZelKALNEqf5GLgAAEY0AAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 07C0 70 B
264 B 43ms
41ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:37:12 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 07C0 0
0 114ms
39ms Image
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 YzATNybOZelKALNEqf5GLgAAEY0AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 07C0 43 B
603 B 160ms
48ms Image
image/gif 2a05:d018:d29:3605:e8e1:b74:225e:e4ed
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YzATNybOZelKALNEqf5GLgAAEY0AAAAB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:e8e1:b74:225e:e4ed Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:37:12 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 43
x-content-type-options: nosniff

GET
H2 503 ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 07C0 0
60 B 29ms
28ms Image
text/plain 151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Sep 2022 08:37:12 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664095032.488940,VS0,VE0
x-cache: MISS
cache-control: no-cache
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-lcy19221-LCY

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 07C0
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=68
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=EHss-O_fSudhSOk7gaR519mKxGk

43 B
842 B

81ms
81ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=EHss-O_fSudhSOk7gaR519mKxGk
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 75026fc428cf72df-LHR
pragma: no-cache
date: Sun, 25 Sep 2022 08:37:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhLuo3lhMhrHRBcq7wGCPBScGF2p5ttWKQ5LWHOkbzzGMRJNx3AgHSNSbCRU4hzdib41xG7YEc9ZQH%2FUnwAz1J0yDl4xlvworxtHqb6shCCr%2BtaSMgJ12%2BnQAhc9wxBzMnEGk7rn5cP3Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=EHss-O_fSudhSOk7gaR519mKxGk
Date: Sun, 25 Sep 2022 08:37:12 GMT
Connection: keep-alive
Content-Length: 122
Content-Type: text/html; charset=utf-8

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 07C0 43 B
352 B 266ms
59ms Image
image/gif 2606:4700::6812:d4c

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?YzATNybOZelKALNEqf5GLgAA%264493
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fvsim.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d4c -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 75026fc25865770d-LHR
date: Sun, 25 Sep 2022 08:37:12 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 159
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Sun, 25 Sep 2022 12:37:12 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame ACCC 0
747 B 36ms
36ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Sep 2022 08:37:12 GMT
X-Proxy-Origin: 217.138.196.105; 217.138.196.105; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 01a361f1-2d6d-457e-8547-53bc979136b3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A81B 0
747 B 47ms
47ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 25 Sep 2022 08:37:12 GMT
X-Proxy-Origin: 217.138.196.105; 217.138.196.105; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 49d57ebb-f863-4b45-831d-9bb56fcc3c7f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: leokross.com
URL: https://leokross.com/vAW/aGeq.js

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
vsim.ua/	1970-01-20 15:50:55	Name: subscriber_life Value: %7B%22order%22%3A%5B%22modal_mail%22%5D%2C%22modal_mail%22%3Afalse%7D
vsim.ua/	1970-01-20 06:14:55	Name: Value: undefined
vsim.ua/	1970-01-20 06:14:55	Name: browser_id Value: 6a1497c8-0953-492b-a789-88573e0203bd
vsim.ua/	1970-01-20 06:14:55	Name: remp_session_id Value: 6b7a2eca-4177-4b27-897f-4b6a464e59e1
vsim.ua/	1970-01-20 15:50:55	Name: GN_USER_ID_KEY Value: 74fb284b-2e22-439c-af9b-cc34ef4657dc
vsim.ua/	1970-01-20 06:14:56	Name: GN_SESSION_ID_KEY Value: a81264a4-6458-4b34-81fd-fec36c9c96e9
.vsim.ua/	1970-01-20 06:14:58	Name: AMP_TOKEN Value: %24NOT_FOUND
.vsim.ua/	1970-01-20 06:16:21	Name: _gid Value: GA1.2.2029171849.1664095027
.vsim.ua/	1970-01-20 06:14:55	Name: _gat Value: 1
.vsim.ua/	1970-01-20 06:14:56	Name: __cf_bm Value: fIHt27.m5p9f0cn.Jfcg7bc3odRnP55Gu2gWGnlFSaA-1664095028-0-AVonrkEIypJNa0/b0UXV4MbTMJjcB1YeO6l8MVQ/OACi26Z3sn8fHhAqY6woD+Ua6ba6/7Jd8lHgH6fhTEZ+dkkrUk5adIuRR8VwHQjPxO8niRVmlDrfHVm3O2lWi1Vx5Q==
.vsim.ua/	1970-01-20 15:50:55	Name: _ga_0CS1NTGGLB Value: GS1.1.1664095028.1.0.1664095028.60.0.0
.vsim.ua/	1970-01-20 15:50:55	Name: _ga Value: GA1.1.1695379211.1664095027
vsim.ua/	1970-01-20 06:58:07	Name: _pbjs_userid_consent_data Value: 2024371239917068
.vsim.ua/	1970-01-20 15:00:31	Name: _pubcid Value: d7db8ffe-4da1-4c01-b29f-0dd8525a78e3
.vsim.ua/	1970-01-20 08:24:31	Name: _fbp Value: fb.1.1664095028165.1039484575
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.e-planning.net/	1970-01-20 15:50:55	Name: E Value: ANhKCVJHC7N/booG
.adnxs.com/	1970-01-20 08:24:31	Name: icu Value: ChkIrqGFARAKGAEgASgBMLSmwJkGOAFAAUgBELSmwJkGGAA.
.adnxs.com/	1970-01-20 08:24:31	Name: uuid2 Value: 4940908981975651176
.vsim.ua/	1970-01-20 15:36:31	Name: __gads Value: ID=a8d7e5391a4d7b5c-225ec5542ece00c5:T=1664095028:S=ALNI_MYAECfzyiCXCgWvaaK9HWeN9KA6NA
.doubleclick.net/	1970-01-20 15:36:31	Name: IDE Value: AHWqTUm_WutzE8YIJTbSUThy1sihZ6-p3dZv9tPhUbcQ1quE9VeG2RhW6i_xPd1YusI
.zeotap.com/	1970-01-20 15:00:31	Name: zc Value: 43443022-9278-47df-74d0-02d0cd579cca
.zeotap.com/	1970-01-20 06:16:21	Name: zsc Value: %B5%407%BE%BE%DE1OI%08%04%E8b%5C%3A%90%AD%FEa%12%DD%D9%83%B3%5E%84%8C%87%16%14%C3%F1%8A%CA%85G0%06%D4%F1%F6Nb%8E8%A3%10%D0_%9B%2C%5E%8D%81%E0%FD%8C%60%D2%98%0B%5E%23%CE%03%0CEvI%0CWb+%5C%857%1A%7B%99%03%17%5CI%92S%AC%F9%09m%EE%EA%A1J%E0%C4%CA%3D%18%A5%DD%01%CD5Y%F1V%09%C0%B7%C3U%88%10G%C5%D3v%EB%22%A7%C2%3Cc%CF0%95m%C8%AF%DEL%86x%07JK%F0%F7%84%B7%9F%0A%F6%F3L%1F%92%B4PL%ABZ%1F%06%E3%BF%F5B%CD%FF%86%DC%ABn%40%24%2A
a4p.adpartner.pro/	1970-01-20 07:41:19	Name: apuid Value: 3cc50df4-4362-45d2-add4-d165cd81b791
.tapad.com/	1970-01-20 07:41:19	Name: TapAd_TS Value: 1664095031803
.tapad.com/	1970-01-20 07:41:19	Name: TapAd_DID Value: 4b01d2ad-a080-4595-bce9-a76b458b2df7
.tapad.com/	1970-01-20 07:41:19	Name: TapAd_3WAY_SYNCS Value:
.demdex.net/	1970-01-20 10:34:07	Name: demdex Value: 44557057200104597693809169099159366593
.weborama.fr/	1970-01-20 15:40:50	Name: AFFICHE_W Value: ZMtpxthRq9Bk37
.dpm.demdex.net/	1970-01-20 10:34:07	Name: dpm Value: 44557057200104597693809169099159366593
.adfarm1.adition.com/	1970-01-20 08:24:31	Name: UserID1 Value: 7147233735604566167
.casalemedia.com/	1970-01-20 15:00:31	Name: CMID Value: YzATNybOZelKALNEqf5GLgAA
.casalemedia.com/	1970-01-20 08:24:31	Name: CMPS Value: 4493
.casalemedia.com/	1970-01-20 08:24:31	Name: CMPRO Value: 4493
.ads.pubmatic.com/	1970-01-20 06:16:21	Name: KCCH Value: YES
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.krxd.net/	1970-01-20 10:34:07	Name: _kuid_ Value: PGYq2aLR
.agkn.com/	1970-01-20 15:00:31	Name: ab Value: 0001%3AOMgCp6JZKbVpeV3EsalmzSalmFOLTB%2B3
.tidaltv.com/	1970-01-20 15:00:31	Name: tidal_ttid Value: c3202e01-1cb6-4530-a4aa-41e387510801
.richaudience.com/	1970-01-20 08:24:31	Name: avcid-zeo-uid Value: 43443022-9278-47df-74d0-02d0cd579cca
.tidaltv.com/	1970-01-20 15:00:31	Name: sync-his Value: "H4sIAAAAAAAAADM0NjI1tDK0MAIA6118RgkAAAA="
.adtelligent.com/	1970-01-20 07:44:11	Name: vmuid Value: 30495de0f77f45e0
.adtelligent.com/	1970-01-20 07:44:11	Name: a307558 Value: 3cc50df4-4362-45d2-add4-d165cd81b791
.fwmrm.net/	1970-01-20 10:34:07	Name: _uid Value: "e364a_7147233739876610580"
.yahoo.com/	1970-01-20 15:00:52	Name: A3 Value: d=AQABBDgTMGMCEL4X3s3FqtBn-KJYEuwvdfkFEgEBAQFkMWM5YwAAAAAA_eMAAA&S=AQAAAswRtpfyfrNUwtWpyoO8Agk
.vsim.ua/	1970-01-20 15:36:31	Name: cto_bundle Value: x25tel93Vk84U2lyZTZaOExWVDFuM3ZrSVhHN2xwJTJCZ3FucmFiMVQwTWpsQW5xaURQMHVWQnN4N1BEWkNIVXFnYmtjTGR2UTJwaG9NU2JhUUU5MHJkMGRTREwlMkZtdjIzN205UmNFMjV3N2JvWU43dFklM0Q
.vsim.ua/	1970-01-20 15:36:31	Name: cto_bidid Value: SokSNl80JTJCdHBtV1p6dWQ1bkE5QnBrN1FOaDFZNFJOZ2ZsNWU1MVJJT3g2UHQxYXA2aiUyRmc3RU15aUNjcVAyblRTc1RlN0M3bFp3NFBYbm00dXRTSHVvMUJ2aWclM0QlM0Q
.casalemedia.com/	1970-01-20 08:24:31	Name: CMTS Value: 4425
.bidswitch.net/	1970-01-20 15:00:31	Name: tuuid Value: c1ead368-c661-4c97-8b44-d5422b1be219
.bidswitch.net/	1970-01-20 15:00:31	Name: c Value: 1664095032
.bidswitch.net/	1970-01-20 15:00:31	Name: tuuid_lu Value: 1664095032

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://leokross.com/vAW/aGeq.js Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
other	warning	URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D43443022-9278-47df-74d0-02d0cd579cca%26reqId%3Db7d4d801-d3a6-4d81-628c-5b2ebaa6d61e%26zdid%3D1361 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D43443022-9278-47df-74d0-02d0cd579cca%26reqId%3Db7d4d801-d3a6-4d81-628c-5b2ebaa6d61e%26zdid%3D1361 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://tags.bluekai.com/site/87734?id=43443022-9278-47df-74d0-02d0cd579cca&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=43443022-9278-47df-74d0-02d0cd579cca&reqId=b7d4d801-d3a6-4d81-628c-5b2ebaa6d61e&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
ad4m.at
ads.pubmatic.com
adservice.google.co.uk
adservice.google.com
ampcid.google.com
api.gravitec.media
bcp.crwdcntrl.net
beacon.krxd.net
cdn.ampproject.org
cdn.gravitec.media
cdn.gravitec.net
cdn.indexww.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d5199266011f08527e30864a2a64f8a5.safeframe.googlesyndication.com
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
engine.widespace.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.gravitec.net
id5-sync.com
idsync.frontend.weborama.fr
image6.pubmatic.com
js-sec.indexww.com
leokross.com
loadeu.exelator.com
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pixel.rubiconproject.com
pixel.tapad.com
player.adtelligent.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
region1.analytics.google.com
s.amazon-adsystem.com
securepubads.g.doubleclick.net
spl.zeotap.com
ssum-sec.casalemedia.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adtelligent.com
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.tidaltv.com
tags.bluekai.com
token.rubiconproject.com
tpc.googlesyndication.com
tracker_beam.20minut.ua
trc.taboola.com
unpkg.com
usermatch.krxd.net
vsim.ua
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
leokross.com
104.18.18.126
104.18.19.126
104.96.159.57
13.32.99.43
141.95.33.111
142.250.185.130
151.101.1.108
151.101.2.49
162.55.233.29
178.250.0.157
18.198.126.47
184.51.9.34
184.51.9.98
185.172.90.252
185.184.8.90
185.64.190.78
185.86.138.143
185.89.210.180
198.47.127.22
2001:4860:4802:34::36
212.82.100.182
23.227.139.243
2600:1f18:6593:f600:6d4e:4d08:83e5:8fa4
2606:4700:10::6816:1957
2606:4700:20::681a:bd1
2606:4700:3035::ac43:d201
2606:4700::6810:7eaf
2606:4700::6812:d4c
2a00:1450:4001:802::2001
2a00:1450:4001:806::2004
2a00:1450:4001:806::200e
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::2008
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2003
2a00:1450:4001:831::200d
2a00:1450:400c:c0a::9d
2a00:1450:400d:804::2002
2a00:1450:400d:80c::2002
2a00:1450:400d:80c::200a
2a02:2638::1c
2a02:6ea0:c700::10
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
2a04:4e42:200::300
2a05:d018:24:b001:bd35:2c7d:1af2:e9a4
2a05:d018:d29:3605:e8e1:b74:225e:e4ed
2a06:8640:454::2
3.120.20.226
3.218.193.24
3.33.220.150
31.41.216.82
34.111.131.239
34.247.1.169
34.98.67.61
35.214.184.209
35.227.248.159
37.157.4.40
45.133.44.3
45.133.44.4
51.83.220.94
52.212.110.18
52.30.136.252
52.30.33.235
52.46.128.147
52.51.174.182
52.95.115.196
54.205.25.10
69.173.144.138
69.173.144.165
85.114.159.93
92.123.9.160
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
07acae444a1054e7fa0031c294432332f630b3351b73b9010b3de594bc30e571
092cb8a7c234247243577529fa46f11c66216fb8c2b91a9e12d6bda73b739ed9
0a4c2ecf677f70d4d9d1b3ef31558bb18a0bee17b8f1f38ce5ca65f8871118ba
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0dc7a4b417c19ceca84024a95040c8f9157960405ffd09494f458bfb0eba43
131c0609dbbb803f60117b2b7cb6f228f31ad973802cb5f94eab9d1034a3d7d6
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1cc2bbaa90b3899f8fb8106cc45f49e74cc70e80dab7ab42e22a44ab69de4061
1f0c2b0a2c352645b53399aff7d600aef3a1d49377280b4dbe6d6d8cc291a935
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b4d484cac1487df99878a181ea821368c54632906c57427535f9f4e842125a6
2b742e2f0bbfdf4c4b4be399be1ccc596cc8d4f45d7a5f506fd949daa2707abd
2b97e46a5cd5da941d8fd49a3da94a844b704cdb6186bc9dfa34cb2e1900cbb6
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441
2dba54900b10d798dbd18a0d067b8256a3d3fa3597515cfb295cea1bda8c480f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f42c410eba2c4dc22b4c39f686000a1a7093a01b84551a19ffc30b26c72a86a
30015300955352764840758227634ade8cc98299ccadc46cf9f3f6681385a756
3282ed9387a9f8eefde74c704cad9627d505be40b2b2e71c7517e00f4e5e46ef
34b32035c62caeb6ba158476cdc55287421596f7db6cfc52ca84d7a7bede75aa
363f22dc397d2b8b6898610e9aad941e9a95e0a9a525e6d31191a7f89f282349
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
38bc6dd0b99d8f3192c498597062251b8ba7d580d600bb05833112438664a26c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f7395272e337bd77d47ff9ba8f42f01348f039527171842d0cd2f802e322721
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43232c97233f24fc246e2f80fe271132aaed1bb5094e9fcb0cd7193159f098cc
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
4794ee8f55c96958afc723aeb58936bf215622bd8f2c61ea8a3f842737ae2224
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a7ba87ff08127253564f6d997be58f8e11109edf659f6677f6af8f8459a69d7
4b7dae5b6b79db79b1f08c73aa1da73491c195fdfeda4287121443d712c58f5d
4d69bfe8ee79f9288bafffdd55e8d5260907e85cdbff714928b4e1d8daa6a2ce
50bea0a3f680879b29116467868628308e121412804e9928a1da61d540d1c4bb
514e6a53831907b552aa2654592ded59a3a07523e688c6c214020236566d88fa
523249a6a4524fbd4acbc3cbb3ae8a3182b1849936b7cb0646535dcd19947de9
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5bb89fcee3206612e53b94fccbbe6b7acf8d5ddef60943f2757d401b4d336289
5ee58d63b466de0f67a216954ad930f8cfa99fcb23b97c3c27e9c714520d2fa6
5f303a0de1cfe53713218d7f8b6d58cb3a85e0946f81cf0e4b79d1ce76e3a97b
5fbcc4ff94d56fb37b33e838466308a145e902acc9640acbfc529e7fe88f3d34
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623271e8c873fe29ec241ba7a856787aa39b9c91c7f166ebb2aa98e8a13c1446
6242fa366e970762eb4d706dc116e9c1ba361781c527a4c0efcec694624c83ae
66fbe356f6e297ef03954cdb269883d5352c2463a0d3367ade4b077088658ab5
673c79de9e33392bc95881a3d58488cf44e0509352a299e09bf119e2b09d170a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6db72c237bfc53e75b1428c680c24017fc569f5794837e9288fd8d740363a15a
6f135076aa23aa534996a5eb60fcfb80fbc363d694443e1cc981a3f70716915d
6ff6207bce1f7c4f45398e9266beeba966f3837dc0b41abc36feeb1dd43cc680
712827436e68e6ea4ae103e7f89dfcd76e7bb06a0a745867dda4b2a6e23c3a7b
72ce43cf7134f917bc3e69217aa4a76ebf2a258d6e3ec9816cccaa280d845f50
7c8e0c0cb289c706c0fc0d1f444e5440650c68f89b3bac77b031013cd9376d0f
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e5bb2f9ff71b743a5bcfe7da0868b078b92ec1fd5125777bc5bd8eadea52d87
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
812488d5f91106f21a34962cb6a4fc3c54ca9ecb68e888c60b04036014052387
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
88b263a05e0fa2a8084852de8152c02ade2b1cb33a2d9bbb780a2d9561e48c63
89d06ae06a1924e4d37d997747574ca1a13a4e10027b5ea299e727588e5f78a8
8a8d480b7d73186d7b9c6ffe5dde1ad7f2d272b07f7703a6a6961cbb773afbfb
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8a02b1b1759a6eb16615705ca8f1e754ec98f4e73c3d2d9b5e7d9027522d21
90d7a5754121570b0b1507615f7ab998ffaee55cc09c8bc51d2fd7c1b302cea5
91c51f424031f6d025726982227527bc60cdc06c4bbe948cda46c66c54c2a695
91fd054ab51af4adc6c2d0e7d45176e5ad26a8523231cc3dc9328f1352ac46b4
97142ca9b7470b40a00c7e09fbbdc838c1dc9dbefdaa2c2f57701e3f6ae9493f
976781a6b69b836769e66569658da0331231de13c91eeb66948cb035b91f8971
9976a53c60fa10eebb92eb813e79d085205a151a4c7cf2c11d715cc3fcabc5d9
9a62693b523955f6ddca2965c2e8be1a7bcb1d41e6e98f6834abf23f0090bed6
9b3d15910ea85878148af2fc4043f938a1237e7ea33a5daa6e78e877b0f2f0fd
9cd862ac8acb668c11f7d2f4aa7b7ae892aa8af0b64a59a17a89c7a2d5358253
9d1cb86ec27e86dfdefab39206fb510070d00b81d91f11ddc6720e3c62629d32
9d5a2fe4d562fcec6d3b3ebe2e064b26135b8fa72fd94c5f3623daedad726e72
9dec9a71e91eb40afddb6eb31357f7b4d5701523a2b3bff0bb992e808ad467f8
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a47331ddd26cd46d60cb09d45fd9c4a272d2bea45d15e91be47605f24ac4b23c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a519fd9ae7df4e17ceaea044096fe29df10b7158f41dc5e20b57e617372f318b
a6c2789e31f5d4550e07b5ccc80342d49e6fdd0d46bced0fd791cbe43f295731
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
ae45377af9d89238bdd28995edb79dc857c596ee256268874c5478e020807211
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b50736d5ec0097525d6ff80d1b680bbbec44ada253b9f2c8171d76ec1350c28e
b65bbedb0b9d7907fc3590c21968cfd265b8f2aba5c5c83c951d0dd1cb8c0cfa
b8b9e3e8e1276c694f2cb8c6957a36d9d8ec542a8fd8d2166ed58d6897aaaa30
baf6990d122f4438735a3b53c7a639fd3b4fbac42d4a5077e41beb6f27f4f47c
bb05b8e74876aef31c029d7a03cb845ddc794ad81e6d56a90a334ab24dff9e6c
bb81a3f6452967a392101c3127a76d8b5f22cafd70f8baa1046cc753aa5a0824
bc36c65f1dc213532add7eda26bfcf948894764eb17f1ef9c7ca14a296d3534c
bc9c2a692b2e51f7452889365de85134341d53f8d36539cdaef3a8277db2edd1
bf3151eb02230f6f505658b2df91cb14159810f9e4a083ce21920b76297a7989
c0f3f63b8aa81276ab867ee8172db9e3f7a03df59f3c868670c35cd7c635c762
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ba68d0f0fa78d9e5837e49cb8a30671143afa6d57cd2d40c2f0a85c9cc28b2
c3fe9fc2373b0e671dce8c4c814b41c9fbc25afde91400595d0514027bd26619
c47aba0fbc165e39d0f97097142fc943c05de5c566a596cd454e5978ed8f1e51
c4a862e4357489e3a52fd1c554ed21344001b35704217a2fd119fd44361e628f
c8ff86cac8a1151ce5aa4f85eb9481dc5bf7d16ed2df9b20c4b50aeecd7ef119
ca2da4362115518ffdfe27c6fa107bc239a879f36ff3e6bd5db0db5c4917c079
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf2e3d328bbdd313442dbefd32d519b6f086117c8d04d01c6fb58f9743e96112
d2c94adf35f70c7486977c43a4750bf1efd8f71e42f978035387154dd88e29f1
d35d07a1d35e8378e2caa15ad04eaf3c29b2b2136437a983b06e52119fccbcf3
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
d71bfc0d1a5784aeda48917a7c7d2aa2c77d37ec0657b23a858a91d7280d881a
d7cfe3368373f6c8dfd7bf5e05daa79430d32b878b311c83c7e8eddde4210da2
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
da80d5d67e564e0aae877774fdfc2f5c921f2f1704be1267513ca165728130aa
dbd991c12551f95524a9ca44db10706d942e698b9ef56d6111fe568c5cf193ef
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
dd6bfabd983e40a92cd350180c9a98cd9e3f282335f73b2c2537ba3d4c9332d8
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e39e41d9862cec7b5777e7a1ea5310856b3451f5569155f25c6ebeea372b4353
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ed244f14205a6a842b6079ca5fdd2ee68c836ea76d92ef9bde52ffcfdc305f
e51999eebc0b9e4ac7b5387bf86f7c05970eb7b77df960003955d399e232c5c1
e81753a8f9689cc6359d1219ef65e37e7827db414e82711378357de5377c18a7
e98501745c1500c02ede59eb329ac24f220509633741250b371199ecc9020ea8
e9c424eb31fac71d827f3497f4b2a92d9e7e4985db6ce7b379e74aa75fff7f50
ea74fd140fcbe09467d5b5774f7ca77509a76009d2bb7aebb99f4a1af5f7038b
eaf2c9137e521e1f030246115b742374c4594cc7facea8f516f19f44ffe05571
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
eccd88565d076df2201301bafbec831407665672e90f547f4de6c0cf850be75a
ed4c1680bc0bd84a88fa8ce7cd799b8941a8a28eb1de778b5254bf39d091a75e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fa058ce5fd598607573ff9194857267322682a83b3547840b211bce2ef4bd5c0
fae3caf75651a8caa33d9cb0e78fb20bcfde4f753c83a2905ef5c067ba56c36d

vsim.ua Open in urlscan Pro 2606:4700:3035::ac43:d201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

226 Requests

91 %HTTPS

42 %IPv6

57 Domains

83 Subdomains

67 IPs

11 Countries

3263 kBTransfer

8339 kBSize

51 Cookies

14 Outgoing links

Page URL History

Redirected requests

226 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vsim.ua Open in urlscan Pro
2606:4700:3035::ac43:d201 Public Scan

Screenshot
Live screenshot

Full Image

226
Requests

91 %
HTTPS

42 %
IPv6

57
Domains

83
Subdomains

67
IPs

11
Countries

3263 kB
Transfer

8339 kB
Size

51
Cookies

226 HTTP transactions
6 data transactions