urlscan.io logo urlscan.io
SecurityTrails logo

www.5.ua Open in urlscan Pro
104.18.3.230  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.5.ua/
Submission: On January 05 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 76 IPs in 15 countries across 71 domains to perform 297 HTTP transactions. The main IP is 104.18.3.230, located in and belongs to CLOUDFLARENET, US. The main domain is www.5.ua. The Cisco Umbrella rank of the primary domain is 374919.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 16th 2022. Valid for: a year.
This is the only time www.5.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
56 104.18.3.230 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 151.139.128.10 20446 (STACKPATH...)
3 45.133.44.4 7018 (ATT-INTER...)
1 185.187.81.35 43332 (IDSTRATEG...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 45.133.44.3 7018 (ATT-INTER...)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a0c:5c81:514... 55081 (24SHELLS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.206.246.212 14618 (AMAZON-AES)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.197.98.98 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
2 2602:803:c003... 26667 (RUBICONPR...)
4 34.98.64.218 396982 (GOOGLE-CL...)
1 185.184.8.90 204995 (RTB-HOUSE...)
1 2 185.172.90.252 49981 (WORLDSTREAM)
1 104.18.33.19 13335 (CLOUDFLAR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 80.77.87.163 46636 (NATCOWEB)
3 62.149.1.122 15497 (COLOCALL ...)
2 2 54.38.197.123 16276 (OVH)
1 216.52.2.19 32475 (SINGLEHOP...)
1 35.214.184.209 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 107.20.147.136 14618 (AMAZON-AES)
1 4 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
13 22 172.217.18.2 15169 (GOOGLE)
4 12 185.80.39.216 27381 (CASALE-MEDIA)
6 8 37.252.171.84 29990 (ASN-APPNEX)
2 2a00:1450:400... 15169 (GOOGLE)
30 2a00:1450:400... 15169 (GOOGLE)
4 172.217.20.2 15169 (GOOGLE)
1 82.113.101.132 6805 (TDDE-ASN1)
1 3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
6 3.33.220.150 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
2 3 2a05:d018:d29... 16509 (AMAZON-02)
4 4 213.19.147.44 26120 (RHYTHMONE)
1 185.86.139.104 201081 (SMARTADSE...)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
2 162.19.138.118 16276 (OVH)
2 172.64.151.162 13335 (CLOUDFLAR...)
2 23.203.124.192 16625 (AKAMAI-AS)
2 104.96.145.246 16625 (AKAMAI-AS)
1 162.19.138.83 16276 (OVH)
3 172.64.154.237 13335 (CLOUDFLAR...)
1 2 185.64.190.78 62713 (AS-PUBMATIC)
2 2 185.29.134.248 30419 (MEDIAMATH...)
2 35.244.159.8 15169 (GOOGLE)
2 2 2620:116:800d... 16509 (AMAZON-02)
3 3 37.157.6.245 198622 (ADFORM)
3 5 52.46.130.91 16509 (AMAZON-02)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 2 35.204.74.118 396982 (GOOGLE-CL...)
1 1 64.202.112.255 23352 (SERVERCEN...)
16 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
2 2 213.155.156.184 1299 (TWELVE99 ...)
3 5 54.239.33.159 16509 (AMAZON-02)
1 1 54.243.58.43 14618 (AMAZON-AES)
5 5 52.50.17.128 16509 (AMAZON-02)
1 1 185.86.137.131 201081 (SMARTADSE...)
1 1 198.148.27.139 19189 (PULSEPOINT)
2 2 151.101.2.49 54113 (FASTLY)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.214.223.115 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS)
1 5.161.47.120 213230 (HETZNER-C...)
1 72.251.245.179 32475 (SINGLEHOP...)
1 1 141.94.240.141 16276 (OVH)
1 1 141.94.170.64 16276 (OVH)
2 54.194.186.27 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 3 3.74.124.115 16509 (AMAZON-02)
1 1 52.29.237.148 16509 (AMAZON-02)
1 1 18.156.0.31 16509 (AMAZON-02)
2 198.47.127.20 62713 (AS-PUBMATIC)
1 98.98.134.242 21859 (ZEN-ECN)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
6 8 69.173.144.138 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
297 76
56    104.18.3.230 (None, )

ASN13335 (CLOUDFLARENET, US)
www.5.ua
4    2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn.shareaholic.net
m9m6e2w5.stackpathcdn.com
3    45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
cdn.gravitec.net
cdn.gravitec.media
1    185.187.81.35 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
piguiqproxy.com
1    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
player.adtcdn.com
3    45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
player.adtelligent.com
8    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:400d:804::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
1    2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:400d:80d::200e (Ireland)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    34.206.246.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-246-212.compute-1.amazonaws.com
analytics.shareaholic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
1    54.197.98.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-98-98.compute-1.amazonaws.com
www.shareaholic.net
4    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
2    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adtelligent-d.openx.net
eu-u.openx.net
us-u.openx.net
1    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
2    185.172.90.252 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
1    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
ampcid.google.de
1    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
3    62.149.1.122 (Vyshhorod, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
sync.adtelligent.com
2    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
1    216.52.2.19 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    35.214.184.209 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 209.184.214.35.bc.googleusercontent.com
api.gravitec.media
7    2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
1    107.20.147.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-147-136.compute-1.amazonaws.com
partner.shareaholic.com
4    2a00:1450:400d:806::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
22    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
22    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
22    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
cm.g.doubleclick.net
12    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
8    37.252.171.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
30    2a00:1450:400d:80e::2006 (Ireland)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    172.217.20.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s28-in-f2.1e100.net
googleads4.g.doubleclick.net
1    82.113.101.132 (Hesse, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de
portal.o2online.de
3    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
casale-match.dotomi.com
pubmatic-match.dotomi.com
6    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    85.114.159.93 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    2a05:d018:d29:3601:8218:ef5f:5750:723c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
2    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    23.203.124.192 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
lb.eu-1-id5-sync.com
3    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum.casalemedia.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
eu-u.openx.net
2    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
5    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    64.202.112.255 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
16    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.184 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com
d5p.de17a.com
5    54.239.33.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    54.243.58.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-58-43.compute-1.amazonaws.com
sync.srv.stackadapt.com
5    52.50.17.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-17-128.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    5.161.47.120 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.120.47.161.5.clients.your-server.de
matching.truffle.bid
1    72.251.245.179 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    141.94.240.141 (France)

ASN16276 (OVH, FR)
PTR: bixel-12.cloudy.ovh
green.erne.co
1    141.94.170.64 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh
pixel-eu.onaudience.com
2    54.194.186.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-186-27.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
3    3.74.124.115 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-124-115.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    52.29.237.148 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-237-148.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
1    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
8    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
Apex Domain
Subdomains		 Transfer
56 5.ua
www.5.ua — Cisco Umbrella Rank: 374919
1 MB
48 googlesyndication.com
f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 187
pagead2.googlesyndication.com — Cisco Umbrella Rank: 145
331 KB
42 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285
stats.g.doubleclick.net — Cisco Umbrella Rank: 179
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
cm.g.doubleclick.net — Cisco Umbrella Rank: 321
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 395
293 KB
30 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 362
633 KB
23 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 739
ads.pubmatic.com — Cisco Umbrella Rank: 741
image6.pubmatic.com — Cisco Umbrella Rank: 996
simage2.pubmatic.com — Cisco Umbrella Rank: 882
image2.pubmatic.com — Cisco Umbrella Rank: 1316
image4.pubmatic.com — Cisco Umbrella Rank: 1480
simage4.pubmatic.com — Cisco Umbrella Rank: 1564
32 KB
16 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 760
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 843
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 690
dsum.casalemedia.com — Cisco Umbrella Rank: 2369
13 KB
12 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 716
eus.rubiconproject.com — Cisco Umbrella Rank: 832
token.rubiconproject.com — Cisco Umbrella Rank: 858
pixel.rubiconproject.com — Cisco Umbrella Rank: 452
15 KB
11 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 7640
ghb.adtelligent.com — Cisco Umbrella Rank: 6213
sync.adtelligent.com — Cisco Umbrella Rank: 5351
145 KB
10 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 396
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 977
7 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 318
secure.adnxs.com — Cisco Umbrella Rank: 670
8 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 142
ampcid.google.com — Cisco Umbrella Rank: 2427
region1.analytics.google.com — Cisco Umbrella Rank: 4057
www.google.com — Cisco Umbrella Rank: 16
3 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 456
2 KB
6 openx.net
adtelligent-d.openx.net — Cisco Umbrella Rank: 31156
eu-u.openx.net — Cisco Umbrella Rank: 2786
us-u.openx.net — Cisco Umbrella Rank: 698
2 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 814
2 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 446
mug.criteo.com — Cisco Umbrella Rank: 1856
dis.criteo.com — Cisco Umbrella Rank: 903
2 KB
5 google.de
adservice.google.de — Cisco Umbrella Rank: 5450
www.google.de — Cisco Umbrella Rank: 3658
ampcid.google.de — Cisco Umbrella Rank: 52661
2 KB
4 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 723
ups.analytics.yahoo.com — Cisco Umbrella Rank: 405
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
169 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 411
1 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 20128
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30309
740 B
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 871
1 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 791
2 KB
3 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5103
casale-match.dotomi.com — Cisco Umbrella Rank: 5196
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4330
387 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1114
530 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1178
s.tribalfusion.com — Cisco Umbrella Rank: 2747
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 918
751 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6509
562 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1282
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1004
984 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 679
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 980
cdn.indexww.com — Cisco Umbrella Rank: 2921
2 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 522
1 KB
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1085
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 721
835 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1903
1 KB
2 gstatic.com
fonts.gstatic.com
38 KB
2 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 11623
515 B
2 gravitec.media
cdn.gravitec.media — Cisco Umbrella Rank: 56643
api.gravitec.media — Cisco Umbrella Rank: 40542
2 KB
2 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 7381
854 B
2 shareaholic.com
analytics.shareaholic.com — Cisco Umbrella Rank: 36017
partner.shareaholic.com — Cisco Umbrella Rank: 40441
640 B
2 stackpathcdn.com
m9m6e2w5.stackpathcdn.com — Cisco Umbrella Rank: 38378
79 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
20 KB
2 gravitec.net
cdn.gravitec.net — Cisco Umbrella Rank: 23097
19 KB
2 shareaholic.net
cdn.shareaholic.net — Cisco Umbrella Rank: 39270
www.shareaholic.net — Cisco Umbrella Rank: 34833
7 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 520
fonts.googleapis.com — Cisco Umbrella Rank: 127
31 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
128 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 840
708 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4735
463 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3231
555 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 1147
518 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 963
191 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 10408
323 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3376
382 B
1 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 12486
732 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 14488
367 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1952
283 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 8778
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6635
280 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1202
226 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 821
553 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1014
613 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 775
309 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 3635
419 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1403
395 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1675
577 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 3008
173 B
1 o2online.de
portal.o2online.de — Cisco Umbrella Rank: 62411
635 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 866
277 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1341
672 B
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5452
171 B
1 adtcdn.com
player.adtcdn.com — Cisco Umbrella Rank: 39171
1 KB
1 piguiqproxy.com
piguiqproxy.com — Cisco Umbrella Rank: 462139
401 B
297 71
Domain Requested by
56 www.5.ua www.5.ua
30 s0.2mdn.net www.5.ua
s0.2mdn.net
22 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
eu-u.openx.net
22 pagead2.googlesyndication.com f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
www.googletagservices.com
22 tpc.googlesyndication.com www.5.ua
f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
12 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
11 simage2.pubmatic.com ads.pubmatic.com
8 securepubads.g.doubleclick.net www.5.ua
www.googletagservices.com
securepubads.g.doubleclick.net
6 match.adsrvr.org f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
eu-u.openx.net
ssum-sec.casalemedia.com
ads.pubmatic.com
6 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
6 googleads.g.doubleclick.net f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
www.5.ua
5 match.prod.bidr.io 5 redirects
5 aax-eu.amazon-adsystem.com 3 redirects ads.pubmatic.com
5 image2.pubmatic.com ads.pubmatic.com
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
5 ghb.adtelligent.com player.adtelligent.com
4 pixel.rubiconproject.com 2 redirects
4 token.rubiconproject.com 4 redirects
4 googleads4.g.doubleclick.net www.5.ua
4 www.google.com 1 redirects www.5.ua
tpc.googlesyndication.com
f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
4 f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.googletagservices.com www.5.ua
f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
3 x.bidswitch.net 3 redirects
3 c1.adform.net 3 redirects
3 eu-u.openx.net player.adtelligent.com
eu-u.openx.net
3 sync.1rx.io 3 redirects
3 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
3 sync.adtelligent.com player.adtelligent.com
www.5.ua
3 player.adtelligent.com player.adtcdn.com
player.adtelligent.com
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net ads.pubmatic.com
2 sync-tm.everesttech.net 2 redirects
2 d5p.de17a.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 secure.adnxs.com 2 redirects
2 us-u.openx.net eu-u.openx.net
2 cms.quantserve.com 2 redirects
2 sync.mathtag.com 2 redirects
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
2 eus.rubiconproject.com player.adtelligent.com
eus.rubiconproject.com
2 ads.pubmatic.com player.adtelligent.com
ads.pubmatic.com
2 id5-sync.com player.adtelligent.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 a4p.adpartner.pro 2 redirects
2 pbjs.e-planning.net 1 redirects www.5.ua
2 fastlane.rubiconproject.com player.adtelligent.com
2 www.google.de www.5.ua
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 m9m6e2w5.stackpathcdn.com cdn.shareaholic.net
2 www.google-analytics.com www.googletagmanager.com
www.5.ua
2 cdn.gravitec.net www.5.ua
cdn.gravitec.net
2 www.googletagmanager.com www.5.ua
www.googletagmanager.com
1 simage4.pubmatic.com ads.pubmatic.com
1 px.ads.linkedin.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 ups.analytics.yahoo.com 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 pixel-eu.onaudience.com 1 redirects
1 green.erne.co 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 b1sync.zemanta.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 s.company-target.com 1 redirects
1 lb.eu-1-id5-sync.com player.adtelligent.com
1 js-sec.indexww.com player.adtelligent.com
1 ssbsync.smartadserver.com f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com 1 redirects
1 tr.blismedia.com f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
1 dclk-match.dotomi.com f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
1 portal.o2online.de
1 fonts.googleapis.com tpc.googlesyndication.com
1 partner.shareaholic.com m9m6e2w5.stackpathcdn.com
1 api.gravitec.media cdn.gravitec.media
1 ap.lijit.com www.5.ua
1 cs.admanmedia.com 1 redirects
1 ampcid.google.de www.google-analytics.com
1 cdn.gravitec.media cdn.gravitec.net
1 hbopenbid.pubmatic.com player.adtelligent.com
1 htlb.casalemedia.com player.adtelligent.com
1 prebid-eu.creativecdn.com player.adtelligent.com
1 adtelligent-d.openx.net player.adtelligent.com
1 www.shareaholic.net cdn.shareaholic.net
1 region1.analytics.google.com www.googletagmanager.com
1 analytics.shareaholic.com m9m6e2w5.stackpathcdn.com
1 ampcid.google.com www.google-analytics.com
1 player.adtcdn.com www.5.ua
1 piguiqproxy.com www.5.ua
1 cdn.shareaholic.net www.5.ua
1 ajax.googleapis.com www.5.ua
297 113

This site contains links to these domains. Also see Links.

Domain
facebook.com
t.me
twitter.com
www.youtube.com
Subject Issuer Validity Valid
5.ua
Sectigo RSA Domain Validation Secure Server CA		 2022-05-16 -
2023-05-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
cdn.shareaholic.net
R3		 2022-11-07 -
2023-02-05		 3 months crt.sh
*.gravitec.net
AlphaSSL CA - SHA256 - G2		 2022-03-22 -
2023-04-23		 a year crt.sh
piguiqproxy.com
R3		 2022-12-28 -
2023-03-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-16 -
2023-06-16		 a year crt.sh
player.adtelligent.com
R3		 2022-11-18 -
2023-02-16		 3 months crt.sh
*.stackpathcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-04 -
2023-05-31		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-12-03 -
2023-03-03		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
shareaholic.com
Amazon		 2022-06-01 -
2023-06-29		 a year crt.sh
www.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.shareaholic.net
R3		 2022-12-15 -
2023-03-15		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
cdn.gravitec.media
R3		 2022-11-22 -
2023-02-20		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-11-25 -
2023-02-23		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
api.gravitec.media
R3		 2022-12-13 -
2023-03-13		 3 months crt.sh
*.shareaholic.com
R3		 2022-12-11 -
2023-03-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.o2online.de
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-11 -
2023-03-08		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-12-14 -
2023-03-14		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
truffle.bid
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh

This page contains 42 frames:

Primary Page: https://www.5.ua/
Frame ID: 0860ED994F147A86A526109530E42565
Requests: 143 HTTP requests in this frame

Frame: https://www.5.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1672891200
Frame ID: 63DB7D33A51BA7501A3D1BB6C08D1040
Requests: 3 HTTP requests in this frame

Frame: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BC7F9CB64614B5627335EFC3F71D5868
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=737612&extuid=36be522c-2e72-492a-bd07-772ee3080e08
Frame ID: B980B8CA1CA1B0D2882437D3FB9B887A
Requests: 1 HTTP requests in this frame

Frame: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EE730FFF29160597B523B5960ECDDB36
Requests: 8 HTTP requests in this frame

Frame: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6484E25351C4E2F3793F2AEC3B1F28AE
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10957452735446956112/index.html
Frame ID: 5037EFA61DDF9E26C53A1CE73CF28D62
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjj8_zbATAB&v=APEucNUmDljkBU_nB4hGK-cn48K36y3p5Us9jJyeg3S5j8x_oIa68OmtCdBl8qfbWjCBDdX-hwl92GmmVYGqIyRKEYmg4Zcf3qcOTglEfU5NDTisdOBUEo9ldbgaFEE4ubvSudokAInKuHmQI3X2Z_7Li8czuhxtCYTSkoFl7sSdF7_pnOxJs24
Frame ID: 6362E2ABFBC5ACB3DE574A658D8A7AFB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 954A9329CF792706CE6AF9024BDABC6B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 92C17AE49EB2F68B66FDAD15D326D7B1
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/309242491310178304/728x090.html?e=69&leftOffset=0&topOffset=0&c=Lw1zVz4R8e&t=1&renderingType=2&ev=01_247
Frame ID: 9DF8F12020900C3BA1C370AC3E5FDE13
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Frame ID: C9EBF9C86BDCA36281B63C768AFA015B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F49B6BD0523B9001AC896D7D2BA13C44
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 07401944F4AFDF81290213DB24D628EF
Requests: 2 HTTP requests in this frame

Frame: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B7B4C421BA62492BC08368F141AE2B7E
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNXfGl0-zWSISL_eFVfTQAIImdFT1FTyf5Lq8RHxOeAqE8BCEj_Eu_uJ0LbZkCV_z51XIhM2E9ex79MDpHx8w50jeg6izllzai7_nTDYKTOJ96DJHqEdwtdnfwl45PK2VYyb_si71d2dgBzWdW_vdY4doXlOiA6-8aOhDUMgUjCmEelCZ5E
Frame ID: 27E87A7F873413726F0048D8E04DFE25
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BD4B9F2E4B9D0B2B783CD1ADF3F58605
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CA62C08F2E7A63DD8C72FC7696984CD6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Frame ID: 8AB0BDDD4666826FECAC8D8C21ECFECF
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Frame ID: B0B7BD1E574C0D6C63442E5AD1B52FE5
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F597821800E7F1191F7FFF72B0414EBA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Frame ID: CC55FF07CEBFC72274FC16F563F660A5
Requests: 20 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: BB609E1ECA4649AF0374FF9E792F40F5
Requests: 10 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Frame ID: 2B64DDF2FEF6974113E7943EF6D133D0
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.5.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: BF4C791FE8C6EE02630103223E06EBBF
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:deb163b6-5f51-4e00-b9ab-d7aed77c1b1e&gdpr=0&gdpr_consent=
Frame ID: FE9978C60F2AEC9EE7DD32110457088B
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 2C100B286CA2FD5A1451554F67698A8F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5629904225184182919
Frame ID: 506A9FE7AF085A6453589DD0D161F814
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2442E5AB-EF0A-4AA4-AB7A-5B1CC639F137&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 3CB91A36A6FC232E85061BF0F47D5E06
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=676450427082335072&gdpr=0&gdpr_consent=
Frame ID: 2816B6EE377DD8920A3AC70ED493A873
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=sMbqdbOTvXKrlL4ntMKlJuWQ63urwrp15MJ89_q2
Frame ID: 9117F520DC28640247D13D431A278A14
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7185035052727859341&gdpr=0&gdpr_consent=
Frame ID: A6D24DD93117FA7FF728EF96C34FBCBE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=uuFo1HRxRQtssnns_piJSrKi0YY
Frame ID: DA0B30D4878932ED20CF94C546C561DD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAvlU7HbL8AACFwRP-96A&gdpr=0&gdpr_consent=
Frame ID: 5AFEC34AD3E07FBF3A515998D4361F13
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y7ZfUQAAAUuWewAZ&gdpr=0&gdpr_consent=&_test=Y7ZfUQAAAUuWewAZ
Frame ID: 3575EC3B4761FCA94EF33623FBF165B4
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 761568187A1BA7882021185BB2315B33
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: FE6BCD304542640DDE7B0C9CD28795CD
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5558225678
Frame ID: 8AF6EC50C82DAC5A419DA41766D5E6D2
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 9B2B6470939FD53924027B2A96881C45
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 970218DA5925A2E6B6F86E2E0AA59A8C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 3D6DB1C3A159C380A2F21397A1982207
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=59a21eaa47ad8d5c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DuroLIz3lVRgXbnggWTgQSQVj
Frame ID: 541D2FEEC10A3205734500265B992BF4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Перший український інформаційний телеканал "5 канал" - останні новини дня в Україні та світі

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

297
Requests

86 %
HTTPS

31 %
IPv6

71
Domains

113
Subdomains

76
IPs

15
Countries

3212 kB
Transfer

6928 kB
Size

97
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/www.5.ua/ROS?rnd=0.47624764144671183&e=300x250_0%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.5.ua%2F&pbv=6.25.4&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.5.ua%2F&gdpr=0&e_pubcid=709927c9-98d9-4834-afc9-250fc7ab73ed HTTP 302
  • https://pbjs.e-planning.net/hb/1/2e43c/1/www.5.ua/ROS?ct=1&r=pbjs&rnd=0.47624764144671183&e=300x250_0%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.5.ua%2F&pbv=6.25.4&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.5.ua%2F&gdpr=0&e_pubcid=709927c9-98d9-4834-afc9-250fc7ab73ed
Request Chain 104
  • https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=737612&extuid=36be522c-2e72-492a-bd07-772ee3080e08
Request Chain 105
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=de3ab0e8-9db0-40ba-a546-c21297bb2987
Request Chain 138
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 142
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC-znfZxM48vAM9WcJYwoJo&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC-znfZxM48vAM9WcJYwoJo&google_cver=1&C=1
Request Chain 143
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y7ZfTxeSYUWkX5XdL8vMqgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDNFIvabCpkeiSe2XR2lbyE&google_cver=1
Request Chain 144
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEAa2C-QOHl4FAdBWJ9rOIw&google_cver=1
Request Chain 145
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc2NDUwNDI3MDgyMzM1MDcy
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIXnNLoNHdOpo13jVtIjMHc&google_cver=1
Request Chain 210
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y7ZfTxeSYUWkX5XdL8vMqgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIXnNLoNHdOpo13jVtIjMHc&google_cver=1
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENcvvm-TGv-otj6X2qAZmQg&google_cver=1
Request Chain 212
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc2NDUwNDI3MDgyMzM1MDcy
Request Chain 223
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGhabfCdSjTEaBBIqsFB3os&google_cver=1&google_push=AavPq0PIlDovEWMc3B4a2Z03mzX1_cgvFXls0ZzUcdbghXLA8v0Z3tSFCa6aYNlhtPvOY_Wm0Osegq9lYA3sL_QitjBvzFYhMPl6pqg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4NTAzNTA1MjcyNzg1OTM0MQ%3D%3D&google_push=AavPq0PIlDovEWMc3B4a2Z03mzX1_cgvFXls0ZzUcdbghXLA8v0Z3tSFCa6aYNlhtPvOY_Wm0Osegq9lYA3sL_QitjBvzFYhMPl6pqg
Request Chain 224
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPWULZQ4dg-3qXEUP5jzwAM&google_cver=1&google_push=AavPq0PwR_jl7DcPk1o0VFRCOsga5jqBkRC0s9mx4yKuKC-brZdKi8iM78r7C5IwI1eH4Zu37tSDdD-VKt6ReOeEZk-HK0MRLF4EoNU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PwR_jl7DcPk1o0VFRCOsga5jqBkRC0s9mx4yKuKC-brZdKi8iM78r7C5IwI1eH4Zu37tSDdD-VKt6ReOeEZk-HK0MRLF4EoNU&google_hm=eS1QSkw4c2F0RTJwSHVlYTl2SkdaYnBVbWxwcjFpRGVYYn5B
Request Chain 225
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEMnJ5_RC74ioZD3TaehWhFg&google_cver=1&google_push=AavPq0NbyaUUV7QdZmsVqE59W9VtOvm5raQx45p1XDs0u4tBOc9u5IE7_qieOwNXZlweE34gKTLDXo0HYB9bNLex1oC0h4sZU57lQ34 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0NbyaUUV7QdZmsVqE59W9VtOvm5raQx45p1XDs0u4tBOc9u5IE7_qieOwNXZlweE34gKTLDXo0HYB9bNLex1oC0h4sZU57lQ34&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1672896336441 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3544cd3f-0e79-417d-acf9-c80289f78611-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0NbyaUUV7QdZmsVqE59W9VtOvm5raQx45p1XDs0u4tBOc9u5IE7_qieOwNXZlweE34gKTLDXo0HYB9bNLex1oC0h4sZU57lQ34%26google_hm%3DAzVEzT8OeUF9rPnIAon3hhE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NbyaUUV7QdZmsVqE59W9VtOvm5raQx45p1XDs0u4tBOc9u5IE7_qieOwNXZlweE34gKTLDXo0HYB9bNLex1oC0h4sZU57lQ34&google_hm=AzVEzT8OeUF9rPnIAon3hhE
Request Chain 257
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.5.ua%2F&domain=www.5.ua&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=nwPne3x6eFlpaFYxNkhldTdKSVBTWmQ2emNBZUgzYnpxY0ptT2NDQWI1V0plaElMTWxWZTIzNjBSeHFCcGdJcXkvV2lVc01TbXRhTTFuMDgxd2VYZE5jaHlRZUNjcEtkVk5BYXA0SFg1VHBTSFNIRVNtdWhiUmFZQ25oQ3JqRTQvZGhxYklwS1ZHTnFlNDNnNlhiMFNwUnVHZUJKcnVLdW9SblBYWkJLN1ZFLzBDaUg0eWtqU1lVSVdXTHI1d29RaXVydDQrSUcwSlZzdzdvb0d1S0F0S2d6WnJtN3ZpdG1kTUh1djFXaW9FRFphZm5JPXw&cppv=2
Request Chain 263
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=de3ab0e8-9db0-40ba-a546-c21297bb2987
Request Chain 269
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=deb163b6-5f51-4e00-b9ab-d7aed77c1b1e
Request Chain 270
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=5tY9vOWDarv9hGnu4tJy77OAPLL90m28stIFnJWZ
Request Chain 271
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=317197294686922848
Request Chain 274
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKj2COr9ipjTdGvPGY6oCZk&google_cver=1
Request Chain 276
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7ZfTxeSYUWkX5XdL8vMqgAABKgAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7ZfTxeSYUWkX5XdL8vMqgAABKgAAAIB&dcc=t
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y7ZfTxeSYUWkX5XdL8vMqgAABKgAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELBuEim-Ue01VhB-FbLLl44&google_cver=1
Request Chain 279
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=676450427082335072
Request Chain 280
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688534737&external_user_id=11dfedce-d9e0-4350-95cb-a9adabc07ab4
Request Chain 281
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1672982737
Request Chain 282
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F945E5E7C9014BE5B895748E8E8155E4
Request Chain 283
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 285
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:deb163b6-5f51-4e00-b9ab-d7aed77c1b1e&gdpr=0&gdpr_consent=
Request Chain 287
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5629904225184182919
Request Chain 288
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2442E5AB-EF0A-4AA4-AB7A-5B1CC639F137&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2442E5AB-EF0A-4AA4-AB7A-5B1CC639F137&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 289
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=676450427082335072&gdpr=0&gdpr_consent=
Request Chain 290
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=sMbqdbOTvXKrlL4ntMKlJuWQ63urwrp15MJ89_q2
Request Chain 291
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7185035052727859341&gdpr=0&gdpr_consent=
Request Chain 292
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=uuFo1HRxRQtssnns_piJSrKi0YY
Request Chain 293
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBdmxVN0hiTDhBQUNGd1JQLTk2QQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAvlU7HbL8AACFwRP-96A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=6321717678548239805&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAvlU7HbL8AACFwRP-96A&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D6321717678548239805%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=6321717678548239805&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAAvlU7HbL8AACFwRP-96A&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAvlU7HbL8AACFwRP-96A&gdpr=0&gdpr_consent=
Request Chain 294
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y7ZfUQAAAUuWewAZ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y7ZfUQAAAUuWewAZ&gdpr=0&gdpr_consent=&_test=Y7ZfUQAAAUuWewAZ
Request Chain 295
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 296
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 297
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5558225678
Request Chain 301
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=59a21eaa47ad8d5c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DuroLIz3lVRgXbnggWTgQSQVj
Request Chain 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JELlq-8KSqSrelscxjnxNw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 305
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3480789843 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=2442E5AB-EF0A-4AA4-AB7A-5B1CC639F137
Request Chain 306
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjQ0MkU1QUItRUYwQS00QUE0LUFCN0EtNUIxQ0M2MzlGMTM3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGWZPpqKj1taiD9krQPekQw&google_cver=1
Request Chain 309
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2649236990834704171
Request Chain 311
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=90db56a6-966e-4c7e-8558-261dbdeed50b&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_5401767b-13d8-4e7b-a46f-fa5088bc1436&bsw_param=90db56a6-966e-4c7e-8558-261dbdeed50b&expires=10 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=90db56a6-966e-4c7e-8558-261dbdeed50b&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 313
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2442E5AB-EF0A-4AA4-AB7A-5B1CC639F137&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bYghdadE2uWgHw5ntgHV5pRsjQGn6XU-~A&gdpr=0&gdpr_consent=
Request Chain 316
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8734336780255461372&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 317
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f6d9d697-0d1d-4dd5-915b-e5151dd3a37f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 318
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=676450427082335072
Request Chain 319
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCINA8VO-G-2REF&gdpr=0
Request Chain 320
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/kx89-_VQuo5HxOwJcgnh-A?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WDZyvYRE2oJAsiYacskscvZw584Tfq0CmabYog--~A
Request Chain 322
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjA5OGNkNDI3MDkwZGYyNWE2NzFiZDJkMzkyNTdjNDY4ODRhNDhkMw&gdpr=0
Request Chain 323
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEYlU09JkMBu7l9v40jNB50&google_cver=1
Request Chain 324
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TKOq58VKTi2vM_quJc1LPQ&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TKOq58VKTi2vM_quJc1LPQ&gdpr=0
Request Chain 325
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJTkE4Vk8tRy0yUkVG&gdpr=0
Request Chain 326
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xduXkeduRmSvamQ8UmcxTQ&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=xduXkeduRmSvamQ8UmcxTQ&gdpr=0

297 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.5.ua/ 		565 KB
82 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.5.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33
Resource Hash
24ebcc81894ac925466007b90ac5f7e8455e221d701cec6663ac3bf4e335e1c3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7849cb444d9bbb73-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 05 Jan 2023 05:25:33 GMT
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.0.33
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac3a5ec9e9c5897a10256c95f5fe5e7041ca9368b63cbef90b251b168c9f6ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27560
x-xss-protection
0
server
sffe
etag
"1442 / 331 of 1000 / last-modified: 1672873566"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 05 Jan 2023 05:25:33 GMT
styles.min.css
www.5.ua/css/ 		206 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.5.ua/css/styles.min.css?v=1627989472
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30ef096d2b66273cca0587deaf779cad9dc118678116385a138ad61eeb9e61a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Aug 2021 11:17:52 GMT
server
cloudflare
age
14296
etag
W/"610925e0-337b1"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
7849cb45ef43bb73-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 05 Jan 2024 05:25:33 GMT
roboto-bold-webfont.woff2
www.5.ua/fonts/roboto/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.5.ua/fonts/roboto/roboto-bold-webfont.woff2
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
761c95dd192a81733d024d9f644d9b531c358f0f0ea83e9fd6211b6bd424873d

Request headers

Referer
https://www.5.ua/
Origin
https://www.5.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:33 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Sep 2021 15:13:15 GMT
server
cloudflare
age
911851
etag
"6138d30b-f758"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb45ef45bb73-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63320
expires
Fri, 05 Jan 2024 05:25:33 GMT
roboto-regular-webfont.woff2
www.5.ua/fonts/roboto/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.5.ua/fonts/roboto/roboto-regular-webfont.woff2
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7b26ac53700f78f8a452be6d14f14943e88dceb14edf64cddceba6e66f3f5e

Request headers

Referer
https://www.5.ua/
Origin
https://www.5.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:33 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Sep 2021 15:13:15 GMT
server
cloudflare
age
1167082
etag
"6138d30b-f7b4"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb45ef47bb73-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63412
expires
Fri, 05 Jan 2024 05:25:33 GMT
helioscond-bold-webfont.woff2
www.5.ua/fonts/helioscond/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.5.ua/fonts/helioscond/helioscond-bold-webfont.woff2
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d568f192c576f136afeeb596dce1070cfd9bea7dcb1ea7b591da7ba4ff6b127f

Request headers

Referer
https://www.5.ua/
Origin
https://www.5.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:33 GMT
cf-cache-status
HIT
last-modified
Wed, 11 Jan 2017 15:03:15 GMT
server
cloudflare
age
1166853
etag
"58764933-4370"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb45ef48bb73-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17264
expires
Fri, 05 Jan 2024 05:25:33 GMT
head_js-modernizr.min.js
www.5.ua/js/core/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5.ua/js/core/head_js-modernizr.min.js
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9bed3de8b4f55f925c2cead7b90ed8c50ee72259f9d1ce50aa466ba33ae459a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Thu, 05 Jan 2023 05:25:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Jan 2017 14:25:35 GMT
server
cloudflare
age
439
etag
W/"588a06df-3f51"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7849cb45ef49bb73-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 05 Jan 2024 05:25:33 GMT
gtm.js
www.googletagmanager.com/ 		140 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TKCD28
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2ae1c1855c373ca71a101e03de3e7b7581d7c3174c86b82abdd1c07030a6e22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53993
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Jan 2023 05:25:33 GMT
logo-dv.svg
www.5.ua/img/logo/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/img/logo/logo-dv.svg
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
073b41d117e725870f33ec4a4f111e1744d17ad9a81c33d98c4c5b1e9469d51e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Sep 2020 13:11:59 GMT
server
cloudflare
age
14062
etag
W/"5f5f6c1f-db6"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
7849cb463b732bd3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 05 Jan 2024 05:25:33 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 21:12:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29725
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 21:12:51 GMT
yii.js
www.5.ua/assets/913ab605/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5.ua/assets/913ab605/yii.js?v=1628513928
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Aug 2021 12:58:48 GMT
server
cloudflare
age
5341
etag
W/"61112688-51c6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7849cb463b652bd3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 05 Jan 2024 05:25:33 GMT
jquery-ui-new.min.js
www.5.ua/js/core/ 		250 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5.ua/js/core/jquery-ui-new.min.js?v=1485440735
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9933b17f62ddedcdaadf32e641bf0fdd86fdf822cc055a25c946e4f12b1b9e62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Thu, 05 Jan 2023 05:25:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 May 2020 13:37:12 GMT
server
cloudflare
age
14063
etag
W/"5eb2bd88-3e742"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7849cb463b682bd3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 05 Jan 2024 05:25:33 GMT
jquery.plugins.min.js
www.5.ua/js/plugins/ 		72 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9dc4ba428b568043191bc4d1f91daf62168239c8df7c504ff04601373ceb804

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Thu, 05 Jan 2023 05:25:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Aug 2020 13:45:52 GMT
server
cloudflare
age
14301
etag
W/"5f3e7e90-1209f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7849cb463b6e2bd3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 05 Jan 2024 05:25:33 GMT
scripts.min.js
www.5.ua/js/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5.ua/js/scripts.min.js?v=1617731876
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
265423ee2cfae8dbb614d9da1c708ad19b84885d58007d291dfa75db03f4e4d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Thu, 05 Jan 2023 05:25:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 08 Sep 2021 15:13:15 GMT
server
cloudflare
age
14301
etag
W/"6138d30b-5d42"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7849cb463b702bd3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 05 Jan 2024 05:25:33 GMT
lazy-scripts.min.js
www.5.ua/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5.ua/js/lazy-scripts.min.js?v=1593676928
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b47640444bf21fc22987897586f6713c2ed97cf5a83d84ebb74cb9c258029532

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Thu, 05 Jan 2023 05:25:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Jul 2020 08:02:08 GMT
server
cloudflare
age
14301
etag
W/"5efd9480-11e3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7849cb463b722bd3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 05 Jan 2024 05:25:33 GMT
form.min.js
www.5.ua/components/search/ 		1 KB
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5.ua/components/search/form.min.js?v=1593676928
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cab79c5160c0c4ef4aea5ee18956bb3626421e6f46da6f9a7d600de6df55d17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Aug 2020 13:45:52 GMT
server
cloudflare
age
14301
etag
W/"5f3e7e90-449"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7849cb463b752bd3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 05 Jan 2024 05:25:33 GMT
shareaholic.js
cdn.shareaholic.net/assets/pub/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shareaholic.net/assets/pub/shareaholic.js
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
111b1b4e4cb34f9149ce09516b6f7b5b9a0299ae59cf38d3d2d32ee8e1f2c563

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:33 GMT
content-encoding
gzip
x-sp-metadata
HS256.CN3a2Z0GEooBCiQ4M2QwYzAxYi00ODBmLTRlZDQtOWVkZS1hZGJhM2IyYmMxZTkQqKemy7Oc+wIaBgjNvtmdBiIPMTc4LjE2Mi4yMDkuMTM0KPjPAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGisIARIkYTBkMTRjZWEtYjA0OS00ZTE2LWE3ZjgtM2Y5ZGViOTVjNjQwGL0hIhgIAhIUY2RzMjg1LmZyOC5od2Nkbi5uZXQ=.vDmOtx6K4tbGtoSQxTB8HpOnfdnmvXD54Panp9zRt7s=
last-modified
Mon, 19 Dec 2022 20:20:18 GMT
server
nginx
x-amz-request-id
THAVY8D7KENN1X71
etag
"e33511561808ca812c76b301b406d103"
x-hw
1672896333.cds051.fr8.hn,1672896333.cds285.fr8.c
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1200, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
content-length
4285
x-amz-id-2
9KcPcksUU1jvu0PFPJ/b/5FFoJfsNkPQSSjr2rNTCASnjg/ncBgS7nkk12BNxjniY2EHqQOOiVM=
client.js
cdn.gravitec.net/storage/fc1fa553ef40bf21c0a94cc43f686f04/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/storage/fc1fa553ef40bf21c0a94cc43f686f04/client.js
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
ee267162b8ba3dfbfbca2551474dc87b93a2b921324e00012e9e2d60e959d370

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Thu, 24 Nov 2022 09:35:40 GMT
date
Thu, 05 Jan 2023 05:25:33 GMT
content-encoding
gzip
last-modified
Thu, 24 Nov 2022 09:35:19 GMT
server
nginx
etag
W/"637f3ad7-100fb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=10
x-proxy-cache
HIT
api
piguiqproxy.com/ 		0
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://piguiqproxy.com/api
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.35 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:33 GMT
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.5.ua
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
cache-control
no-cache, no-store
x-check
f7783c4c685e7e569eb8f688c0952e22
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
wrapper_hb_313501_8344.js
player.adtcdn.com/prebidlink/464693/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/464693/wrapper_hb_313501_8344.js
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e591e5f7a56782eb579c38cb1d32f64a51434ee62980a9affb98ef15d9757d98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 15:00:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
589
etag
W/"63a1ce11-681"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UcUfjjSCJlP%2F7wCpOrKgCrLsHCniqqCXQBONMfGJhs65GbBg0ryP6AN%2FRXZIjnzs9MPoDVK%2FaO6QiT2Ti3mmN3BTifESO13adDQlHtMdsiBo73NusQ9TajAOglbHiXygdSyH%2FJIpDwHqwN%2BoHjGinA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
7849cb465f7e90c7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 05 Jan 2023 05:30:44 GMT
logo-sprite.svg
www.5.ua/img/logo/ 		54 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/img/logo/logo-sprite.svg
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
112166bf87184943fc6a4d627efac5445f02670cd4ecf55587f5d67b78986342

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Jan 2017 15:03:15 GMT
server
cloudflare
age
14062
etag
W/"58764933-d840"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
7849cb465b8d2bd3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 05 Jan 2024 05:25:33 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a36debcfaefa0268cdb972291fe5f2055f0737cb6e75a1bbb328a9a306b8f8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		277 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb6a1ca26492b388e1be34b834404064c04a6e68c9794d83cfc8b02644d07f85

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		743 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
186fb6f7edbbeda01728ada4652cda14a27340275e0b478485f007d1648cd774

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		722 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6667079de105057ab1cc4e4f7f6610dce15d9d633ed143183f4a207fc4e622aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		416 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0bf270709dbc0062ea29408210510b2aeefc8793434c43b4915986555c44ebf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ffa5d5f02b8706cbf6af9dcd33406dec9ee9006f57ad03912e10bec1d57db747

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a9b1d80adb489b4beecb166d05e2360d7dfbd388378c76d0dffb90a80424dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		416 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e793a6d654e64f50d1ee4c5313dd41956781384df5cec39aab09648db4a6766

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		605 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a641707e7fd5f9d5b4f2ecccf2047ba269ba2e5e6b1f0409b8e8705658f7851b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		374 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76daad608660fc47060ac42479b0413c3d211544ad4d77573e6cbf5f3a16fb5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		425 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f04d551197e3b098a8216b0a0104037f2a8bc8b4f71bd41181bcd13438bebe2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		605 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0c36c4d23c4977b110f998806928dd944fea7594bb7b9b6abfc4a617a8f4c54

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2f752697bd33df4852991705c94be3069fc954847004ca0b75e514ed597ad44

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
logo_day.svg
www.5.ua/img/logo/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/img/logo/logo_day.svg
Requested by
Host: www.5.ua
URL: https://www.5.ua/css/styles.min.css?v=1627989472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5020f40820787eb99460bce11732b0120527e85b418fba50ab4c2711c308bc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/css/styles.min.css?v=1627989472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Sep 2020 13:03:06 GMT
server
cloudflare
age
2330
etag
W/"5f5f6a0a-db6"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
7849cb469bd82bd3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 05 Jan 2024 05:25:33 GMT
truncated
/ 		223 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5b62d40921fb76a6a407047dc6438929bb1ef88ce5f6df1195eae119f0385a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		223 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cded380ddc97c0b532c85a446c1e30b353ee795ebea0ee20f5e0e5000a1deaeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		188 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74234027b67e5fa479110dd5eaa985d791ce841cc9cb6140d8a18574d84d641f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
hbw_master_313501_8344.js
player.adtelligent.com/prebidlink/19362/ 		127 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/19362/hbw_master_313501_8344.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/wrapper_hb_313501_8344.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
db6552e1481f39b0457e0abce995fb10a21e98d2196a60f282af71a55245bfc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Sat, 07 Jan 2023 05:25:33 GMT
date
Thu, 05 Jan 2023 05:25:33 GMT
content-encoding
gzip
last-modified
Tue, 20 Dec 2022 15:00:33 GMT
server
nginx
etag
W/"63a1ce11-1fa48"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
hb_313501_8344.js
player.adtelligent.com/prebidlink/19362/ 		341 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/19362/hb_313501_8344.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/464693/wrapper_hb_313501_8344.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
321611c9a360cfd089537b361f404dbeda4ef6529739ea026685e549161728a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Sat, 07 Jan 2023 05:25:33 GMT
date
Thu, 05 Jan 2023 05:25:33 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 02:11:14 GMT
server
nginx
etag
W/"639147c2-55335"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac3a5ec9e9c5897a10256c95f5fe5e7041ca9368b63cbef90b251b168c9f6ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27560
x-xss-protection
0
server
sffe
etag
"1442 / 758 of 1000 / last-modified: 1672873566"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 05 Jan 2023 05:25:33 GMT
truncated
/ 		456 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e92189e138b505b27d2f607e14bf62ef2eed575df15f6bbea9fbd8c7bbdb29d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		660 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6016402b22007239e8540542e89bd8b6ada2d113bf70c7c4aa621c16e0bc370c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		268 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca20712fc836ba9d51cb7bc766b1095867f2ebd221e050d8aa79990ff7016444

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb6ea2f92c9e4e38cf818da0d51c84f755200d0e9a8b24f73bde687022ecdd42

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/ 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6ea93782788a35fff8c878d709489ca2c06ec6534cf6b4f211cdc747d49f503

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		359 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7e5cd0998c4a06587d6f3a0f3941380d0c9f7eec7756dd747b36f5f301a4800

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		438 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74ad7b4a00b914bdcfc27faefbe0f281a40966d1a152f618fdc776c32a8fcfa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
pubads_impl_2022120801.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 22:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24795
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132306
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 09:38:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 04 Jan 2024 22:32:18 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		79 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.5.ua
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c29d4c97aaf677a43fe03dc371af930afc137361c3544f736572f5a3aa6a7258
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62
x-xss-protection
0
expires
Thu, 05 Jan 2023 05:25:33 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCD28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 05 Jan 2023 04:27:17 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3497
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 05 Jan 2023 06:27:17 GMT
js
www.googletagmanager.com/gtag/ 		213 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VM275ZDL21&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCD28
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0f9b321deb4c667aef814da62bb131c7b8d60c668f80014f104906269127059e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76398
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 05 Jan 2023 05:25:34 GMT
main.js
m9m6e2w5.stackpathcdn.com/v2/bec87dbf/ 		148 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/bec87dbf/main.js
Requested by
Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
d63e87aa5195c9ece2769af4893b4c07ffc3e59e3f507cd12c664a2c25e9c4bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
content-encoding
gzip
x-sp-metadata
HS256.CN7a2Z0GEooBCiQyMmJmODc3MC0zZmEwLTRhZjktYjFlZC05ODc5NzU0NGUyMWYQ+Lq3wvm7+wIaBgjOvtmdBiIPMTc4LjE2Mi4yMDkuMTM0KIrQAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkNTdiMjdjNTItMWFhMi00NTg2LWFmMDktNWVhYThmNjI5YTcyGP7GAiIYCAISFGNkczIwNi5mcjguaHdjZG4ubmV0.86ttmaJlAKzmoXEw5xqJUamHAbQfjJPf53ukOltIVCM=
last-modified
Mon, 19 Dec 2022 20:19:59 GMT
server
nginx
x-amz-request-id
PAKD9GVGPTREG1NW
etag
"bfbe20460e43896d158d4b21e5c02ca8"
x-hw
1672896334.cds161.fr8.hn,1672896334.cds206.fr8.c
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
content-length
41854
x-amz-id-2
UfjmZKB7E9YUrY0vXGV2Q4QFmkUFf7Rkudm6LThhwpl7+eRxcirLt8dDB2kADGk4IpJE000Z+08=
configs
cdn.gravitec.net/sdk/web/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/sdk/web/configs?appKey=fc1fa553ef40bf21c0a94cc43f686f04
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/fc1fa553ef40bf21c0a94cc43f686f04/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
d33308beb7c8a200679b613f9f773051ce2d2caa68682e77b9eeef0a108a2e3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
x-correlation-id
1811b91497c3903ebba3b3bb29923248
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-proxy-cache
MISS
truncated
/ 		588 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6172f3cad225741f89effdf290b37f5d5924d57038ce8ab502a90f703e202a0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		588 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d891a3caf07774ba2732761542748e5b125ea5037e0f72d4f8f64ac6cedd161f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		513 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71ddd4b3a6c15a6b8a30ddc48f5653ba474c2d10c0b9b26bfd35bbc0a0971d6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
invisible.js
www.5.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 63DB 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.5.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1672891200
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccdd2462a7e6a563c2ae76814d1c56da9d09bef58adf311992c24ce3001e72c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7849cb480d3f2bd3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
261394.jpg
www.5.ua/media/pictures/820x546/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/820x546/261394.jpg?t=1672772656
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc6a0e36b0064bb755efe9ee17c92d30eb3ed675174cffeddaa3638916d40d1b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
2330
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68546
cf-bgj
h2pri
last-modified
Tue, 03 Jan 2023 19:04:23 GMT
server
cloudflare
etag
"63b47c37-10bc2"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb483d5b2bd3-FRA
expires
Fri, 05 Jan 2024 05:25:34 GMT
261445.jpg
www.5.ua/media/pictures/300x200/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/261445.jpg?t=1672862158
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24fdf16b50a43befe14b6cdb650d8be2f4a0d1a56634c3c25044277a2638d9f1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
6130
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14325
cf-bgj
h2pri
last-modified
Wed, 04 Jan 2023 19:56:05 GMT
server
cloudflare
etag
"63b5d9d5-37f5"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb483d622bd3-FRA
expires
Fri, 05 Jan 2024 05:25:34 GMT
261438.jpg
www.5.ua/media/pictures/300x200/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/261438.jpg?t=1672856050
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e75bab5747f9a43185b53089d94e6c8dac49101ba8990dbd0e63e0a2397e2f2c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
6130
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15619
cf-bgj
h2pri
last-modified
Wed, 04 Jan 2023 18:14:26 GMT
server
cloudflare
etag
"63b5c202-3d03"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb483d632bd3-FRA
expires
Fri, 05 Jan 2024 05:25:34 GMT
261435.jpg
www.5.ua/media/pictures/300x200/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/261435.jpg?t=1672856207
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
400402bde3a40d6fc90821288a5ade2ff1b71c4665d2f13371127c9bdfd2818c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
6138
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6629
cf-bgj
h2pri
last-modified
Wed, 04 Jan 2023 17:50:25 GMT
server
cloudflare
etag
"63b5bc61-19e5"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb483d642bd3-FRA
expires
Fri, 05 Jan 2024 05:25:34 GMT
249966.jpg
www.5.ua/media/pictures/300x200/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/249966.jpg?t=1654108512
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ffa92497c29eb27ebe546d02784914a5bc7b64bf60f9e0b55ca80ab98d444bd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
6138
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8429
cf-bgj
h2pri
last-modified
Wed, 01 Jun 2022 18:35:22 GMT
server
cloudflare
etag
"6297b16a-20ed"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb483d652bd3-FRA
expires
Fri, 05 Jan 2024 05:25:34 GMT
261394.jpg
www.5.ua/media/pictures/300x200/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/261394.jpg?t=1672772656
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69e13fd454e6c071720861183e532b67561144df7bb0e28e59739ec051c4b950
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
2330
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15490
cf-bgj
h2pri
last-modified
Tue, 03 Jan 2023 19:04:22 GMT
server
cloudflare
etag
"63b47c36-3c82"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb483d672bd3-FRA
expires
Fri, 05 Jan 2024 05:25:34 GMT
261371.jpg
www.5.ua/media/pictures/300x200/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/261371.jpg?t=1672739541
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143dfac0ab8a97ba08efffe750ce2967c8a4662fe4e1a497cf4bbf49ecf92410
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
3111
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51997
cf-bgj
h2pri
last-modified
Tue, 03 Jan 2023 09:51:49 GMT
server
cloudflare
etag
"63b3fab5-cb1d"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb483d682bd3-FRA
expires
Fri, 05 Jan 2024 05:25:34 GMT
260315.jpg
www.5.ua/media/pictures/300x200/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/260315.jpg?t=1670575436
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b00ccf044aae1bb4be339db8dadd43c62128bbf075000fc201ca6831db4f2e8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
3111
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14409
cf-bgj
h2pri
last-modified
Fri, 09 Dec 2022 08:44:01 GMT
server
cloudflare
etag
"6392f551-3849"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb483d6a2bd3-FRA
expires
Fri, 05 Jan 2024 05:25:34 GMT
261222.jpg
www.5.ua/media/pictures/300x200/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/261222.jpg?t=1672419098
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73b01784b2f43b799631f85f365e988c629911192ba4f5f51c0fffce7198305e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
3111
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
84341
cf-bgj
h2pri
last-modified
Fri, 30 Dec 2022 16:51:22 GMT
server
cloudflare
etag
"63af170a-14975"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb483d6b2bd3-FRA
expires
Fri, 05 Jan 2024 05:25:34 GMT
249836.jpg
www.5.ua/media/pictures/300x200/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/249836.jpg?t=1653907011
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69482f1320aa5e917d1a6e2762e03bfa8ea305d89f3cdc789f09e265d478cbc7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
3111
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9807
cf-bgj
h2pri
last-modified
Mon, 30 May 2022 10:36:55 GMT
server
cloudflare
etag
"62949e47-264f"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb483d6c2bd3-FRA
expires
Fri, 05 Jan 2024 05:25:34 GMT
251726.jpg
www.5.ua/media/pictures/300x200/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/251726.jpg?t=1657120489
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
899bf6a636758055e310b16c4106a15fcf50f266faaec949563b9337528170ba
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
3111
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18995
cf-bgj
h2pri
last-modified
Wed, 06 Jul 2022 15:14:56 GMT
server
cloudflare
etag
"62c5a6f0-4a33"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb483d6e2bd3-FRA
expires
Fri, 05 Jan 2024 05:25:34 GMT
253545.jpg
www.5.ua/media/pictures/300x72/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x72/253545.jpg?t=1663527628
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38f4f2711cd9cfe232637e03be9299e9971057044f20c67761561e6b9e61ad8c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
3098
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17829
cf-bgj
h2pri
last-modified
Sun, 18 Sep 2022 19:00:24 GMT
server
cloudflare
etag
"63276ac8-45a5"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb483d6f2bd3-FRA
expires
Fri, 05 Jan 2024 05:25:34 GMT
246899.jpg
www.5.ua/media/pictures/300x72/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x72/246899.jpg?t=1649863318
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b072279843fea14eb7546c14e7eb9aec06120e73403b540d1e7c7b437e28701
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
2330
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29913
cf-bgj
h2pri
last-modified
Wed, 13 Apr 2022 15:22:08 GMT
server
cloudflare
etag
"6256eaa0-74d9"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb483d702bd3-FRA
expires
Fri, 05 Jan 2024 05:25:34 GMT
252709.jpg
www.5.ua/media/pictures/300x72/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x72/252709.jpg?t=1658870352
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df6de3ab01c4d07599989eee18a197850eeace64c15a5885223585694aeb5bbf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
2330
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6632
cf-bgj
h2pri
last-modified
Tue, 26 Jul 2022 21:19:13 GMT
server
cloudflare
etag
"62e05a51-19e8"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb483d712bd3-FRA
expires
Fri, 05 Jan 2024 05:25:34 GMT
258941.jpg
www.5.ua/media/pictures/300x200/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/258941.jpg?t=1668112923
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9999ad411c3c768c1fcd883503f22c594b0be2543b2aeb41e127a274d7c0b23
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
3098
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11277
cf-bgj
h2pri
last-modified
Thu, 10 Nov 2022 20:42:08 GMT
server
cloudflare
etag
"636d6220-2c0d"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb483d722bd3-FRA
expires
Fri, 05 Jan 2024 05:25:34 GMT
258102.jpg
www.5.ua/media/pictures/300x200/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/258102.jpg?t=1666687078
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c5fcc334de21d86975c87945341b213308b4ab023c898e30cc4e1610367a832
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
3098
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9174
cf-bgj
h2pri
last-modified
Tue, 25 Oct 2022 08:38:02 GMT
server
cloudflare
etag
"6357a06a-23d6"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb483d742bd3-FRA
expires
Fri, 05 Jan 2024 05:25:34 GMT
260263.jpg
www.5.ua/media/pictures/300x200/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/260263.jpg?t=1670506654
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06da7a9bf76208766387ec9e2d7290f00ed980713a9261f3899c4db83e9f9be6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
3098
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15421
cf-bgj
h2pri
last-modified
Thu, 08 Dec 2022 13:37:39 GMT
server
cloudflare
etag
"6391e8a3-3c3d"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb483d752bd3-FRA
expires
Fri, 05 Jan 2024 05:25:34 GMT
243705.jpg
www.5.ua/media/pictures/300x200/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/243705.jpg?t=1645975635
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78205c63df7657008d76a98e2b7fa2dce63822da72e3228c97e7633ea82c012a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
3098
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8446
cf-bgj
h2pri
last-modified
Sun, 27 Feb 2022 15:27:18 GMT
server
cloudflare
etag
"621b9856-20fe"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb483d762bd3-FRA
expires
Fri, 05 Jan 2024 05:25:34 GMT
260265.jpg
www.5.ua/media/pictures/300x200/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/260265.jpg?t=1670509147
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
689ab059779021fa4594ebe3ba0c98fb953bf0d8b54db88e4543573d07fa2852
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
3098
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10664
cf-bgj
h2pri
last-modified
Thu, 08 Dec 2022 14:19:11 GMT
server
cloudflare
etag
"6391f25f-29a8"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb483d772bd3-FRA
expires
Fri, 05 Jan 2024 05:25:34 GMT
/
ghb.adtelligent.com/geo/ 		158 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hbw_master_313501_8344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e5922df74735bc045193684cf1d9b75c54bfd91368e17cc8b4f70c03c8a1b83d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:34 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.5.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
158
tracking
ghb.adtelligent.com/adunit/ 		43 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=313501&site_id=8344&full_page_url=https%3A%2F%2Fwww.5.ua%2F&adid=ina8mi.05&features=147488&vpbv=N108&tte=306&lifecycle_tte=757
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hbw_master_313501_8344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:34 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.5.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
config.json
player.adtelligent.com/exchange_rates/313344/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/313344/config.json?cb=https%3A%2F%2Fwww.5.ua%2F
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hb_313501_8344.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
edede87b870ca9676a30d8ae41df04b9ec8f9dba1eca78ef4fbd4631dfb9caf1

Request headers

Referer
https://www.5.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sat, 07 Jan 2023 05:25:34 GMT
date
Thu, 05 Jan 2023 05:25:34 GMT
content-encoding
gzip
last-modified
Wed, 04 Jan 2023 12:01:18 GMT
server
nginx
etag
W/"63b56a8e-8f6"
content-type
application/json
access-control-allow-origin
https://www.5.ua
cache-control
max-age=172800
x-proxy-cache
HIT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.5.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.5.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
publisher:getClientId
ampcid.google.com/v1/ 		74 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.5.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.5.ua
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94
x-xss-protection
0
e
analytics.shareaholic.com/ 		43 B
375 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.shareaholic.com/e
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/bec87dbf/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.246.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-246-212.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Content-Security-Policy referrer always

Request headers

Referer
https://www.5.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:34 GMT
content-security-policy
referrer always
vary
Origin
content-type
image/gif
access-control-allow-origin
https://www.5.ua
p3p
CP="OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
referer-policy
unsafe-url
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
342 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VM275ZDL21&gtm=2oebu0&_p=620216457&_gaz=1&cid=979059416.1672896334&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1672896334&sct=1&seg=0&dl=https%3A%2F%2Fwww.5.ua%2F&dt=%D0%9F%D0%B5%D1%80%D1%88%D0%B8%D0%B9%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%225%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%22%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%96&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VM275ZDL21&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.5.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
342 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VM275ZDL21&cid=979059416.1672896334&gtm=2oebu0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VM275ZDL21&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.5.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VM275ZDL21&cid=979059416.1672896334&gtm=2oebu0&aip=1&z=182013224
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f5e21cfdc4ccca93c6b092dfd5a87724.json
www.shareaholic.net/config/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.shareaholic.net/config/f5e21cfdc4ccca93c6b092dfd5a87724.json
Requested by
Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.197.98.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-98-98.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e13061977991d82074e14df47e7e097a61c095489c269ae31459aad3e2eeeaa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-client-geo-country
DE,Deutschland
date
Wed, 04 Jan 2023 19:55:37 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0)
x-client-geo-metrocode
content-length
1388
x-client-geo-region
server
nginx
etag
W/"e13061977991d82074e14df47e7e097a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
x-varnish
60340272 53025290
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag, Access-Control-Allow-Origin, x-client-geo-latlong, x-client-geo-country, x-client-geo-city, x-client-geo-zip, x-client-geo-region, x-client-geo-metrocode
cache-control
max-age=3, public, must-revalidate
x-client-geo-city
x-client-geo-zip
access-control-max-age
2000
accept-ranges
bytes
access-control-allow-headers
*
x-client-geo-latlong
51.299300,9.491000
ads
securepubads.g.doubleclick.net/gampad/ 		638 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=152465706769297&correlator=1686766712294434&eid=31071160%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=65982531%2Ccatfish_01&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=875629730&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1672896334312&lmt=1672896334&dlt=1672896333745&idt=386&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.5.ua%2F&frm=20&vis=1&psz=1600x4826&msz=1600x0&fws=0&ohw=0&ga_vid=979059416.1672896334&ga_sid=1672896334&ga_hid=620216457&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd6c10fd5af6247edf94b7284d28090205bd3080bb704e873904a07681609738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
317
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.5.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BC7F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.5.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:34 GMT
expires
Fri, 05 Jan 2024 05:25:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		118 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=152465706769297&correlator=4133562318044117&eid=31071160%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=65982531%2C980x120_Main_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x120%7C970x90%7C728x90&ifi=2&adks=3278753738&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1672896334323&lmt=1672896334&dlt=1672896333745&idt=386&adxs=310&adys=136&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.5.ua%2F&frm=20&vis=1&psz=1140x0&msz=1140x0&fws=4&ohw=1600&ga_vid=979059416.1672896334&ga_sid=1672896334&ga_hid=620216457&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ca59279f8617fed8657cb239dcbd0f9a3992c2bcc301c9529177a1f760300ce
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10957452735446956112/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10957452735446956112/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL2xh77Yr_wCFamB_QcdxPYA4A&gqi=&layout=/sadbundle/%24csp%253Der3%24/10957452735446956112/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10957452735446956112/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10957452735446956112/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL2xh77Yr_wCFamB_QcdxPYA4A&gqi=&layout=/sadbundle/%24csp%253Der3%24/10957452735446956112/index.html
date
Thu, 05 Jan 2023 05:25:34 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43821
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.5.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=152465706769297&correlator=3321689609389842&eid=31071160%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=65982531%2C728x90_Main_Mid1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&adks=1341252289&sfv=1-0-40&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1672896334327&lmt=1672896334&dlt=1672896333745&idt=386&adxs=276&adys=1892&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.5.ua%2F&frm=20&vis=1&psz=728x0&msz=728x0&fws=4&ohw=1600&ga_vid=979059416.1672896334&ga_sid=1672896334&ga_hid=620216457&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f658571a386b04969a3391d09113ba296ea2dcd85fd892eacfecca25235cfb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8361
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.5.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csyncs
ghb.adtelligent.com/ 		520 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/csyncs?aid1=575121
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hbw_master_313501_8344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
95b9c3cc697ea943f88df78f92936ce500e82cb34bda409aaa02e0771cc4a2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:34 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.5.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
320
/
ghb.adtelligent.com/v2/auction/ 		886 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hb_313501_8344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
82ceb1d94c4150a7f38a30bf1185d82b08462fd3e9a57adfa41d853011151509

Request headers

Referer
https://www.5.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 05 Jan 2023 05:25:34 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.5.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
296
fastlane.json
fastlane.rubiconproject.com/a/api/ 		340 B
887 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&alt_size_ids=10&gdpr=0&eid_pubcid.org=709927c9-98d9-4834-afc9-250fc7ab73ed%5E1&rf=https%3A%2F%2Fwww.5.ua%2F&tg_i.pbadslot=%2F65982531%2F300x600_Other_Right_Top%23div-gpt-ad-1529321293197-0&tk_flint=pbjs_lite_v6.25.4&x_source.tid=30ce76c8-a6b3-4361-ba92-c258638125e8&l_pb_bid_id=6042e7ed1c732b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65982531%2F300x600_Other_Right_Top%23div-gpt-ad-1529321293197-0&slots=1&rand=0.4316421891938833
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hb_313501_8344.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2765672186e96fa40ca0c734359f4d21ee0de897f2b9d161f5a29ec45563f83b

Request headers

Referer
https://www.5.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:34 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.5.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
340
expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
adtelligent-d.openx.net/w/1.0/ 		173 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.5.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=30ce76c8-a6b3-4361-ba92-c258638125e8&nocache=1672896334374&gdpr=0&pubcid=709927c9-98d9-4834-afc9-250fc7ab73ed&schain=1.0%2C1!adtelligent.com%2C313501%2C1%2C%2C%2C&aus=300x600%2C300x250&divids=div-gpt-ad-1529321293197-0&aucs=%252F65982531%252F300x600_Other_Right_Top%2523div-gpt-ad-1529321293197-0&auid=541177132
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hb_313501_8344.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
56571bc434c5547c702d1121f7817d5600d8077820413fbc9f6bc0dd91119c29

Request headers

Referer
https://www.5.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:34 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.5.ua
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hb_313501_8344.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.5.ua
date
Thu, 05 Jan 2023 05:25:34 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
ROS
pbjs.e-planning.net/hb/1/2e43c/1/www.5.ua/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/www.5.ua/ROS?rnd=0.47624764144671183&e=300x250_0%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.5.ua%2F&pbv=6.25.4&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.5.u...
  • https://pbjs.e-planning.net/hb/1/2e43c/1/www.5.ua/ROS?ct=1&r=pbjs&rnd=0.47624764144671183&e=300x250_0%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.5.ua%2F&pbv=6.25.4&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F...
63 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2e43c/1/www.5.ua/ROS?ct=1&r=pbjs&rnd=0.47624764144671183&e=300x250_0%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.5.ua%2F&pbv=6.25.4&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.5.ua%2F&gdpr=0&e_pubcid=709927c9-98d9-4834-afc9-250fc7ab73ed
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H2
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ddcc0abda63c13f38ac75f4aebcc867e7f1e414bdf176822c4f0e997692c2f4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Thu, 05 Jan 2023 05:25:34 GMT
date
Thu, 05 Jan 2023 05:25:34 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.5.ua
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
63
x-sid
AMS-936

Redirect headers

date
Thu, 05 Jan 2023 05:25:34 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2e43c/1/www.5.ua/ROS?ct=1&r=pbjs&rnd=0.47624764144671183&e=300x250_0%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.5.ua%2F&pbv=6.25.4&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.5.ua%2F&gdpr=0&e_pubcid=709927c9-98d9-4834-afc9-250fc7ab73ed
access-control-allow-origin
https://www.5.ua
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-936
cygnus
htlb.casalemedia.com/ 		37 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=863026&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213318c7ead34431%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.5.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.25.4%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221422b16cae113fc%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22863026%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22%2F65982531%2F300x600_Other_Right_Top%23div-gpt-ad-1529321293197-0%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22709927c9-98d9-4834-afc9-250fc7ab73ed%22%7D%5D%7D%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hb_313501_8344.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
315cfa74466bcb732d41c03d00e28ab20975ad21d1c64beb59bf9bfcadaadb38

Request headers

Referer
https://www.5.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydr5GTHpd%2Bz4LDz48Kprsr14tcm1Wi0cu066lO%2FKTrPZqd3AoNSMJofPBVEUujIw8HshOBaAWwEFh%2BhkuAVd4W74mt%2BCkLRgB0KV65%2FuH0ji0oB3e4v%2FDmY8WEosrESV66khZQOz"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.5.ua
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7849cb4a1bff928d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		339 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48138&zone_id=1882078&size_id=15&alt_size_ids=10&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=709927c9-98d9-4834-afc9-250fc7ab73ed%5E1&rf=https%3A%2F%2Fwww.5.ua%2F&tg_i.pbadslot=%2F65982531%2F300x600_Other_Right_Top%23div-gpt-ad-1529321293197-0&tk_flint=pbjs_lite_v6.25.4&x_source.tid=30ce76c8-a6b3-4361-ba92-c258638125e8&l_pb_bid_id=17331f317c02af&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65982531%2F300x600_Other_Right_Top%23div-gpt-ad-1529321293197-0&slots=1&rand=0.8657448330376514
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hb_313501_8344.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fa3e13d5cf0d96d1c3bc025a7fe3fb978148ba9b8d61c0752db3360d6665448f

Request headers

Referer
https://www.5.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:34 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.5.ua
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
339
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hb_313501_8344.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.5.ua
date
Thu, 05 Jan 2023 05:25:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
track.min.js
cdn.gravitec.media/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.media/track.min.js
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/fc1fa553ef40bf21c0a94cc43f686f04/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Wed, 05 Apr 2023 05:25:34 GMT
date
Thu, 05 Jan 2023 05:25:34 GMT
content-encoding
gzip
last-modified
Wed, 27 Nov 2019 14:51:46 GMT
server
nginx/1.18.0
etag
W/"5dde8d82-11d5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=7776000
x-proxy-cache
HIT
pica.js
www.5.ua/cdn-cgi/challenge-platform/h/b/scripts/ Frame 63DB 		20 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.5.ua/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
050fa488a73b6cbccb02d8cbc451e7b71221051eff18afff724d34de8d5a2a12

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
content-encoding
br
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7849cb49ff5b2bd3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
publisher:getClientId
ampcid.google.de/v1/ 		3 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.5.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.5.ua
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
csync
sync.adtelligent.com/ Frame B980
Redirect Chain
  • https://cs.admanmedia.com/981e2a0ec1c40493e59b139b8db4f728.gif?puid=[UID]&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D737612%26extuid%3D%5BUID%5D
  • https://sync.adtelligent.com/csync?t=a&ep=737612&extuid=36be522c-2e72-492a-bd07-772ee3080e08
0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=737612&extuid=36be522c-2e72-492a-bd07-772ee3080e08
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hbw_master_313501_8344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Thu, 05 Jan 2023 05:25:34 GMT
Etag
8f7ec04b63efbacc
Server
Adtelligent

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Thu, 05 Jan 2023 05:25:34 GMT
Expires
0
Location
https://sync.adtelligent.com/csync?t=a&ep=737612&extuid=36be522c-2e72-492a-bd07-772ee3080e08
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=de3ab0e8-9db0-40ba-a546-c21297bb2987
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=de3ab0e8-9db0-40ba-a546-c21297bb2987
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:34 GMT
Server
Adtelligent
Etag
8f7ec04b63efbacc
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=de3ab0e8-9db0-40ba-a546-c21297bb2987
date
Thu, 05 Jan 2023 05:25:34 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 05 Jan 2023 05:25:34 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
track
api.gravitec.media/api/stats/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.gravitec.media/api/stats/track?app_key=fc1fa553ef40bf21c0a94cc43f686f04&user_id=8c1bc5bb-5e8e-4ccc-be80-5dc2db2e6fe2&utmb=343f5b22-1f07-44d8-8f34-29e103ef937d&path=https%3A%2F%2Fwww.5.ua%2F&referrer=
Requested by
Host: cdn.gravitec.media
URL: https://cdn.gravitec.media/track.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.214.184.209 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
209.184.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1 ; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:34 GMT
x-correlation-id
59e27a044b39bf112441c9f4d66a09ff
x-content-type-options
nosniff
referrer-policy
no-referrer
server
nginx
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1 ; mode=block
expires
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.5.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.5.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=152465706769297&correlator=1567562295323461&eid=31071160%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=65982531%2C300x600_Other_Right_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=4&adks=2279244755&sfv=1-0-40&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Df16ff700f8823051%3AT%3D1672896334%3AS%3DALNI_MaJdVc1BJwHL8EZttvW_60UybYRgA&gpic=UID%3D00000b9d5b30bd78%3AT%3D1672896334%3ART%3D1672896334%3AS%3DALNI_MapLtttJcWEBnoVs8sX4FzN9SUGVA&abxe=1&dt=1672896334537&lmt=1672896334&dlt=1672896333745&idt=386&adxs=1070&adys=438&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.5.ua%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1&ga_vid=979059416.1672896334&ga_sid=1672896334&ga_hid=620216457&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
131ec436a287e237bb5f6394e7069c8700869c1bfa302789017b0d12ff0df617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9744
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.5.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
7849cb444d9bbb73
www.5.ua/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 63DB 		2 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.5.ua/cdn-cgi/challenge-platform/h/b/cv/result/7849cb444d9bbb73
Requested by
Host: www.5.ua
URL: https://www.5.ua/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1672891200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
content-encoding
br
server
cloudflare
cf-ray
7849cb4c096e2bd3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-43467952-1&cid=979059416.1672896334&jid=1440891820&gjid=1878748799&_gid=229666254.1672896335&_u=YCDAiEABBAQCAEAAI~&z=606447420
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.5.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 05 Jan 2023 05:25:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.5.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=620216457&t=pageview&_s=1&dl=https%3A%2F%2Fwww.5.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D0%B5%D1%80%D1%88%D0%B8%D0%B9%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D0%B9%20%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%225%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%22%20-%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%96&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAQCAAAAI~&jid=1440891820&gjid=1878748799&cid=979059416.1672896334&tid=UA-43467952-1&_gid=229666254.1672896335&gtm=2wgbu0TKCD28&cd2=Non-AMP&z=620546349
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Jan 2023 19:42:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34966
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
buttons.js
m9m6e2w5.stackpathcdn.com/v2/bec87dbf/ 		179 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/bec87dbf/buttons.js
Requested by
Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
a22bd8cc9accbe07dd66307949c5afddc184418466293db5b50eb810b721dbd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:34 GMT
content-encoding
gzip
x-sp-metadata
HS256.CN7a2Z0GEooBCiRkZDE3ZWNlNi02ZDI4LTRkODUtYmU1OC1iMTgwY2QyZGVhM2QQ+Lq3wvm7+wIaBgjOvtmdBiIPMTc4LjE2Mi4yMDkuMTM0KIrQAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkOTJjNjEwMTctNDkxMi00ZjY5LWEzNTQtNDU1YjA3YTQ5NTY0GMqlAiIYCAISFGNkczIzOS5mcjguaHdjZG4ubmV0.cHg6h/tB34ScUU4zYQPJZQV2PKnn6HiDClQqDKIUXFc=
last-modified
Mon, 19 Dec 2022 20:19:59 GMT
server
nginx
x-amz-request-id
THAZ88F81SZNGENN
etag
"2f2ba10bfc6e4ae6b4574df0f3eab8a7"
x-hw
1672896334.cds161.fr8.hn,1672896334.cds239.fr8.c
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
content-length
37578
x-amz-id-2
mHbV3yps1szMCgmHroVBFy2o2H1m36/hdKcTzmXJI7o6YVwzAUZuG8f23cJ4hBCB4u7o8+r3oUs=
partners.js
partner.shareaholic.com/ 		0
265 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.shareaholic.com/partners.js?location=https%3A%2F%2Fwww.5.ua%2F&cl=uk&id_sync=ed1acc58-16b3-428c-828e-c44972f6b5fb&pvs=1&site=f5e21cfdc4ccca93c6b092dfd5a87724
Requested by
Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/bec87dbf/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.20.147.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-147-136.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:35 GMT
vary
Accept-Encoding, User-Agent
p3p
CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ 		492 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4299f2aaa46eea61cff7da0f945e26cf0ace8a35ea912182e7df2a9958db8e10

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-43467952-1&cid=979059416.1672896334&jid=1440891820&_u=YCDAiEABBAQCAEAAI~&z=732124097
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-43467952-1&cid=979059416.1672896334&jid=1440891820&_u=YCDAiEABBAQCAEAAI~&z=732124097
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EE73 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.5.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:34 GMT
expires
Fri, 05 Jan 2024 05:25:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6484 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.5.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:34 GMT
expires
Fri, 05 Jan 2024 05:25:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10957452735446956112/ Frame 5037 		27 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10957452735446956112/index.html
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
746ed51281e3a8b8300f2a6223ca14662cc9fc4d401e467d154c3d6c56aba0dc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
596766
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4698
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Dec 2022 07:39:29 GMT
expires
Fri, 29 Dec 2023 07:39:29 GMT
last-modified
Thu, 03 Nov 2022 21:34:32 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame EE73 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CY6sBTl-2Y73SF6mD9u8PxO2DgA6ulYSmbqCR_4zgEMnPsqarOBABIKvI8iZglcKmgrAHoAGyisGqAcgBCakCOOe0fYnlqD7gAgCoAwHIA0iqBIUCT9Cdzz14mE8jTRxNcitZv3--VkHEXjBa8yjF3t7sFzcFegyA3SBtVrEt3qUcXs2kl9u5grXt6rKScaL4PmLhj2uE8_ehT6wE7W0zJMl6reMbkBMLdpmNxbR1Sr6riBuV1dbQDOoykhrV42qSUw23qmNj2lQ_1QZkQ9QANqDjsiVh-Tv0H4cG3APpFx3bb-rqJig2xUaSEZyr2MmUnoyh-bc4YsnQjwHWefp2Bgpx6yY1n79VDhLXNPAq2xO26dCllG-TNXtUREQFw7gMqHsT9JAE9eSF36P8iVC2hPAXvTO2rwe-KY8TJoDnRq4kqtkCNvvpDTzR1b5oYJbBRrgiA259BBrZwASj5Ye1pgTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHtvW-1QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDRuwbSCBEIgOGAEBABGB0yAqoCOgKAQIAKAcgLAdgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi02NTc5Mjc2MTU0ODQyNDMxGPuHIQ&sigh=AUkvJIX0SOQ&uach_m=[UACH]&cid=CAQSSwDq26N9Aoko3YbtxLbPMyPYFTIXBoXpsUy1YhIPMHF4Ze1pvoq5ipo9JS3A_av8vY3JAsY3XQ2p0zwViEm3wNQXqSecEXCR04aCFhgBIBM&template_id=419
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame EE73 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:54:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
5440
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9534
x-xss-protection
0
server
cafe
etag
3719958914939444779
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:54:55 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6362 		624 B
671 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjj8_zbATAB&v=APEucNUmDljkBU_nB4hGK-cn48K36y3p5Us9jJyeg3S5j8x_oIa68OmtCdBl8qfbWjCBDdX-hwl92GmmVYGqIyRKEYmg4Zcf3qcOTglEfU5NDTisdOBUEo9ldbgaFEE4ubvSudokAInKuHmQI3X2Z_7Li8czuhxtCYTSkoFl7sSdF7_pnOxJs24
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:35 GMT
expires
Thu, 05 Jan 2023 05:25:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 6484 		86 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DefUhvWc6Da3Juc4qFt4JocjSIWfZsLIQvyzLaK7ymBsaT1HEt4qlhrDXz9Rjm-QCpnWbI2LpagRZm7tTMbJk0d1vKE5mUVB3CGhGdW5VwG7Y2O9fubc7dFf9X1QR9sUn7CllzV8hp_LLNwq_Fag8XSdUnfUnURBOxLqNwZInHEfgOzyo&dbm_d=AKAmf-BySrYyuyDaDqquBoT95GDNnjer1zbB3c7tMe6E8udKqj-k89vaJAOh39L1M4XFvKjrtkPDT5VWdLcaje29W_QQsI6NqEMQTpb-ZfT9A6cWwKlpMim_6xaxTtPUxAfEIOspgObSUDZc90wgHX-0-4Je1j0WX2zPU2KQvr1dPjwiq6s6QG1_wURnxVRsxW1HZd6sDSdCXeEHyzVjqIMjlNecyyJ6bD9Z8arrGBcdEdQpWBhG25m-6kqMC4yngGAqdCG7BckHFiASvfGMho18mi89wmzMNtTJx00ueGEHAAu7N-EXo44PoxPZ5D_qsL9Cw4PQhiiym_uNtIFZ10sFs9MJUhFZSau_DNVpqjtMRHaN2O958nhFhTk9APtGwZ73K-2BZQXH9w1q7uWkhZqbykxV5IKBB9HzYdbluVBAAzNcUPPGyX3vd5OmQpvGOmT12045h94QnKMEyuexcovICcvlF_CmJbKz6mN7nF2fiIoItCcqoy-PJVT5gigJY1rnXctk9ZS4WzWo4pN-DPAg6ryeNh9iLDf-sA7nd0HtH6K0PQSgFh3zt9CZlQGL3qgxP4kITS3sGKtO6yIRVPuei9jVBpWf3FZP7nRT5T6LwZzuwMHbnA37YvRB32vkRF5Thlyak7COqPg3lBOaPHGSHHl6KYZGWJ3QD9vNYbjw209ZHrLJkRg2cdw5nUilkIYv1vxgtupiJh90HWFxIAAnc3Gpj3TVDjFDZxrlkrNu1lVkNdheYEcFbqNCzod4WjrA5n5A_Cy0Oa18LAfDfVdMgh1IpJ6GzERgFN914-kImgD8Ji20ZZZjO5J9Bmz92G3-_C8tcFaH5klu9TUUhx_90UZZzCrfjBHFCTrIg2HNX9de649Lj30x6YHtvWgL2sPdXVwLL01DyWjECEdRDXToJ_13o0hSYXDWINpzVC8rxfnzk4u6LkmHYMK7Y0QovSI075nxUybOPeV2GnGHYKilOZq7mAKxGNaf3irCZIiVa_QBK5dvAv17Is0mBiwWrWy2WVNqLtrNS0Berf4DYg2j7KRQfmnFtdV79A_ooDU-3B5G2T87qLNawhwOiF6UtrbWkVCRLANvDlKZfiExTBzYQp_AedTBDfBLjjj4drGsPZVH9tZ4UfFyVUceeMSGxLTH8xf-4yYWclw9XrIaVoCpbIBJAQFOnDwms5Yb8IOlwjaGmVHExSNxnAgwoidKOuqKBwBUeC7UJCCDVZ5MSj2ojXWc0FMrM3gUp5yEGd0UPPG6aCefuSQaQNi2O36RCLIMtP-tnhLle1Oz7mxEJzeZbyk2yDwjbzJzZacV452teSbWtOCrMQ0sK7cV-8praueUbSSezIKh-pWUdRO9hCopMs25mMep5jBgLbZawtSHcwAsUogIVCm-z5U-L2Epb6Ex0ckgtn-k_4s1gklkE8cdk3dvQZqb3Y5Z3LwwsvdrlsGUM4DPzZ2ltNZeihCsYtt3QajjoeWdgX2UAZJtIGJO5fBx3usUkGiUN6FXNEyCQekjswaMnjPHnQM6TRp1Uw_TjWzPVN2BhTFPQTCf-dG-RMmZWkpgNV7nS5e--NGgPU_DrZd2biZdtezUYaYWqZiMogEADep9aGXsQGia4Ykb5WNe7SOCk-NQ5WOmRIirkc-3p8rMokIpX11EluvqgvHsfbvtL8NlEyWDFsRJRQQcs_WkMB-UMGeer8tu8EIYOiXqYRyjFL7YkGS5LPt_GHusQjKo2V6uvLYPFYSBvHCQ1QAyf8se5GvfBqCBsA7DpYWeyklzRHrZjRXIq8p5JkMzcBMEdpJCI1bYVLRXirw097YEJF7Ynf3UoZSu9L5QuKIyvu3xvOuyzElGwmmzWuLrLEwH9Igdawp6I2Ecs-tkY2RUwAEL8-gwb7ZHPYxieZDt26ayvPYFIWV-bLkVWG7MeOwYejpsPvx9Lig8WZjUTtP79d3sMHNCMjiRW659jDTpchqCPKczWdUkRbcdPxz1zLMXtc5eLYuPrPv_k3kyms-aghQpT7RqJ8aYVCdMUZyoC1WUdka_QF5Q9txIKcWixuKLO1BfGD_reX6yfDh6H7oOxk4O7lvsDOuK2OZXq8iUJWnLWqz-ijP3bQHdoG0TAKI8vXw__NjEIry-ywyPoqbWbSDuCee0M3UdYsrGvqvMuep-eO5XdHQxE0FnX9EMtiMLbMnnjBfHMH-iSRV8bgr7YTUn2yH7wlVIL12S14f2JhVeOmWOyvV-SMlvW2-_TtFCKeOi7Db0GnThRL24hpWhamoIiVAVC4yAtNtJGo7Ob-O8NwjAnBhKERxmFMnaMAbhafOJmg7RZ86sv3AYALhWWS85YJKOvgqSbn5Y0Q0CQQQdJjbbt13b-3zItVtNFuAVwRjoMkVop31_YiQ4yP8pMVGjddVsxxx3nyGt0eVA7ZZZwCrkDwCYTob9k3e6ezgL8wBqJ_YiWALyaw6nqFBk89RUCUm9FSUuHhfj2hesc_BB6zSYQakXSyxUoMhLgFoaguub3BRg2I7nhMx-tj1ZA7lMX9QHJ6SjUk6OjiofpUmiNFsD_PKcXWyObTjKlN5ZT1ZwpCZ5AOFJOusCuXIrBFLmwJdcs25xp4BhKaa2DN-DwEXTlNiBA2woF90yzv52M01qD82QFnUAMQoWv4Ivv5sy9W4aHHWYDOb24wTIr0RiH2nVzSGy7ZUNYEYIOrGOvEPbIaNedjHUirO2I8JKNDVlSzViU54pHEgRaN3a2uUSFe02zOBhLtJU1f3qJSOFggJFSmim9F3xV7beHsbyHLujIuKroENGIOJ_hKSxO0H1gL7AUX9yXXM5gVh91i4c3zr-M7isgEZ1RFYtS58Wk4IguvJVUxU5TygLvGgrGfr_KJjjiKgzBlXd9zlb86uI3968U6mpMDHHXtm33JYCKK9SUoqUDTRhZsG5z5u1q-1SE2qEIq-GqNuMHThVly0IDa0Wflg5Jw54b2l_OochJzid8iPhYkOx8CL3X3rz5VuAYXb1JZQ-fcGOSs0PnEW2WsIB15Dwd74-R75_im_eCr_PnnTDPcmLxkydasIGQcHUz-ULttM38yZjy7Rn-mXGMlOszBKILtdd4kp1AZtTnOp-si0ptGO1WnNGDTUxALm1IgBEW6oLV5hY8zD0n7T_qZRlvC2_2TUacBn-qoClqA7YC9ZE2CzBrL-iXZ9IgdDAFoOgLYu5R_ducchJbZ3_YLJK6ZgvwgwxgB24yuAXk6Oyi8j2-iXJuDnZOG5hzi3s4nNbMY6etbp4ERl63Ar3vFVgkzOdtJ9gUC4BJezgHM1ZFJjlqvY_CYkcAtpfeSEkr7zrMIVEpw2FdbDkeGx1KYfMb5WjmWjY6ydBTsYs8po6lD9Sk114vD0qSngmdK16aAQSuCBZCqUS2EMkiuONqhXKgOmM5xGGsoHqBYA95Yp-pisjTh8F-aXj13Om9VLc3SUeW6e985jL00KolSF2K1gZLKfxJrCH1sVCF80g6MRvUeB3X7LOsH--z3uqNa6pg1x3fgGmV_CjdslF4PiK9wnaOtQSkZh56yfPGsSqZbMnjSSrJKzTPoBEhHG_CPyv3nCrk-kTgs3cQwG_t0SPedfQqiSQHdzFSTFxB-KTKo8ZktDywRy4MIAB8V1rgzF6eK__yvw8nPhM1K1dacS74cv4lS49tc6R0DKAeclsI8BgUMuossVHGO09S7Xpxv4Ol8hNAZXsT_I38nNd2oPQqhsqGlpC8HKfwjQW7suWFDRNwwr2WZ5YCTfbaWPnN81LlIE&cid=CAQSTADq26N9Mz8Pj_QrA-n2Lgq9f9Z_LiYcLSNyi32sD_1EnJre3bxmrnNh-5E0h4Y9t5FUgmB9rofn9UbLquRQVFVhRmsQVqB9MFTOrgwYASAT&rfl=1%2Chttps%253A%252F%252Fwww.5.ua%252F%240
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffafd090b30d762b825f65e5b3b03fe2255c51ce75276102a663ca09c78fcc9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36047
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6484 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BWjioarDzipC_2WBuFsOkvGknl2_TManl0O14654ua_lBZdD_e_Cvmaol9q785H9RRLdhR5REmvqt-3Q9zse1dW3Noc9i4VKde-LnZKWNE8IsHudM
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 6484 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:46:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
5939
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:46:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 6484 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:46:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
5939
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:46:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6484 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48184
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672836157132942"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 05:25:35 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 954A 		143 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2512
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 04:43:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame EE73 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:46:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
5939
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:46:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame EE73 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:46:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
5939
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:46:36 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 5037 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10957452735446956112/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 13:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
58394
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2568
x-xss-protection
0
server
cafe
etag
6734328975651772599
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 05 Jan 2023 13:12:21 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5037 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10957452735446956112/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 19:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
34349
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 05 Jan 2023 19:53:06 GMT
4541392b5726d0c4147f539962cfed7d.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10957452735446956112/ Frame 5037 		100 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10957452735446956112/4541392b5726d0c4147f539962cfed7d.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10957452735446956112/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbfef9828432f23d937b18571a46cf55421c265fdb9026c6ae613707f4e80fa5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 29 Dec 2022 07:39:29 GMT
age
596766
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29008
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 21:34:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 29 Dec 2023 07:39:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EE73 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48184
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672836157132942"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 05:25:35 GMT
truncated
/ Frame EE73 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c06dcc1b1e303980cf289c2f1206ab4b65031a79e03692b0c44ca77c7bf57a0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 954A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:35 GMT
expires
Thu, 05 Jan 2023 05:25:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:35 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 5037 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700|Amiri:400i
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10957452735446956112/4541392b5726d0c4147f539962cfed7d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dab2f72a59de68c07f538afbc78df921e84bf411109eb74b11cbc20e73a624a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 05:25:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 05:25:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Jan 2023 05:25:35 GMT
0f91d1d5c614fca7a578a00b5143e281.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10957452735446956112/media/ Frame 5037 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10957452735446956112/media/0f91d1d5c614fca7a578a00b5143e281.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10957452735446956112/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4cc11fbb619afaaa8456ec44c80212912a7df2bb0cac1fabec428adc1183acd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 29 Dec 2022 07:39:29 GMT
x-content-type-options
nosniff
age
596766
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10504
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 21:34:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 29 Dec 2023 07:39:29 GMT
f9475aed458559c245707511662f5223.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10957452735446956112/media/ Frame 5037 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10957452735446956112/media/f9475aed458559c245707511662f5223.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10957452735446956112/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e263a0eaa2a7e08db2faae2b2cc983a5cde7c335582abb9262c9e5631401796
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 30 Dec 2022 17:13:05 GMT
x-content-type-options
nosniff
age
475950
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7648
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 21:34:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 30 Dec 2023 17:13:05 GMT
rum
dsum-sec.casalemedia.com/ Frame 6362
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC-znfZxM48vAM9WcJYwoJo&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC-znfZxM48vAM9WcJYwoJo&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC-znfZxM48vAM9WcJYwoJo&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjj8_zbATAB&v=APEucNUmDljkBU_nB4hGK-cn48K36y3p5Us9jJyeg3S5j8x_oIa68OmtCdBl8qfbWjCBDdX-hwl92GmmVYGqIyRKEYmg4Zcf3qcOTglEfU5NDTisdOBUEo9ldbgaFEE4ubvSudokAInKuHmQI3X2Z_7Li8czuhxtCYTSkoFl7sSdF7_pnOxJs24
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEC-znfZxM48vAM9WcJYwoJo&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 6362
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y7ZfTxeSYUWkX5XdL8vMqgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDNFIvabCpkeiSe2XR2lbyE&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDNFIvabCpkeiSe2XR2lbyE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjj8_zbATAB&v=APEucNUmDljkBU_nB4hGK-cn48K36y3p5Us9jJyeg3S5j8x_oIa68OmtCdBl8qfbWjCBDdX-hwl92GmmVYGqIyRKEYmg4Zcf3qcOTglEfU5NDTisdOBUEo9ldbgaFEE4ubvSudokAInKuHmQI3X2Z_7Li8czuhxtCYTSkoFl7sSdF7_pnOxJs24
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDNFIvabCpkeiSe2XR2lbyE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6362
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEAa2C-QOHl4FAdBWJ9rOIw&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEEAa2C-QOHl4FAdBWJ9rOIw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjj8_zbATAB&v=APEucNUmDljkBU_nB4hGK-cn48K36y3p5Us9jJyeg3S5j8x_oIa68OmtCdBl8qfbWjCBDdX-hwl92GmmVYGqIyRKEYmg4Zcf3qcOTglEfU5NDTisdOBUEo9ldbgaFEE4ubvSudokAInKuHmQI3X2Z_7Li8czuhxtCYTSkoFl7sSdF7_pnOxJs24
Protocol
HTTP/1.1
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:35 GMT
AN-X-Request-Uuid
e3ea34ab-6d04-4fee-abc0-c7040d1b0cea
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.162.209.134; 178.162.209.134; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEEAa2C-QOHl4FAdBWJ9rOIw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6362
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc2NDUwNDI3MDgyMzM1MDcy
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc2NDUwNDI3MDgyMzM1MDcy
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjj8_zbATAB&v=APEucNUmDljkBU_nB4hGK-cn48K36y3p5Us9jJyeg3S5j8x_oIa68OmtCdBl8qfbWjCBDdX-hwl92GmmVYGqIyRKEYmg4Zcf3qcOTglEfU5NDTisdOBUEo9ldbgaFEE4ubvSudokAInKuHmQI3X2Z_7Li8czuhxtCYTSkoFl7sSdF7_pnOxJs24
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 05 Jan 2023 05:25:35 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
178.162.209.134; 178.162.209.134; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d85dfde3-6775-4d21-8ad3-7b4582ff7304
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc2NDUwNDI3MDgyMzM1MDcy
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
J7afnpd8CGxBHpUrhLEY6w.woff2
fonts.gstatic.com/s/amiri/v26/ Frame 5037 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/amiri/v26/J7afnpd8CGxBHpUrhLEY6w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Amiri:400i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db8272e285df5c20fa15d48830d6b4bd2feaca2afadc6346e5a9d1731d3fa81b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 01:15:47 GMT
x-content-type-options
nosniff
age
14988
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22396
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 18:44:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:15:47 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5037 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Amiri:400i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 05:09:29 GMT
x-content-type-options
nosniff
age
519366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Dec 2023 05:09:29 GMT
truncated
/ Frame 5037 		367 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b2ce30a0fd9179d017e46492fd0603c2842109afdbbf1faf868630d4d9cf40a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 6484 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
Origin
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 07:35:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78615
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Jan 2023 07:35:20 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230103/r20110914/elements/html/ Frame 6484 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230103/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DefUhvWc6Da3Juc4qFt4JocjSIWfZsLIQvyzLaK7ymBsaT1HEt4qlhrDXz9Rjm-QCpnWbI2LpagRZm7tTMbJk0d1vKE5mUVB3CGhGdW5VwG7Y2O9fubc7dFf9X1QR9sUn7CllzV8hp_LLNwq_Fag8XSdUnfUnURBOxLqNwZInHEfgOzyo&dbm_d=AKAmf-BySrYyuyDaDqquBoT95GDNnjer1zbB3c7tMe6E8udKqj-k89vaJAOh39L1M4XFvKjrtkPDT5VWdLcaje29W_QQsI6NqEMQTpb-ZfT9A6cWwKlpMim_6xaxTtPUxAfEIOspgObSUDZc90wgHX-0-4Je1j0WX2zPU2KQvr1dPjwiq6s6QG1_wURnxVRsxW1HZd6sDSdCXeEHyzVjqIMjlNecyyJ6bD9Z8arrGBcdEdQpWBhG25m-6kqMC4yngGAqdCG7BckHFiASvfGMho18mi89wmzMNtTJx00ueGEHAAu7N-EXo44PoxPZ5D_qsL9Cw4PQhiiym_uNtIFZ10sFs9MJUhFZSau_DNVpqjtMRHaN2O958nhFhTk9APtGwZ73K-2BZQXH9w1q7uWkhZqbykxV5IKBB9HzYdbluVBAAzNcUPPGyX3vd5OmQpvGOmT12045h94QnKMEyuexcovICcvlF_CmJbKz6mN7nF2fiIoItCcqoy-PJVT5gigJY1rnXctk9ZS4WzWo4pN-DPAg6ryeNh9iLDf-sA7nd0HtH6K0PQSgFh3zt9CZlQGL3qgxP4kITS3sGKtO6yIRVPuei9jVBpWf3FZP7nRT5T6LwZzuwMHbnA37YvRB32vkRF5Thlyak7COqPg3lBOaPHGSHHl6KYZGWJ3QD9vNYbjw209ZHrLJkRg2cdw5nUilkIYv1vxgtupiJh90HWFxIAAnc3Gpj3TVDjFDZxrlkrNu1lVkNdheYEcFbqNCzod4WjrA5n5A_Cy0Oa18LAfDfVdMgh1IpJ6GzERgFN914-kImgD8Ji20ZZZjO5J9Bmz92G3-_C8tcFaH5klu9TUUhx_90UZZzCrfjBHFCTrIg2HNX9de649Lj30x6YHtvWgL2sPdXVwLL01DyWjECEdRDXToJ_13o0hSYXDWINpzVC8rxfnzk4u6LkmHYMK7Y0QovSI075nxUybOPeV2GnGHYKilOZq7mAKxGNaf3irCZIiVa_QBK5dvAv17Is0mBiwWrWy2WVNqLtrNS0Berf4DYg2j7KRQfmnFtdV79A_ooDU-3B5G2T87qLNawhwOiF6UtrbWkVCRLANvDlKZfiExTBzYQp_AedTBDfBLjjj4drGsPZVH9tZ4UfFyVUceeMSGxLTH8xf-4yYWclw9XrIaVoCpbIBJAQFOnDwms5Yb8IOlwjaGmVHExSNxnAgwoidKOuqKBwBUeC7UJCCDVZ5MSj2ojXWc0FMrM3gUp5yEGd0UPPG6aCefuSQaQNi2O36RCLIMtP-tnhLle1Oz7mxEJzeZbyk2yDwjbzJzZacV452teSbWtOCrMQ0sK7cV-8praueUbSSezIKh-pWUdRO9hCopMs25mMep5jBgLbZawtSHcwAsUogIVCm-z5U-L2Epb6Ex0ckgtn-k_4s1gklkE8cdk3dvQZqb3Y5Z3LwwsvdrlsGUM4DPzZ2ltNZeihCsYtt3QajjoeWdgX2UAZJtIGJO5fBx3usUkGiUN6FXNEyCQekjswaMnjPHnQM6TRp1Uw_TjWzPVN2BhTFPQTCf-dG-RMmZWkpgNV7nS5e--NGgPU_DrZd2biZdtezUYaYWqZiMogEADep9aGXsQGia4Ykb5WNe7SOCk-NQ5WOmRIirkc-3p8rMokIpX11EluvqgvHsfbvtL8NlEyWDFsRJRQQcs_WkMB-UMGeer8tu8EIYOiXqYRyjFL7YkGS5LPt_GHusQjKo2V6uvLYPFYSBvHCQ1QAyf8se5GvfBqCBsA7DpYWeyklzRHrZjRXIq8p5JkMzcBMEdpJCI1bYVLRXirw097YEJF7Ynf3UoZSu9L5QuKIyvu3xvOuyzElGwmmzWuLrLEwH9Igdawp6I2Ecs-tkY2RUwAEL8-gwb7ZHPYxieZDt26ayvPYFIWV-bLkVWG7MeOwYejpsPvx9Lig8WZjUTtP79d3sMHNCMjiRW659jDTpchqCPKczWdUkRbcdPxz1zLMXtc5eLYuPrPv_k3kyms-aghQpT7RqJ8aYVCdMUZyoC1WUdka_QF5Q9txIKcWixuKLO1BfGD_reX6yfDh6H7oOxk4O7lvsDOuK2OZXq8iUJWnLWqz-ijP3bQHdoG0TAKI8vXw__NjEIry-ywyPoqbWbSDuCee0M3UdYsrGvqvMuep-eO5XdHQxE0FnX9EMtiMLbMnnjBfHMH-iSRV8bgr7YTUn2yH7wlVIL12S14f2JhVeOmWOyvV-SMlvW2-_TtFCKeOi7Db0GnThRL24hpWhamoIiVAVC4yAtNtJGo7Ob-O8NwjAnBhKERxmFMnaMAbhafOJmg7RZ86sv3AYALhWWS85YJKOvgqSbn5Y0Q0CQQQdJjbbt13b-3zItVtNFuAVwRjoMkVop31_YiQ4yP8pMVGjddVsxxx3nyGt0eVA7ZZZwCrkDwCYTob9k3e6ezgL8wBqJ_YiWALyaw6nqFBk89RUCUm9FSUuHhfj2hesc_BB6zSYQakXSyxUoMhLgFoaguub3BRg2I7nhMx-tj1ZA7lMX9QHJ6SjUk6OjiofpUmiNFsD_PKcXWyObTjKlN5ZT1ZwpCZ5AOFJOusCuXIrBFLmwJdcs25xp4BhKaa2DN-DwEXTlNiBA2woF90yzv52M01qD82QFnUAMQoWv4Ivv5sy9W4aHHWYDOb24wTIr0RiH2nVzSGy7ZUNYEYIOrGOvEPbIaNedjHUirO2I8JKNDVlSzViU54pHEgRaN3a2uUSFe02zOBhLtJU1f3qJSOFggJFSmim9F3xV7beHsbyHLujIuKroENGIOJ_hKSxO0H1gL7AUX9yXXM5gVh91i4c3zr-M7isgEZ1RFYtS58Wk4IguvJVUxU5TygLvGgrGfr_KJjjiKgzBlXd9zlb86uI3968U6mpMDHHXtm33JYCKK9SUoqUDTRhZsG5z5u1q-1SE2qEIq-GqNuMHThVly0IDa0Wflg5Jw54b2l_OochJzid8iPhYkOx8CL3X3rz5VuAYXb1JZQ-fcGOSs0PnEW2WsIB15Dwd74-R75_im_eCr_PnnTDPcmLxkydasIGQcHUz-ULttM38yZjy7Rn-mXGMlOszBKILtdd4kp1AZtTnOp-si0ptGO1WnNGDTUxALm1IgBEW6oLV5hY8zD0n7T_qZRlvC2_2TUacBn-qoClqA7YC9ZE2CzBrL-iXZ9IgdDAFoOgLYu5R_ducchJbZ3_YLJK6ZgvwgwxgB24yuAXk6Oyi8j2-iXJuDnZOG5hzi3s4nNbMY6etbp4ERl63Ar3vFVgkzOdtJ9gUC4BJezgHM1ZFJjlqvY_CYkcAtpfeSEkr7zrMIVEpw2FdbDkeGx1KYfMb5WjmWjY6ydBTsYs8po6lD9Sk114vD0qSngmdK16aAQSuCBZCqUS2EMkiuONqhXKgOmM5xGGsoHqBYA95Yp-pisjTh8F-aXj13Om9VLc3SUeW6e985jL00KolSF2K1gZLKfxJrCH1sVCF80g6MRvUeB3X7LOsH--z3uqNa6pg1x3fgGmV_CjdslF4PiK9wnaOtQSkZh56yfPGsSqZbMnjSSrJKzTPoBEhHG_CPyv3nCrk-kTgs3cQwG_t0SPedfQqiSQHdzFSTFxB-KTKo8ZktDywRy4MIAB8V1rgzF6eK__yvw8nPhM1K1dacS74cv4lS49tc6R0DKAeclsI8BgUMuossVHGO09S7Xpxv4Ol8hNAZXsT_I38nNd2oPQqhsqGlpC8HKfwjQW7suWFDRNwwr2WZ5YCTfbaWPnN81LlIE&cid=CAQSTADq26N9Mz8Pj_QrA-n2Lgq9f9Z_LiYcLSNyi32sD_1EnJre3bxmrnNh-5E0h4Y9t5FUgmB9rofn9UbLquRQVFVhRmsQVqB9MFTOrgwYASAT&rfl=1%2Chttps%253A%252F%252Fwww.5.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:38:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
6418
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:38:37 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame 6484 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DefUhvWc6Da3Juc4qFt4JocjSIWfZsLIQvyzLaK7ymBsaT1HEt4qlhrDXz9Rjm-QCpnWbI2LpagRZm7tTMbJk0d1vKE5mUVB3CGhGdW5VwG7Y2O9fubc7dFf9X1QR9sUn7CllzV8hp_LLNwq_Fag8XSdUnfUnURBOxLqNwZInHEfgOzyo&dbm_d=AKAmf-BySrYyuyDaDqquBoT95GDNnjer1zbB3c7tMe6E8udKqj-k89vaJAOh39L1M4XFvKjrtkPDT5VWdLcaje29W_QQsI6NqEMQTpb-ZfT9A6cWwKlpMim_6xaxTtPUxAfEIOspgObSUDZc90wgHX-0-4Je1j0WX2zPU2KQvr1dPjwiq6s6QG1_wURnxVRsxW1HZd6sDSdCXeEHyzVjqIMjlNecyyJ6bD9Z8arrGBcdEdQpWBhG25m-6kqMC4yngGAqdCG7BckHFiASvfGMho18mi89wmzMNtTJx00ueGEHAAu7N-EXo44PoxPZ5D_qsL9Cw4PQhiiym_uNtIFZ10sFs9MJUhFZSau_DNVpqjtMRHaN2O958nhFhTk9APtGwZ73K-2BZQXH9w1q7uWkhZqbykxV5IKBB9HzYdbluVBAAzNcUPPGyX3vd5OmQpvGOmT12045h94QnKMEyuexcovICcvlF_CmJbKz6mN7nF2fiIoItCcqoy-PJVT5gigJY1rnXctk9ZS4WzWo4pN-DPAg6ryeNh9iLDf-sA7nd0HtH6K0PQSgFh3zt9CZlQGL3qgxP4kITS3sGKtO6yIRVPuei9jVBpWf3FZP7nRT5T6LwZzuwMHbnA37YvRB32vkRF5Thlyak7COqPg3lBOaPHGSHHl6KYZGWJ3QD9vNYbjw209ZHrLJkRg2cdw5nUilkIYv1vxgtupiJh90HWFxIAAnc3Gpj3TVDjFDZxrlkrNu1lVkNdheYEcFbqNCzod4WjrA5n5A_Cy0Oa18LAfDfVdMgh1IpJ6GzERgFN914-kImgD8Ji20ZZZjO5J9Bmz92G3-_C8tcFaH5klu9TUUhx_90UZZzCrfjBHFCTrIg2HNX9de649Lj30x6YHtvWgL2sPdXVwLL01DyWjECEdRDXToJ_13o0hSYXDWINpzVC8rxfnzk4u6LkmHYMK7Y0QovSI075nxUybOPeV2GnGHYKilOZq7mAKxGNaf3irCZIiVa_QBK5dvAv17Is0mBiwWrWy2WVNqLtrNS0Berf4DYg2j7KRQfmnFtdV79A_ooDU-3B5G2T87qLNawhwOiF6UtrbWkVCRLANvDlKZfiExTBzYQp_AedTBDfBLjjj4drGsPZVH9tZ4UfFyVUceeMSGxLTH8xf-4yYWclw9XrIaVoCpbIBJAQFOnDwms5Yb8IOlwjaGmVHExSNxnAgwoidKOuqKBwBUeC7UJCCDVZ5MSj2ojXWc0FMrM3gUp5yEGd0UPPG6aCefuSQaQNi2O36RCLIMtP-tnhLle1Oz7mxEJzeZbyk2yDwjbzJzZacV452teSbWtOCrMQ0sK7cV-8praueUbSSezIKh-pWUdRO9hCopMs25mMep5jBgLbZawtSHcwAsUogIVCm-z5U-L2Epb6Ex0ckgtn-k_4s1gklkE8cdk3dvQZqb3Y5Z3LwwsvdrlsGUM4DPzZ2ltNZeihCsYtt3QajjoeWdgX2UAZJtIGJO5fBx3usUkGiUN6FXNEyCQekjswaMnjPHnQM6TRp1Uw_TjWzPVN2BhTFPQTCf-dG-RMmZWkpgNV7nS5e--NGgPU_DrZd2biZdtezUYaYWqZiMogEADep9aGXsQGia4Ykb5WNe7SOCk-NQ5WOmRIirkc-3p8rMokIpX11EluvqgvHsfbvtL8NlEyWDFsRJRQQcs_WkMB-UMGeer8tu8EIYOiXqYRyjFL7YkGS5LPt_GHusQjKo2V6uvLYPFYSBvHCQ1QAyf8se5GvfBqCBsA7DpYWeyklzRHrZjRXIq8p5JkMzcBMEdpJCI1bYVLRXirw097YEJF7Ynf3UoZSu9L5QuKIyvu3xvOuyzElGwmmzWuLrLEwH9Igdawp6I2Ecs-tkY2RUwAEL8-gwb7ZHPYxieZDt26ayvPYFIWV-bLkVWG7MeOwYejpsPvx9Lig8WZjUTtP79d3sMHNCMjiRW659jDTpchqCPKczWdUkRbcdPxz1zLMXtc5eLYuPrPv_k3kyms-aghQpT7RqJ8aYVCdMUZyoC1WUdka_QF5Q9txIKcWixuKLO1BfGD_reX6yfDh6H7oOxk4O7lvsDOuK2OZXq8iUJWnLWqz-ijP3bQHdoG0TAKI8vXw__NjEIry-ywyPoqbWbSDuCee0M3UdYsrGvqvMuep-eO5XdHQxE0FnX9EMtiMLbMnnjBfHMH-iSRV8bgr7YTUn2yH7wlVIL12S14f2JhVeOmWOyvV-SMlvW2-_TtFCKeOi7Db0GnThRL24hpWhamoIiVAVC4yAtNtJGo7Ob-O8NwjAnBhKERxmFMnaMAbhafOJmg7RZ86sv3AYALhWWS85YJKOvgqSbn5Y0Q0CQQQdJjbbt13b-3zItVtNFuAVwRjoMkVop31_YiQ4yP8pMVGjddVsxxx3nyGt0eVA7ZZZwCrkDwCYTob9k3e6ezgL8wBqJ_YiWALyaw6nqFBk89RUCUm9FSUuHhfj2hesc_BB6zSYQakXSyxUoMhLgFoaguub3BRg2I7nhMx-tj1ZA7lMX9QHJ6SjUk6OjiofpUmiNFsD_PKcXWyObTjKlN5ZT1ZwpCZ5AOFJOusCuXIrBFLmwJdcs25xp4BhKaa2DN-DwEXTlNiBA2woF90yzv52M01qD82QFnUAMQoWv4Ivv5sy9W4aHHWYDOb24wTIr0RiH2nVzSGy7ZUNYEYIOrGOvEPbIaNedjHUirO2I8JKNDVlSzViU54pHEgRaN3a2uUSFe02zOBhLtJU1f3qJSOFggJFSmim9F3xV7beHsbyHLujIuKroENGIOJ_hKSxO0H1gL7AUX9yXXM5gVh91i4c3zr-M7isgEZ1RFYtS58Wk4IguvJVUxU5TygLvGgrGfr_KJjjiKgzBlXd9zlb86uI3968U6mpMDHHXtm33JYCKK9SUoqUDTRhZsG5z5u1q-1SE2qEIq-GqNuMHThVly0IDa0Wflg5Jw54b2l_OochJzid8iPhYkOx8CL3X3rz5VuAYXb1JZQ-fcGOSs0PnEW2WsIB15Dwd74-R75_im_eCr_PnnTDPcmLxkydasIGQcHUz-ULttM38yZjy7Rn-mXGMlOszBKILtdd4kp1AZtTnOp-si0ptGO1WnNGDTUxALm1IgBEW6oLV5hY8zD0n7T_qZRlvC2_2TUacBn-qoClqA7YC9ZE2CzBrL-iXZ9IgdDAFoOgLYu5R_ducchJbZ3_YLJK6ZgvwgwxgB24yuAXk6Oyi8j2-iXJuDnZOG5hzi3s4nNbMY6etbp4ERl63Ar3vFVgkzOdtJ9gUC4BJezgHM1ZFJjlqvY_CYkcAtpfeSEkr7zrMIVEpw2FdbDkeGx1KYfMb5WjmWjY6ydBTsYs8po6lD9Sk114vD0qSngmdK16aAQSuCBZCqUS2EMkiuONqhXKgOmM5xGGsoHqBYA95Yp-pisjTh8F-aXj13Om9VLc3SUeW6e985jL00KolSF2K1gZLKfxJrCH1sVCF80g6MRvUeB3X7LOsH--z3uqNa6pg1x3fgGmV_CjdslF4PiK9wnaOtQSkZh56yfPGsSqZbMnjSSrJKzTPoBEhHG_CPyv3nCrk-kTgs3cQwG_t0SPedfQqiSQHdzFSTFxB-KTKo8ZktDywRy4MIAB8V1rgzF6eK__yvw8nPhM1K1dacS74cv4lS49tc6R0DKAeclsI8BgUMuossVHGO09S7Xpxv4Ol8hNAZXsT_I38nNd2oPQqhsqGlpC8HKfwjQW7suWFDRNwwr2WZ5YCTfbaWPnN81LlIE&cid=CAQSTADq26N9Mz8Pj_QrA-n2Lgq9f9Z_LiYcLSNyi32sD_1EnJre3bxmrnNh-5E0h4Y9t5FUgmB9rofn9UbLquRQVFVhRmsQVqB9MFTOrgwYASAT&rfl=1%2Chttps%253A%252F%252Fwww.5.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7199cf7ceabf89db36696a2ac103d5cf4d63d4a24f704d5d76df4d90fb572b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:38:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
6417
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11494
x-xss-protection
0
server
cafe
etag
10034648733587439634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:38:38 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6484 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 08:56:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
419326
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Dec 2023 08:56:49 GMT
truncated
/ Frame 6484 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3af936a2c1852a8798115fe517a17b22c6226ebc964babbd5ce0ba8e81a50033

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
pagead2.googlesyndication.com/bg/ Frame 5037 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:39:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92749
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16095
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:39:46 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 92C1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
417587
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 31 Dec 2022 09:25:48 GMT
expires
Sun, 31 Dec 2023 09:25:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
728x090.html
s0.2mdn.net/sadbundle/309242491310178304/ Frame 9DF8 		45 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/309242491310178304/728x090.html?e=69&leftOffset=0&topOffset=0&c=Lw1zVz4R8e&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d775064382a0799231e565c5458e520889294157a736796c9cd6b675c438178a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:35 GMT
expires
Fri, 05 Jan 2024 05:25:35 GMT
last-modified
Wed, 14 Sep 2022 11:47:34 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 6484 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvxt6OVNrI29u8-4QofURfKw17Cf3fvF5tQld7--Lsz3o1YO8YmM0pIxYIGy_z5dMa4qOQi-e94iX6Ochod2_p-w57097FQ0iYWt_vZVyTBeywLAxLHhnEsBuRDwYoH9RNr6OZvHkwQaNr4vcUv87BoD5qrCkIVOYrPH3h3H5ImbWlZcBiNi6_bJGW_yRELWS_mTrb5p9Aj_Ch_CRocPZKPpQ32hGH2HssgFRZgwCXA3XXLMU9qXYRji1zTueyYdCfGB8PUO_ApMwAly8ACANJm-t7bflG6SEX_k6CECin6Kv0lUgz7n_81mhn4LXXgaRbIRQ4kTPIrtB0K1L9VYh_8vO9Fh-sLfEkZq_uF3geyl84WbQnt-5PBOASsXODlsI3mjiCfaKVFBrHMPogR0B0Qeg58UgcvHvjzNu7E180WKTHULqcUAyIjs0R3Rr_8-VZZCjUWeoPlNJPJTRxJxBUjrtQxcELRFg2wCVnJZCPwzU0HCCDCVOqAqDNO8DMUpLen4u6XCselyjPEaXIoUAWfOIrNSR4vm5ZzJ03v_vvGgtP8sOBVUSZxodlmG9301dLWwqDjN9tIbdfwrL1rHE6JfQYDu1nOctr78TkxiRk5DhmO44zDojZkt3REcrmw901i83JiefeRHXU74gbfZOsq3WVl3HIgWNhJN-avl1bLRJvCf_H67E8Q-70OAFosAod5CDu9V9Hh3bFK0jBHZ863o8P04JJoeR6aj1m7wclYBcjmikydZQdEqZU3VNratxjrFGLqzn9JXy5BQ-2dRe78YPENJGLS-bYMzCkOu76GIkY_z6RqJkQqezUBCc1JTb5TSAFomf901NTNzQP2XZP1Yx8OifDIYG1utEiV_7C5sqnpdppbfl4e7k4oxysBmSEzx7I5xg13kiQ0QZfq3eA-EHIdvUUmxxKy4lA21azsIkwghcSL8vIzFtTxtQBP_WzeMPjNRgsbJ8BL45DI9ygN1BUjO7lBIwx3axl1ENgHadz9H7mGlKxBbT_txKUf2BDgyzzJpod02B5AI-LgHn0N3P6o3VN5lSvTmc5T18ouwrQ4UOpI5_HR2oHqHw3gfT-YE2YpWhoWljDWuse_8NummgVcxyNIgJZxigzEffvRNuhzROEdjMh81iyIS3gfQLwWKw6Euvx8YqHBV7LFUFe1yA2ToWSKaFf3USXu1v95XSVBjMBSLks07XfrnBRVVMGK1eVfXF_unXrdGDLGrAroY-pXFY_tZKHJyna8P1wp3AvV5b8M7-AbSJqpxfEv4lIaKDMSpSuBzU8&sai=AMfl-YSzrHpIbSz7xXbMEFl0kTNHOeSEK8VGDB8Hmvj4E3XQ_P9m8FimvhPMNBpia_qitjgwhCTTkBSeYbegRuAu2yZVsMRjMZ56SnY9IYEUY92vrlrrz8cr7zuettuJSc7-usGER31Fs9kuifesxWKsXzZcdW2FWO_gq4avt_OmyhshLIGt8bN-65M9C_3lwyhcAJUX0OB4YXeDAt5BHz_23g64jwq8rO8vEcYk2Q4iKyZ1ir7qMLCsnhISWqA6vUjY_FKrfX-gzEcOYbi9ndbu8BRWt7JJ66mdIWrAJNAs2A&sig=Cg0ArKJSzJm8Rfew9FfiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=182&cbvp=1&cstd=176&cisv=r20230103.55695&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 05 Jan 2023 05:25:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 05 Jan 2023 05:25:35 GMT
OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
pagead2.googlesyndication.com/bg/ Frame 92C1 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:39:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92749
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16095
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:39:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 92C1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLdwoT1-2Y_vrBZSU4gGvn7mIAgAAAAA4AeAEAg&bg=!fH-lfzvNAAYDMoyoIzI7ACkAdvg8WqU91wZz1_jlcyy9F--gCPCS9pFpWtxzRQzyiQIwmD1WE-ezUQIAAABFUgAAAAJoAQcKALvEbzCVGGp3KP6tuzpGjcUKJDE7duJnDPCQTGl0YhriQdgrDDZ6pg_W-PJS4mvXxQmzNmVQC67V8pHkfRb1q_KTNuY6eWlh2ygbDPFTrAXBbGZfey5vEFq4YalQg9Dyub-uA49WYOovz6YS5PNLMztCUnGBYJJHqy4Ie1irHvMAREiOdYRfQtodL_FVIDNUcxyYYc4Pyj34yDaY7LBtNtg2ip2XBwm0ep9T3qWLqx-MtJG9MmRk-iS6zfX5mQLYqW5uEFRh_y2ytWTBpVZ_J4NMH7nx1E_4-8tNly9oRx0SohWYAkpCn3qJ1q9fpKAgXZ79FYqEsHBlK8KY8GEsbvu6PTiN_Nw6BT7PGHKrqifgbVlpWqsHRr-C740fgtpEMp5ytRo4to3qmH_RY9Pc7mAb8V822qOUTGGaT8K4ZUgBjq_fOVtgusUjg8DK0Ka7kDXnoyrVWfrsuZl7xupKfYasoKcW3NyKRGC7hkP3sPsdJyi4FMh5W9To1frW8lmix8x22BEK2b1bjO3y2Tqq4K6NTWOLvHErS_hQjHM8cNT-2BsOfyhf2itK_VAkXFqMtbyFld9VclQHSTxGvO6L0-e--pCCAPWVLPQ58QkYdDGnwOEeyg1GKVYfqTJm9L_DVNH8tcnEDfiG_4BhqnVB5OX3MAgHeo1j1XSXSep1spWop1O1b2Euv6AUy9-Wfvi-eZgxOhenMcw69JLlJcjBELXa-qsp5q8UzWVVMqD2QdCSuspb7ninyTOMgYqya1Kv7ITTC4LqfWLFvqq6DvkiLs9MssDUSzCytEZp4gfJZmvFEohcc3qAXnu394ZfWlZoaonUi--JDRJuDw8_OxPEDEqqG0g30DLPzEH4tyVzV98C9mlTxzcrgD5-e-ycYLw3GC0YUGV-W--zsuyIT8CeKKUAMotaEUrI-YRKpZPoGmfCgfM0nxvZIkPYkbbVNzIORPCIa9qn1P_9ft61UrPLZw9e4jzz_9OauN3wnjPH4efN1a93P333SSz4zTeCVzL2cl5qV3NTduZyv7FKJLfQAuc-GMGuGO9V2I47JTO3I4krVG1bmtJYh_94YjcmTL1gaFEy_augmN0APJqLCQZKea7rxMoQubRwe6_ifZ-o7tgqhy0BmI5poEIH0x1Lm2C6TFqSO8R4v7Hb8D0tzK4Z_gR633YpX7ymfJQ_otTPZbLqEXx6W_73YRLwUYYFgyvYP13LOHnautk
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 9DF8 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/309242491310178304/728x090.html?e=69&leftOffset=0&topOffset=0&c=Lw1zVz4R8e&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/309242491310178304/728x090.html?e=69&leftOffset=0&topOffset=0&c=Lw1zVz4R8e&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 15:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48382
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Jan 2023 15:59:13 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 9DF8 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/309242491310178304/728x090.html?e=69&leftOffset=0&topOffset=0&c=Lw1zVz4R8e&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/309242491310178304/728x090.html?e=69&leftOffset=0&topOffset=0&c=Lw1zVz4R8e&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Jan 2023 05:25:35 GMT
multitracking
ghb.adtelligent.com/adunit/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hbw_master_313501_8344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.5.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.5.ua
Date
Thu, 05 Jan 2023 05:25:35 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9DF8 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17c1a8a89f2e7c6c3afdbb378254aa8609d205357ae22c52a355171b9c26a510
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5913
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 6484 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvxt6OVNrI29u8-4QofURfKw17Cf3fvF5tQld7--Lsz3o1YO8YmM0pIxYIGy_z5dMa4qOQi-e94iX6Ochod2_p-w57097FQ0iYWt_vZVyTBeywLAxLHhnEsBuRDwYoH9RNr6OZvHkwQaNr4vcUv87BoD5qrCkIVOYrPH3h3H5ImbWlZcBiNi6_bJGW_yRELWS_mTrb5p9Aj_Ch_CRocPZKPpQ32hGH2HssgFRZgwCXA3XXLMU9qXYRji1zTueyYdCfGB8PUO_ApMwAly8ACANJm-t7bflG6SEX_k6CECin6Kv0lUgz7n_81mhn4LXXgaRbIRQ4kTPIrtB0K1L9VYh_8vO9Fh-sLfEkZq_uF3geyl84WbQnt-5PBOASsXODlsI3mjiCfaKVFBrHMPogR0B0Qeg58UgcvHvjzNu7E180WKTHULqcUAyIjs0R3Rr_8-VZZCjUWeoPlNJPJTRxJxBUjrtQxcELRFg2wCVnJZCPwzU0HCCDCVOqAqDNO8DMUpLen4u6XCselyjPEaXIoUAWfOIrNSR4vm5ZzJ03v_vvGgtP8sOBVUSZxodlmG9301dLWwqDjN9tIbdfwrL1rHE6JfQYDu1nOctr78TkxiRk5DhmO44zDojZkt3REcrmw901i83JiefeRHXU74gbfZOsq3WVl3HIgWNhJN-avl1bLRJvCf_H67E8Q-70OAFosAod5CDu9V9Hh3bFK0jBHZ863o8P04JJoeR6aj1m7wclYBcjmikydZQdEqZU3VNratxjrFGLqzn9JXy5BQ-2dRe78YPENJGLS-bYMzCkOu76GIkY_z6RqJkQqezUBCc1JTb5TSAFomf901NTNzQP2XZP1Yx8OifDIYG1utEiV_7C5sqnpdppbfl4e7k4oxysBmSEzx7I5xg13kiQ0QZfq3eA-EHIdvUUmxxKy4lA21azsIkwghcSL8vIzFtTxtQBP_WzeMPjNRgsbJ8BL45DI9ygN1BUjO7lBIwx3axl1ENgHadz9H7mGlKxBbT_txKUf2BDgyzzJpod02B5AI-LgHn0N3P6o3VN5lSvTmc5T18ouwrQ4UOpI5_HR2oHqHw3gfT-YE2YpWhoWljDWuse_8NummgVcxyNIgJZxigzEffvRNuhzROEdjMh81iyIS3gfQLwWKw6Euvx8YqHBV7LFUFe1yA2ToWSKaFf3USXu1v95XSVBjMBSLks07XfrnBRVVMGK1eVfXF_unXrdGDLGrAroY-pXFY_tZKHJyna8P1wp3AvV5b8M7-AbSJqpxfEv4lIaKDMSpSuBzU8&sai=AMfl-YSzrHpIbSz7xXbMEFl0kTNHOeSEK8VGDB8Hmvj4E3XQ_P9m8FimvhPMNBpia_qitjgwhCTTkBSeYbegRuAu2yZVsMRjMZ56SnY9IYEUY92vrlrrz8cr7zuettuJSc7-usGER31Fs9kuifesxWKsXzZcdW2FWO_gq4avt_OmyhshLIGt8bN-65M9C_3lwyhcAJUX0OB4YXeDAt5BHz_23g64jwq8rO8vEcYk2Q4iKyZ1ir7qMLCsnhISWqA6vUjY_FKrfX-gzEcOYbi9ndbu8BRWt7JJ66mdIWrAJNAs2A&sig=Cg0ArKJSzJm8Rfew9FfiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=398&vt=11&dtpt=216&dett=3&cstd=176&cisv=r20230103.55695&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 05 Jan 2023 05:25:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44d66ad84a3b4091bf03fd3b3a4ab65c347a999579009153560a09fc448ddcb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11200
x-xss-protection
0
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 9DF8 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/309242491310178304/728x090.html?e=69&leftOffset=0&topOffset=0&c=Lw1zVz4R8e&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:12:33 GMT
x-content-type-options
nosniff
age
782
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Jan 2023 05:27:33 GMT
OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 9DF8 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/309242491310178304/728x090.html?e=69&leftOffset=0&topOffset=0&c=Lw1zVz4R8e&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:21:40 GMT
x-content-type-options
nosniff
age
235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46936
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Jan 2023 05:36:40 GMT
60005582_20221005064837241_ASSET.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 9DF8 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20221005064837241_ASSET.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7444309426996a119112cf7707e45a9d8852a70f814719567e91875271f731d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/309242491310178304/728x090.html?e=69&leftOffset=0&topOffset=0&c=Lw1zVz4R8e&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 21:39:34 GMT
x-content-type-options
nosniff
age
27961
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5771
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 13:48:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Jan 2023 21:39:34 GMT
60005582_20220825085202338_728x090_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 9DF8 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085202338_728x090_BG.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5bfdb5e4886a5d739b60e2a8938706714242d4e9a68cb77281630a3e518faad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/309242491310178304/728x090.html?e=69&leftOffset=0&topOffset=0&c=Lw1zVz4R8e&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 17:29:58 GMT
x-content-type-options
nosniff
age
42937
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30980
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 15:52:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Jan 2023 17:29:58 GMT
60005582_20221130230911236_728x090_INTRO.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 9DF8 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20221130230911236_728x090_INTRO.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d7cb04e2796f3071c7ec572bc008d069be429f4c7b3ad9f65eeab1743aac8e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/309242491310178304/728x090.html?e=69&leftOffset=0&topOffset=0&c=Lw1zVz4R8e&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 23:01:20 GMT
x-content-type-options
nosniff
age
23055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41096
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 07:09:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Jan 2023 23:01:20 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 9DF8 		43 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=29072291_4307561_354472651_170181287_PO2003A20230101&ref=29072291_4307561_354472651_170181287_PO2003A20230101
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 Hesse, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:35 GMT
Last-Modified
Wed, 11 May 2022 05:12:26 GMT
Server
Apache
ETag
"2b-5deb57cb16280"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
43
261394.jpg
www.5.ua/media/pictures/820x546/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/820x546/261394.jpg?t=1672772656
Requested by
Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc6a0e36b0064bb755efe9ee17c92d30eb3ed675174cffeddaa3638916d40d1b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
2331
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68546
cf-bgj
h2pri
last-modified
Tue, 03 Jan 2023 19:04:23 GMT
server
cloudflare
etag
"63b47c37-10bc2"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb519ecd2bd3-FRA
expires
Fri, 05 Jan 2024 05:25:35 GMT
261445.jpg
www.5.ua/media/pictures/300x200/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/261445.jpg?t=1672862158
Requested by
Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24fdf16b50a43befe14b6cdb650d8be2f4a0d1a56634c3c25044277a2638d9f1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
6131
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14325
cf-bgj
h2pri
last-modified
Wed, 04 Jan 2023 19:56:05 GMT
server
cloudflare
etag
"63b5d9d5-37f5"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb519ece2bd3-FRA
expires
Fri, 05 Jan 2024 05:25:35 GMT
261438.jpg
www.5.ua/media/pictures/300x200/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/261438.jpg?t=1672856050
Requested by
Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e75bab5747f9a43185b53089d94e6c8dac49101ba8990dbd0e63e0a2397e2f2c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
6131
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15619
cf-bgj
h2pri
last-modified
Wed, 04 Jan 2023 18:14:26 GMT
server
cloudflare
etag
"63b5c202-3d03"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb519ecf2bd3-FRA
expires
Fri, 05 Jan 2024 05:25:35 GMT
261435.jpg
www.5.ua/media/pictures/300x200/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/261435.jpg?t=1672856207
Requested by
Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
400402bde3a40d6fc90821288a5ade2ff1b71c4665d2f13371127c9bdfd2818c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
6139
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6629
cf-bgj
h2pri
last-modified
Wed, 04 Jan 2023 17:50:25 GMT
server
cloudflare
etag
"63b5bc61-19e5"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb519ed02bd3-FRA
expires
Fri, 05 Jan 2024 05:25:35 GMT
249966.jpg
www.5.ua/media/pictures/300x200/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/249966.jpg?t=1654108512
Requested by
Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ffa92497c29eb27ebe546d02784914a5bc7b64bf60f9e0b55ca80ab98d444bd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
6139
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8429
cf-bgj
h2pri
last-modified
Wed, 01 Jun 2022 18:35:22 GMT
server
cloudflare
etag
"6297b16a-20ed"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb519ed12bd3-FRA
expires
Fri, 05 Jan 2024 05:25:35 GMT
261394.jpg
www.5.ua/media/pictures/300x200/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/261394.jpg?t=1672772656
Requested by
Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69e13fd454e6c071720861183e532b67561144df7bb0e28e59739ec051c4b950
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
2331
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15490
cf-bgj
h2pri
last-modified
Tue, 03 Jan 2023 19:04:22 GMT
server
cloudflare
etag
"63b47c36-3c82"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb519ed22bd3-FRA
expires
Fri, 05 Jan 2024 05:25:35 GMT
261371.jpg
www.5.ua/media/pictures/300x200/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/261371.jpg?t=1672739541
Requested by
Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143dfac0ab8a97ba08efffe750ce2967c8a4662fe4e1a497cf4bbf49ecf92410
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
3112
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51997
cf-bgj
h2pri
last-modified
Tue, 03 Jan 2023 09:51:49 GMT
server
cloudflare
etag
"63b3fab5-cb1d"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb519ed32bd3-FRA
expires
Fri, 05 Jan 2024 05:25:35 GMT
260315.jpg
www.5.ua/media/pictures/300x200/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/260315.jpg?t=1670575436
Requested by
Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b00ccf044aae1bb4be339db8dadd43c62128bbf075000fc201ca6831db4f2e8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
3112
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14409
cf-bgj
h2pri
last-modified
Fri, 09 Dec 2022 08:44:01 GMT
server
cloudflare
etag
"6392f551-3849"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb519ed72bd3-FRA
expires
Fri, 05 Jan 2024 05:25:35 GMT
261222.jpg
www.5.ua/media/pictures/300x200/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/261222.jpg?t=1672419098
Requested by
Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73b01784b2f43b799631f85f365e988c629911192ba4f5f51c0fffce7198305e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
3112
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
84341
cf-bgj
h2pri
last-modified
Fri, 30 Dec 2022 16:51:22 GMT
server
cloudflare
etag
"63af170a-14975"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb519ed82bd3-FRA
expires
Fri, 05 Jan 2024 05:25:35 GMT
249836.jpg
www.5.ua/media/pictures/300x200/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/249836.jpg?t=1653907011
Requested by
Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69482f1320aa5e917d1a6e2762e03bfa8ea305d89f3cdc789f09e265d478cbc7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
3112
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9807
cf-bgj
h2pri
last-modified
Mon, 30 May 2022 10:36:55 GMT
server
cloudflare
etag
"62949e47-264f"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb519eda2bd3-FRA
expires
Fri, 05 Jan 2024 05:25:35 GMT
251726.jpg
www.5.ua/media/pictures/300x200/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/251726.jpg?t=1657120489
Requested by
Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
899bf6a636758055e310b16c4106a15fcf50f266faaec949563b9337528170ba
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
3112
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18995
cf-bgj
h2pri
last-modified
Wed, 06 Jul 2022 15:14:56 GMT
server
cloudflare
etag
"62c5a6f0-4a33"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb519edd2bd3-FRA
expires
Fri, 05 Jan 2024 05:25:35 GMT
253545.jpg
www.5.ua/media/pictures/300x72/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x72/253545.jpg?t=1663527628
Requested by
Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38f4f2711cd9cfe232637e03be9299e9971057044f20c67761561e6b9e61ad8c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
3099
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17829
cf-bgj
h2pri
last-modified
Sun, 18 Sep 2022 19:00:24 GMT
server
cloudflare
etag
"63276ac8-45a5"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb519edf2bd3-FRA
expires
Fri, 05 Jan 2024 05:25:35 GMT
246899.jpg
www.5.ua/media/pictures/300x72/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x72/246899.jpg?t=1649863318
Requested by
Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b072279843fea14eb7546c14e7eb9aec06120e73403b540d1e7c7b437e28701
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
2331
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29913
cf-bgj
h2pri
last-modified
Wed, 13 Apr 2022 15:22:08 GMT
server
cloudflare
etag
"6256eaa0-74d9"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb519ee02bd3-FRA
expires
Fri, 05 Jan 2024 05:25:35 GMT
252709.jpg
www.5.ua/media/pictures/300x72/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x72/252709.jpg?t=1658870352
Requested by
Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df6de3ab01c4d07599989eee18a197850eeace64c15a5885223585694aeb5bbf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
2331
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6632
cf-bgj
h2pri
last-modified
Tue, 26 Jul 2022 21:19:13 GMT
server
cloudflare
etag
"62e05a51-19e8"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb519ee22bd3-FRA
expires
Fri, 05 Jan 2024 05:25:35 GMT
258941.jpg
www.5.ua/media/pictures/300x200/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/258941.jpg?t=1668112923
Requested by
Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9999ad411c3c768c1fcd883503f22c594b0be2543b2aeb41e127a274d7c0b23
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
3099
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11277
cf-bgj
h2pri
last-modified
Thu, 10 Nov 2022 20:42:08 GMT
server
cloudflare
etag
"636d6220-2c0d"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb519ee52bd3-FRA
expires
Fri, 05 Jan 2024 05:25:35 GMT
258102.jpg
www.5.ua/media/pictures/300x200/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/258102.jpg?t=1666687078
Requested by
Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c5fcc334de21d86975c87945341b213308b4ab023c898e30cc4e1610367a832
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
3099
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9174
cf-bgj
h2pri
last-modified
Tue, 25 Oct 2022 08:38:02 GMT
server
cloudflare
etag
"6357a06a-23d6"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb51aee72bd3-FRA
expires
Fri, 05 Jan 2024 05:25:35 GMT
260263.jpg
www.5.ua/media/pictures/300x200/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/260263.jpg?t=1670506654
Requested by
Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06da7a9bf76208766387ec9e2d7290f00ed980713a9261f3899c4db83e9f9be6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
3099
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15421
cf-bgj
h2pri
last-modified
Thu, 08 Dec 2022 13:37:39 GMT
server
cloudflare
etag
"6391e8a3-3c3d"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb51aee92bd3-FRA
expires
Fri, 05 Jan 2024 05:25:35 GMT
243705.jpg
www.5.ua/media/pictures/300x200/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/243705.jpg?t=1645975635
Requested by
Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78205c63df7657008d76a98e2b7fa2dce63822da72e3228c97e7633ea82c012a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
3099
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8446
cf-bgj
h2pri
last-modified
Sun, 27 Feb 2022 15:27:18 GMT
server
cloudflare
etag
"621b9856-20fe"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb51aeea2bd3-FRA
expires
Fri, 05 Jan 2024 05:25:35 GMT
260265.jpg
www.5.ua/media/pictures/300x200/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.5.ua/media/pictures/300x200/260265.jpg?t=1670509147
Requested by
Host: www.5.ua
URL: https://www.5.ua/js/plugins/jquery.plugins.min.js?v=1593676928
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
689ab059779021fa4594ebe3ba0c98fb953bf0d8b54db88e4543573d07fa2852
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
3099
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10664
cf-bgj
h2pri
last-modified
Thu, 08 Dec 2022 14:19:11 GMT
server
cloudflare
etag
"6391f25f-29a8"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7849cb51aeeb2bd3-FRA
expires
Fri, 05 Jan 2024 05:25:35 GMT
bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 9DF8 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/309242491310178304/728x090.html?e=69&leftOffset=0&topOffset=0&c=Lw1zVz4R8e&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:23:12 GMT
x-content-type-options
nosniff
age
143
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27068
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 15:44:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Jan 2023 05:38:12 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9DF8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 05:25:35 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 05:25:35 GMT
OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
pagead2.googlesyndication.com/bg/ Frame C9EB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:39:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92749
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16095
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:39:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F49B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.5.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
24795
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Jan 2023 22:32:20 GMT
expires
Thu, 04 Jan 2024 22:32:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0740 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8fafbf8e0a0e16aa6d3581c7c637441bcbaa6dec85b98b21ea002649ba2bc66a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-H9g6sjGbaFA84HNLZ4eYQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.5.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-H9g6sjGbaFA84HNLZ4eYQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:35 GMT
expires
Thu, 05 Jan 2023 05:25:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
pagead2.googlesyndication.com/bg/ Frame F49B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:39:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92749
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16095
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:39:46 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0740 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120801&jk=152465706769297&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame F49B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?DQRRCQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
container.html
f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B7B4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.5.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:34 GMT
expires
Fri, 05 Jan 2024 05:25:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 27E8 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNXfGl0-zWSISL_eFVfTQAIImdFT1FTyf5Lq8RHxOeAqE8BCEj_Eu_uJ0LbZkCV_z51XIhM2E9ex79MDpHx8w50jeg6izllzai7_nTDYKTOJ96DJHqEdwtdnfwl45PK2VYyb_si71d2dgBzWdW_vdY4doXlOiA6-8aOhDUMgUjCmEelCZ5E
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame B7B4 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AuW484OJt4K135l-IChZyvWDma7n2DPVWCfd9TjH4MhzgfpVpkgni8Iv4ATr3CFBi8tj8PrviQthRFCbF0w3b1fWdsKA&cry=1&dbm_d=AKAmf-BJL7ZhBpzGzKMVLpCe3HpgHO3ECDIBGGufiDO4FgKOsbXNsjzR3Bw_Dvhxp84F6RvHQ_dUQAnxZpLm0C_0kHveAedMWOiITeEQiPDe_ivjwHYKsMe8VD81uVxFHXsFALqAk4W_9oatadMKclbYbAj41H07-1IhkKcIT81Ux_UwBnF5VN__hxVMUjZWITa7szE6mKLp6k_EvI6A-nGiju2VT-RUrASbYRIIoLGi1l2R20w2NSNgkK7TpK725YD4T9kt6wgHdeAWM8qyR642VDo3nKfDg8o0Qk5QhddSTDbr8aMNZylhPTqbqhTz764fYdqO6wumqQLzhcr4yUr9wwMH6YlEtew25riUWIWu2iFAZpNwf0ow4Qo0G-EHhWWmNe4r_DyVM2sRLpsgCoQEDBa81OaYyAK6c7R4xk58ZC0ui3G5pN45olPqdfzQridXjfmETZcO84f_ZbunHYNcBDOqhCRpWQ000ypUl6cgFnHxffKk1ZXytVV7iJPQUS6FcrmC1Hu81hltVMwiKCvt9DWoXjOl35q7_32_Vd5NrMOlD-WmIMLKofvSuhxXQGtGzlff7vXSHLB3hTq03uoT9zQvfKLUFP7lUmfpW5TMyEFPyup_-IcvGuQcY0rHKom-nFVdTaOeubCtT2gYJCFve3ObG1QEO3ylIZgLWUPpoA3hokfB3mikRqcqzLjW6uDeciBxKeLtFKfC714b98KmB-e7GSNtA-gkxSR9sbB4TB1hiBBsG_n_XE040PnmZ014x0VIENFzU6NhpTZpRNTCd6DO1xe35acfTVTKe77ZqW-Mh9n1C3dv9yMtDSCCd16t_h93dOwViioIcPw2eGgbqyQVlf6l67vAZD8u2xYhzqGVeh0i37qErNUnDEHa_p0gVnaV7PvoaPxuSoZ36wVl2COjG2dzcRdQAeuAD1_k6anISUtse_ffeZcVFmj8AehMRPTRfNvBd5M6pSmdXXj2wJapW7rivTNwQHRJEdhnFOgUuHRkFhpXNeD8BhBxZb8wuECl5tjEFJstO2T2ShYKDYoAjDhug3I5Tu_i3bNUhbOnt0lu0zhEXLYdkj2XPbnWWH6bRhJu0k-n4qGcDy0Sh820rGpLAQDzMA4XjfezhlqAWp4pyZbTw8LOZ4Nookwu9I1oTDTltjWd5hNegSgMaOICMjQXfEtzi7qm1DD4L5PuRgGotJVonwgNnYTWi60U-ocXvTwIWrzw5jpU50jLT_Jq0BXeocafAvDf_6USV_5_62Jp8ENntq1XfINhWrvFAxyACYOW7SkXxgllbZRiEq1zeZ5oSK4aTtqpGtjPU0HoKLVvR6bwEdu62crHNePnER5Z_6LDLb_jnzhsWwau1_u-Z2wAo6-oKdnlI2aw_Oxv5LRR6JVvkh3iAmBtAzpNe8a_mQs6bk_sq95bilJr2UW-PVMM_bz5_n9KTCOfsTklQKH9jZQHabYGw0QYK9EMx3ORppctBSytAua_O_dCPfcu71qk91NOxLVmNBk6pVZYgFnC_6PuTQMLGDZo9agHhocntanrUwv2gN5JNrz4MwWqcggHLPeJObXjPMlg7-ULCNegZdWLsZjxN9p7k2z_05b5tvzY0OfiFjaUs76xZnRQxlrxXwoXzlkHDc8W2FrC3DgsVcPEeLsCln_A8gFjX0xiE35040oATIEHb0JrBdELiVlwwXPPzlehBdjY9TgLjmnj88cYdHRWbSNT39qiuWZabK1VLl5A3DigW4ODI76WWnFREyExQ83xgtOoDGLMykS2c1_za_s78-rMWWs3aANaofSNHzVp-N9NuEehZR30mimvk__XHY94vpzihWKmoJ0Rl_x2I7eWsYeygFFIxb3b1VnvhIswYAyAUBolf6Eo4Lj0VAl_RF58kWiwbV6hdKTl73eZ7DyaagfzaWrdUOe7-MF9X1P3KRVN23ML_M2QAszzqlCyLXbavOVBA7DmTRirME6mPxdPniNOyoODbQr4yU0rq0QeQX0RUv0tHT2vGQ3laOQJhCXeqcHNJbBY7JHe1H7gtVuPIN4FgBV_Eq5fjxgBbJgq6Z8O1v2bNYzPbNalwIo3oV4WW7yGhJniuS0VjoAsbzC9qs0CzODp1AmqvLo1qTD6hLlwSmr9-OPv7_EZgsQAP8mQEHO40GI8knbKQxX1aRPjTtp7EnUY_GOnNAKIYIHCSe-gOkDIDNeHwrBk-Nvmz9M6hHQVR587wDIIBG3dDICjMuOR_jY0un9_RV19BX6wSkyFwqKMHMa8a5Mlo7I7zV3zjdNUXt8Sf83mJZh5xmrmebRyRBbvCmFlzMZDbSNtwOqE131DRbTP6vFCk1HsNq2Y-pHLo6FIfWU4GQSukrT2ucjDKEBSRlgRJ_TF0lepxXSytpl6ErXlMwnEbSsxQfxO7OAhAJiqV0FjVe8V9f6r0rwd_HnO9OijSm5PlwqexD41xwP4FF8niPj9h91s8cBzw0pGC2XG1l1ixfl3xkj-Zr3hJiksjuBIUmKXrb7jER5ErNvHzOWtXRhMFjDKs9ScjDC0a6CnGUPN5D8VfdmUlHHk0o_TKms_iBveXoDvbpeXoWG1BzNNhemM1HnARW5PMDkYLpZkK-0JweZoEeQc05HNWaWBX1JEUh2zZC_qN6Gmi1-qoc-Py692ZJgY9omNmGOiHTxqEdD6Ji8DWI8n5gLQSJqBXXE-dkoekJjYzejt1clwBEFIyCsENwXH3gEasBaqRmJ3KMbXF6TKVzs4K8WJvLPJbF3-oMMHrqTN3cp_4Ett6KJPATbSRjxt_cDPJG0d66BZxoS-g0CD3pDBWtkPVhafoBxfd-SRIRiwFYlOfgcXrVeJ3Qsy5TJc7UIh_epYsqPaTeCRa9SWKX48zWN-D77gG_FahShWtTxjWQDIxJT0ySBmNa8ixXonExj7IbJy680rBlKIAlm93Hp23IgXSfcNGZCrf7plQOWXrGHhIfWj0pPzzFJ17u8OgPDmZQc54_M3LzS_TH4vIIFkD861d0P8TENNoQnT0GrVnk_1rgclDqrkaLUB-SvcWmrwDTQrNQqTi7kFhDEj-P8fz95R2UhRlXcJSdPRDj2sFGwDWBUvf_3WnfnA8bZASqJ1Gw6MM8uniWsAYAwTa6XTGNy8c6ZWvxoEd_jFTUj4IWDFtYzgMNbMCWZ5LE69Z5ajwI_rwV74-J7mEI4X76IUHqZEvCKtC1fM-FeiJrZ9fASiqkpU9JvHJx-Lu4-2wZb43zM7wswtXksZEc8dasCG7cu945OuwTy1v_OIVdlqsKCfNTniYHltNVtiC2t0EMK2WDZM6tIhW289YBkSaLyndASs0jDlpXc-5GqTi4JCxEGdQgUuvAZ8qBkqh824vaYaM_WsLmXNaKXkDvnj64FWu07CzUataB5RuIlK_HP95au0gOGGEVTQ0MVHalp6KgziBdkp6nj0BGgi0eXk7SxSrrnw1GFHv-nV5etXPMz87N6-0tgFUZZTZZLUKLD64etXqeqVcCMXIZRSFu9ci--WkJysJrIO9fu6X0cjju3sD4HTZcMoJE5DvuhKYlbDXMSVPva9rufITpXNOjNPXu5czvWiaCFw5BkB-DVD&cid=CAQSPADq26N92qBf7SwJEcWLOYHY8MJXTm8NDFeQGnGMe5ng0yQSiDjvfmg8t04JvNWQDewc2FjZoo2vgEyg5RgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.5.ua%252F%240
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c18a848129cb682032ebdf02af50611e2835901de279b4ddfc014a4675364ee2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35748
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B7B4 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CWfRTkuriEbq0W9kBIuQm3mtAgvFdxz-7FwtxZV9Co2VzsRnzM22mK-O0K5OQll7JgtmjXR32pS__QAJ0z64s6xv5QSCdHCJPePQgj6ebi9YUewM0
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame B7B4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:46:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
5940
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:46:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame B7B4 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:46:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
5940
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:46:36 GMT
l
www.google.com/ads/measurement/ Frame B7B4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQ_4CQB_QYDuiNrlGRuXF8i_8fJ0MwQtHoOOAZv_lj5gd-wOGoxy-1WfpMWGxlmN_yvBHN7wTG6AxvyXrKje89VAEyNg
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B7B4 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48184
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672836157132942"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 05:25:36 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EE73 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5Ig40Bhfhotkyh8Ds2cpxvHrxJ0xEvdPQ7UPawpsHoF-lm7wpuBiIjnkr3M5uOx2ExmOXZZhVohhmMGxpG5RVGYWqWb75fQdH6JvC3RZ7WzLHHXKTbIdXfsFARwaoa3GOY_GIrA&sai=AMfl-YRMNuRX5RH5XV82Ay-wSxVrmfa3LOxhYMBBnoKXAYdjWLXPJbYpaMjQlKJx2o99tZY6R6__rCVsNT-vE-XHinZPXkvTQ6ygJ24Rh93KjIUMN-uAvecgUj_bR8xfaMnm_BycsKYltKpKLhMzMTM&sig=Cg0ArKJSzGJTVGL9DHCLEAE&cid=CAQSSwDq26N9Aoko3YbtxLbPMyPYFTIXBoXpsUy1YhIPMHF4Ze1pvoq5ipo9JS3A_av8vY3JAsY3XQ2p0zwViEm3wNQXqSecEXCR04aCFhgBIBM&id=lidar2&mcvt=1001&p=136,436,226,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3278753738&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672896334904&rpt=337&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 27E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIXnNLoNHdOpo13jVtIjMHc&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIXnNLoNHdOpo13jVtIjMHc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNXfGl0-zWSISL_eFVfTQAIImdFT1FTyf5Lq8RHxOeAqE8BCEj_Eu_uJ0LbZkCV_z51XIhM2E9ex79MDpHx8w50jeg6izllzai7_nTDYKTOJ96DJHqEdwtdnfwl45PK2VYyb_si71d2dgBzWdW_vdY4doXlOiA6-8aOhDUMgUjCmEelCZ5E
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIXnNLoNHdOpo13jVtIjMHc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 27E8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y7ZfTxeSYUWkX5XdL8vMqgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIXnNLoNHdOpo13jVtIjMHc&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIXnNLoNHdOpo13jVtIjMHc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNXfGl0-zWSISL_eFVfTQAIImdFT1FTyf5Lq8RHxOeAqE8BCEj_Eu_uJ0LbZkCV_z51XIhM2E9ex79MDpHx8w50jeg6izllzai7_nTDYKTOJ96DJHqEdwtdnfwl45PK2VYyb_si71d2dgBzWdW_vdY4doXlOiA6-8aOhDUMgUjCmEelCZ5E
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIXnNLoNHdOpo13jVtIjMHc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 27E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENcvvm-TGv-otj6X2qAZmQg&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENcvvm-TGv-otj6X2qAZmQg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNXfGl0-zWSISL_eFVfTQAIImdFT1FTyf5Lq8RHxOeAqE8BCEj_Eu_uJ0LbZkCV_z51XIhM2E9ex79MDpHx8w50jeg6izllzai7_nTDYKTOJ96DJHqEdwtdnfwl45PK2VYyb_si71d2dgBzWdW_vdY4doXlOiA6-8aOhDUMgUjCmEelCZ5E
Protocol
HTTP/1.1
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:36 GMT
AN-X-Request-Uuid
d4cbf349-9a0a-425f-8ad3-93fb09e1de64
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
178.162.209.134; 178.162.209.134; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENcvvm-TGv-otj6X2qAZmQg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 27E8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc2NDUwNDI3MDgyMzM1MDcy
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc2NDUwNDI3MDgyMzM1MDcy
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNXfGl0-zWSISL_eFVfTQAIImdFT1FTyf5Lq8RHxOeAqE8BCEj_Eu_uJ0LbZkCV_z51XIhM2E9ex79MDpHx8w50jeg6izllzai7_nTDYKTOJ96DJHqEdwtdnfwl45PK2VYyb_si71d2dgBzWdW_vdY4doXlOiA6-8aOhDUMgUjCmEelCZ5E
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 05 Jan 2023 05:25:36 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
178.162.209.134; 178.162.209.134; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f64c258d-515e-4544-9ff0-3e0149892f7e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc2NDUwNDI3MDgyMzM1MDcy
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_obb_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame B7B4 		119 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
Origin
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 08:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75809
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42405
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Jan 2023 08:22:07 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230103/r20110914/elements/html/ Frame B7B4 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230103/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AuW484OJt4K135l-IChZyvWDma7n2DPVWCfd9TjH4MhzgfpVpkgni8Iv4ATr3CFBi8tj8PrviQthRFCbF0w3b1fWdsKA&cry=1&dbm_d=AKAmf-BJL7ZhBpzGzKMVLpCe3HpgHO3ECDIBGGufiDO4FgKOsbXNsjzR3Bw_Dvhxp84F6RvHQ_dUQAnxZpLm0C_0kHveAedMWOiITeEQiPDe_ivjwHYKsMe8VD81uVxFHXsFALqAk4W_9oatadMKclbYbAj41H07-1IhkKcIT81Ux_UwBnF5VN__hxVMUjZWITa7szE6mKLp6k_EvI6A-nGiju2VT-RUrASbYRIIoLGi1l2R20w2NSNgkK7TpK725YD4T9kt6wgHdeAWM8qyR642VDo3nKfDg8o0Qk5QhddSTDbr8aMNZylhPTqbqhTz764fYdqO6wumqQLzhcr4yUr9wwMH6YlEtew25riUWIWu2iFAZpNwf0ow4Qo0G-EHhWWmNe4r_DyVM2sRLpsgCoQEDBa81OaYyAK6c7R4xk58ZC0ui3G5pN45olPqdfzQridXjfmETZcO84f_ZbunHYNcBDOqhCRpWQ000ypUl6cgFnHxffKk1ZXytVV7iJPQUS6FcrmC1Hu81hltVMwiKCvt9DWoXjOl35q7_32_Vd5NrMOlD-WmIMLKofvSuhxXQGtGzlff7vXSHLB3hTq03uoT9zQvfKLUFP7lUmfpW5TMyEFPyup_-IcvGuQcY0rHKom-nFVdTaOeubCtT2gYJCFve3ObG1QEO3ylIZgLWUPpoA3hokfB3mikRqcqzLjW6uDeciBxKeLtFKfC714b98KmB-e7GSNtA-gkxSR9sbB4TB1hiBBsG_n_XE040PnmZ014x0VIENFzU6NhpTZpRNTCd6DO1xe35acfTVTKe77ZqW-Mh9n1C3dv9yMtDSCCd16t_h93dOwViioIcPw2eGgbqyQVlf6l67vAZD8u2xYhzqGVeh0i37qErNUnDEHa_p0gVnaV7PvoaPxuSoZ36wVl2COjG2dzcRdQAeuAD1_k6anISUtse_ffeZcVFmj8AehMRPTRfNvBd5M6pSmdXXj2wJapW7rivTNwQHRJEdhnFOgUuHRkFhpXNeD8BhBxZb8wuECl5tjEFJstO2T2ShYKDYoAjDhug3I5Tu_i3bNUhbOnt0lu0zhEXLYdkj2XPbnWWH6bRhJu0k-n4qGcDy0Sh820rGpLAQDzMA4XjfezhlqAWp4pyZbTw8LOZ4Nookwu9I1oTDTltjWd5hNegSgMaOICMjQXfEtzi7qm1DD4L5PuRgGotJVonwgNnYTWi60U-ocXvTwIWrzw5jpU50jLT_Jq0BXeocafAvDf_6USV_5_62Jp8ENntq1XfINhWrvFAxyACYOW7SkXxgllbZRiEq1zeZ5oSK4aTtqpGtjPU0HoKLVvR6bwEdu62crHNePnER5Z_6LDLb_jnzhsWwau1_u-Z2wAo6-oKdnlI2aw_Oxv5LRR6JVvkh3iAmBtAzpNe8a_mQs6bk_sq95bilJr2UW-PVMM_bz5_n9KTCOfsTklQKH9jZQHabYGw0QYK9EMx3ORppctBSytAua_O_dCPfcu71qk91NOxLVmNBk6pVZYgFnC_6PuTQMLGDZo9agHhocntanrUwv2gN5JNrz4MwWqcggHLPeJObXjPMlg7-ULCNegZdWLsZjxN9p7k2z_05b5tvzY0OfiFjaUs76xZnRQxlrxXwoXzlkHDc8W2FrC3DgsVcPEeLsCln_A8gFjX0xiE35040oATIEHb0JrBdELiVlwwXPPzlehBdjY9TgLjmnj88cYdHRWbSNT39qiuWZabK1VLl5A3DigW4ODI76WWnFREyExQ83xgtOoDGLMykS2c1_za_s78-rMWWs3aANaofSNHzVp-N9NuEehZR30mimvk__XHY94vpzihWKmoJ0Rl_x2I7eWsYeygFFIxb3b1VnvhIswYAyAUBolf6Eo4Lj0VAl_RF58kWiwbV6hdKTl73eZ7DyaagfzaWrdUOe7-MF9X1P3KRVN23ML_M2QAszzqlCyLXbavOVBA7DmTRirME6mPxdPniNOyoODbQr4yU0rq0QeQX0RUv0tHT2vGQ3laOQJhCXeqcHNJbBY7JHe1H7gtVuPIN4FgBV_Eq5fjxgBbJgq6Z8O1v2bNYzPbNalwIo3oV4WW7yGhJniuS0VjoAsbzC9qs0CzODp1AmqvLo1qTD6hLlwSmr9-OPv7_EZgsQAP8mQEHO40GI8knbKQxX1aRPjTtp7EnUY_GOnNAKIYIHCSe-gOkDIDNeHwrBk-Nvmz9M6hHQVR587wDIIBG3dDICjMuOR_jY0un9_RV19BX6wSkyFwqKMHMa8a5Mlo7I7zV3zjdNUXt8Sf83mJZh5xmrmebRyRBbvCmFlzMZDbSNtwOqE131DRbTP6vFCk1HsNq2Y-pHLo6FIfWU4GQSukrT2ucjDKEBSRlgRJ_TF0lepxXSytpl6ErXlMwnEbSsxQfxO7OAhAJiqV0FjVe8V9f6r0rwd_HnO9OijSm5PlwqexD41xwP4FF8niPj9h91s8cBzw0pGC2XG1l1ixfl3xkj-Zr3hJiksjuBIUmKXrb7jER5ErNvHzOWtXRhMFjDKs9ScjDC0a6CnGUPN5D8VfdmUlHHk0o_TKms_iBveXoDvbpeXoWG1BzNNhemM1HnARW5PMDkYLpZkK-0JweZoEeQc05HNWaWBX1JEUh2zZC_qN6Gmi1-qoc-Py692ZJgY9omNmGOiHTxqEdD6Ji8DWI8n5gLQSJqBXXE-dkoekJjYzejt1clwBEFIyCsENwXH3gEasBaqRmJ3KMbXF6TKVzs4K8WJvLPJbF3-oMMHrqTN3cp_4Ett6KJPATbSRjxt_cDPJG0d66BZxoS-g0CD3pDBWtkPVhafoBxfd-SRIRiwFYlOfgcXrVeJ3Qsy5TJc7UIh_epYsqPaTeCRa9SWKX48zWN-D77gG_FahShWtTxjWQDIxJT0ySBmNa8ixXonExj7IbJy680rBlKIAlm93Hp23IgXSfcNGZCrf7plQOWXrGHhIfWj0pPzzFJ17u8OgPDmZQc54_M3LzS_TH4vIIFkD861d0P8TENNoQnT0GrVnk_1rgclDqrkaLUB-SvcWmrwDTQrNQqTi7kFhDEj-P8fz95R2UhRlXcJSdPRDj2sFGwDWBUvf_3WnfnA8bZASqJ1Gw6MM8uniWsAYAwTa6XTGNy8c6ZWvxoEd_jFTUj4IWDFtYzgMNbMCWZ5LE69Z5ajwI_rwV74-J7mEI4X76IUHqZEvCKtC1fM-FeiJrZ9fASiqkpU9JvHJx-Lu4-2wZb43zM7wswtXksZEc8dasCG7cu945OuwTy1v_OIVdlqsKCfNTniYHltNVtiC2t0EMK2WDZM6tIhW289YBkSaLyndASs0jDlpXc-5GqTi4JCxEGdQgUuvAZ8qBkqh824vaYaM_WsLmXNaKXkDvnj64FWu07CzUataB5RuIlK_HP95au0gOGGEVTQ0MVHalp6KgziBdkp6nj0BGgi0eXk7SxSrrnw1GFHv-nV5etXPMz87N6-0tgFUZZTZZLUKLD64etXqeqVcCMXIZRSFu9ci--WkJysJrIO9fu6X0cjju3sD4HTZcMoJE5DvuhKYlbDXMSVPva9rufITpXNOjNPXu5czvWiaCFw5BkB-DVD&cid=CAQSPADq26N92qBf7SwJEcWLOYHY8MJXTm8NDFeQGnGMe5ng0yQSiDjvfmg8t04JvNWQDewc2FjZoo2vgEyg5RgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.5.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:38:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
6419
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:38:37 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230103/r20110914/ Frame B7B4 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AuW484OJt4K135l-IChZyvWDma7n2DPVWCfd9TjH4MhzgfpVpkgni8Iv4ATr3CFBi8tj8PrviQthRFCbF0w3b1fWdsKA&cry=1&dbm_d=AKAmf-BJL7ZhBpzGzKMVLpCe3HpgHO3ECDIBGGufiDO4FgKOsbXNsjzR3Bw_Dvhxp84F6RvHQ_dUQAnxZpLm0C_0kHveAedMWOiITeEQiPDe_ivjwHYKsMe8VD81uVxFHXsFALqAk4W_9oatadMKclbYbAj41H07-1IhkKcIT81Ux_UwBnF5VN__hxVMUjZWITa7szE6mKLp6k_EvI6A-nGiju2VT-RUrASbYRIIoLGi1l2R20w2NSNgkK7TpK725YD4T9kt6wgHdeAWM8qyR642VDo3nKfDg8o0Qk5QhddSTDbr8aMNZylhPTqbqhTz764fYdqO6wumqQLzhcr4yUr9wwMH6YlEtew25riUWIWu2iFAZpNwf0ow4Qo0G-EHhWWmNe4r_DyVM2sRLpsgCoQEDBa81OaYyAK6c7R4xk58ZC0ui3G5pN45olPqdfzQridXjfmETZcO84f_ZbunHYNcBDOqhCRpWQ000ypUl6cgFnHxffKk1ZXytVV7iJPQUS6FcrmC1Hu81hltVMwiKCvt9DWoXjOl35q7_32_Vd5NrMOlD-WmIMLKofvSuhxXQGtGzlff7vXSHLB3hTq03uoT9zQvfKLUFP7lUmfpW5TMyEFPyup_-IcvGuQcY0rHKom-nFVdTaOeubCtT2gYJCFve3ObG1QEO3ylIZgLWUPpoA3hokfB3mikRqcqzLjW6uDeciBxKeLtFKfC714b98KmB-e7GSNtA-gkxSR9sbB4TB1hiBBsG_n_XE040PnmZ014x0VIENFzU6NhpTZpRNTCd6DO1xe35acfTVTKe77ZqW-Mh9n1C3dv9yMtDSCCd16t_h93dOwViioIcPw2eGgbqyQVlf6l67vAZD8u2xYhzqGVeh0i37qErNUnDEHa_p0gVnaV7PvoaPxuSoZ36wVl2COjG2dzcRdQAeuAD1_k6anISUtse_ffeZcVFmj8AehMRPTRfNvBd5M6pSmdXXj2wJapW7rivTNwQHRJEdhnFOgUuHRkFhpXNeD8BhBxZb8wuECl5tjEFJstO2T2ShYKDYoAjDhug3I5Tu_i3bNUhbOnt0lu0zhEXLYdkj2XPbnWWH6bRhJu0k-n4qGcDy0Sh820rGpLAQDzMA4XjfezhlqAWp4pyZbTw8LOZ4Nookwu9I1oTDTltjWd5hNegSgMaOICMjQXfEtzi7qm1DD4L5PuRgGotJVonwgNnYTWi60U-ocXvTwIWrzw5jpU50jLT_Jq0BXeocafAvDf_6USV_5_62Jp8ENntq1XfINhWrvFAxyACYOW7SkXxgllbZRiEq1zeZ5oSK4aTtqpGtjPU0HoKLVvR6bwEdu62crHNePnER5Z_6LDLb_jnzhsWwau1_u-Z2wAo6-oKdnlI2aw_Oxv5LRR6JVvkh3iAmBtAzpNe8a_mQs6bk_sq95bilJr2UW-PVMM_bz5_n9KTCOfsTklQKH9jZQHabYGw0QYK9EMx3ORppctBSytAua_O_dCPfcu71qk91NOxLVmNBk6pVZYgFnC_6PuTQMLGDZo9agHhocntanrUwv2gN5JNrz4MwWqcggHLPeJObXjPMlg7-ULCNegZdWLsZjxN9p7k2z_05b5tvzY0OfiFjaUs76xZnRQxlrxXwoXzlkHDc8W2FrC3DgsVcPEeLsCln_A8gFjX0xiE35040oATIEHb0JrBdELiVlwwXPPzlehBdjY9TgLjmnj88cYdHRWbSNT39qiuWZabK1VLl5A3DigW4ODI76WWnFREyExQ83xgtOoDGLMykS2c1_za_s78-rMWWs3aANaofSNHzVp-N9NuEehZR30mimvk__XHY94vpzihWKmoJ0Rl_x2I7eWsYeygFFIxb3b1VnvhIswYAyAUBolf6Eo4Lj0VAl_RF58kWiwbV6hdKTl73eZ7DyaagfzaWrdUOe7-MF9X1P3KRVN23ML_M2QAszzqlCyLXbavOVBA7DmTRirME6mPxdPniNOyoODbQr4yU0rq0QeQX0RUv0tHT2vGQ3laOQJhCXeqcHNJbBY7JHe1H7gtVuPIN4FgBV_Eq5fjxgBbJgq6Z8O1v2bNYzPbNalwIo3oV4WW7yGhJniuS0VjoAsbzC9qs0CzODp1AmqvLo1qTD6hLlwSmr9-OPv7_EZgsQAP8mQEHO40GI8knbKQxX1aRPjTtp7EnUY_GOnNAKIYIHCSe-gOkDIDNeHwrBk-Nvmz9M6hHQVR587wDIIBG3dDICjMuOR_jY0un9_RV19BX6wSkyFwqKMHMa8a5Mlo7I7zV3zjdNUXt8Sf83mJZh5xmrmebRyRBbvCmFlzMZDbSNtwOqE131DRbTP6vFCk1HsNq2Y-pHLo6FIfWU4GQSukrT2ucjDKEBSRlgRJ_TF0lepxXSytpl6ErXlMwnEbSsxQfxO7OAhAJiqV0FjVe8V9f6r0rwd_HnO9OijSm5PlwqexD41xwP4FF8niPj9h91s8cBzw0pGC2XG1l1ixfl3xkj-Zr3hJiksjuBIUmKXrb7jER5ErNvHzOWtXRhMFjDKs9ScjDC0a6CnGUPN5D8VfdmUlHHk0o_TKms_iBveXoDvbpeXoWG1BzNNhemM1HnARW5PMDkYLpZkK-0JweZoEeQc05HNWaWBX1JEUh2zZC_qN6Gmi1-qoc-Py692ZJgY9omNmGOiHTxqEdD6Ji8DWI8n5gLQSJqBXXE-dkoekJjYzejt1clwBEFIyCsENwXH3gEasBaqRmJ3KMbXF6TKVzs4K8WJvLPJbF3-oMMHrqTN3cp_4Ett6KJPATbSRjxt_cDPJG0d66BZxoS-g0CD3pDBWtkPVhafoBxfd-SRIRiwFYlOfgcXrVeJ3Qsy5TJc7UIh_epYsqPaTeCRa9SWKX48zWN-D77gG_FahShWtTxjWQDIxJT0ySBmNa8ixXonExj7IbJy680rBlKIAlm93Hp23IgXSfcNGZCrf7plQOWXrGHhIfWj0pPzzFJ17u8OgPDmZQc54_M3LzS_TH4vIIFkD861d0P8TENNoQnT0GrVnk_1rgclDqrkaLUB-SvcWmrwDTQrNQqTi7kFhDEj-P8fz95R2UhRlXcJSdPRDj2sFGwDWBUvf_3WnfnA8bZASqJ1Gw6MM8uniWsAYAwTa6XTGNy8c6ZWvxoEd_jFTUj4IWDFtYzgMNbMCWZ5LE69Z5ajwI_rwV74-J7mEI4X76IUHqZEvCKtC1fM-FeiJrZ9fASiqkpU9JvHJx-Lu4-2wZb43zM7wswtXksZEc8dasCG7cu945OuwTy1v_OIVdlqsKCfNTniYHltNVtiC2t0EMK2WDZM6tIhW289YBkSaLyndASs0jDlpXc-5GqTi4JCxEGdQgUuvAZ8qBkqh824vaYaM_WsLmXNaKXkDvnj64FWu07CzUataB5RuIlK_HP95au0gOGGEVTQ0MVHalp6KgziBdkp6nj0BGgi0eXk7SxSrrnw1GFHv-nV5etXPMz87N6-0tgFUZZTZZLUKLD64etXqeqVcCMXIZRSFu9ci--WkJysJrIO9fu6X0cjju3sD4HTZcMoJE5DvuhKYlbDXMSVPva9rufITpXNOjNPXu5czvWiaCFw5BkB-DVD&cid=CAQSPADq26N92qBf7SwJEcWLOYHY8MJXTm8NDFeQGnGMe5ng0yQSiDjvfmg8t04JvNWQDewc2FjZoo2vgEyg5RgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.5.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7199cf7ceabf89db36696a2ac103d5cf4d63d4a24f704d5d76df4d90fb572b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:38:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
6418
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11494
x-xss-protection
0
server
cafe
etag
10034648733587439634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 03:38:38 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B7B4 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 08:56:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
419327
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Dec 2023 08:56:49 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BD4B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
59857
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Jan 2023 12:47:59 GMT
etag
48472445140208031
expires
Thu, 05 Jan 2023 12:47:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B7B4 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90672e112681941e0ef68a399b0877553bf02bf6b16d4d15ca1e957a8bb61990

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CA62 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
417588
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 31 Dec 2022 09:25:48 GMT
expires
Sun, 31 Dec 2023 09:25:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
current
dclk-match.dotomi.com/match/bounce/ Frame BD4B 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAodL3--01ItoV-Dk415TEI&google_cver=1&google_push=AavPq0PJU6QILCRbteRMHM1k3EllwdJCKrMlYTM_CN1_Plux_eC-Bfhp8SIj3Prz3J9t_gs2hDwgyHkgOPlsfpv7SnUJ1eYxRJ26kmU
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:36 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
google
match.adsrvr.org/track/cmf/ Frame BD4B 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESENxCbcknBUYJjswkj4W1JA8&google_cver=1&google_push=AavPq0OF5uTXcnrKeOw0N1XlYOGMDZpeqPIYjRTFp4pcGYpvvvWOQI7boCM7CMek1722nPuimpBfArjJuvGuS0uoeQlKu1D2xyYb8w
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame BD4B 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDjRry2bXGW0AM2h5uaIX70&google_cver=1&google_push=AavPq0PrY5lRGVqz5hLTCJYeLaLIij6fiZ0l6zyR3K7-JhfnbjMZcYMRWLBRvzgoUb-BtloWHZxlxw3NlLdcKs4nUrPkd8aEarGOH1E
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:36 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame BD4B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGhabfCdSjTEaBBIqsFB3os&google_cver=1&google_push=AavPq0PIlDovEWMc3B4a2Z03mzX1_cgvFXls0ZzUcdbghXLA8v0Z3tSFCa6aYNlhtPvOY_Wm0Osegq9lYA3sL_...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4NTAzNTA1MjcyNzg1OTM0MQ%3D%3D&google_push=AavPq0PIlDovEWMc3B4a2Z03mzX1_cgvFXls0ZzUcdbghXLA8v0Z3tSFCa6aYNlhtPvOY_Wm0Osegq9lYA3sL_Qitj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4NTAzNTA1MjcyNzg1OTM0MQ%3D%3D&google_push=AavPq0PIlDovEWMc3B4a2Z03mzX1_cgvFXls0ZzUcdbghXLA8v0Z3tSFCa6aYNlhtPvOY_Wm0Osegq9lYA3sL_QitjBvzFYhMPl6pqg
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE4NTAzNTA1MjcyNzg1OTM0MQ%3D%3D&google_push=AavPq0PIlDovEWMc3B4a2Z03mzX1_cgvFXls0ZzUcdbghXLA8v0Z3tSFCa6aYNlhtPvOY_Wm0Osegq9lYA3sL_QitjBvzFYhMPl6pqg
Date
Thu, 05 Jan 2023 05:25:36 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame BD4B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPWULZQ4dg-3qXEUP5jzwAM&google_cver=1&google_push=AavPq0PwR_jl7DcPk1o0VFRCOsga5jqBkRC0s9mx4yKuKC-brZdKi8iM78r7C5IwI1eH4Zu37tSDdD-VKt6ReOeEZk-HK0M...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PwR_jl7DcPk1o0VFRCOsga5jqBkRC0s9mx4yKuKC-brZdKi8iM78r7C5IwI1eH4Zu37tSDdD-VKt6ReOeEZk-HK0MRLF4EoNU&google_hm=eS1QSkw4c2F0RTJwSHV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PwR_jl7DcPk1o0VFRCOsga5jqBkRC0s9mx4yKuKC-brZdKi8iM78r7C5IwI1eH4Zu37tSDdD-VKt6ReOeEZk-HK0MRLF4EoNU&google_hm=eS1QSkw4c2F0RTJwSHVlYTl2SkdaYnBVbWxwcjFpRGVYYn5B
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 05 Jan 2023 05:25:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PwR_jl7DcPk1o0VFRCOsga5jqBkRC0s9mx4yKuKC-brZdKi8iM78r7C5IwI1eH4Zu37tSDdD-VKt6ReOeEZk-HK0MRLF4EoNU&google_hm=eS1QSkw4c2F0RTJwSHVlYTl2SkdaYnBVbWxwcjFpRGVYYn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame BD4B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0NbyaUUV7QdZmsVqE59W9VtOvm5raQx45p1XDs0u4tBOc9u5IE7_qieOwNXZlweE34gKTLDXo0HYB9bNLex1oC0h4sZU57lQ34&redir=https%3A%2F%2Fcm.g.do...
  • https://sync.targeting.unrulymedia.com/csync/RX-3544cd3f-0e79-417d-acf9-c80289f78611-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0NbyaUUV7QdZmsVqE59W...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NbyaUUV7QdZmsVqE59W9VtOvm5raQx45p1XDs0u4tBOc9u5IE7_qieOwNXZlweE34gKTLDXo0HYB9bNLex1oC0h4sZU57lQ34&google_hm=AzVEzT8OeUF9rPnIAon3hhE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NbyaUUV7QdZmsVqE59W9VtOvm5raQx45p1XDs0u4tBOc9u5IE7_qieOwNXZlweE34gKTLDXo0HYB9bNLex1oC0h4sZU57lQ34&google_hm=AzVEzT8OeUF9rPnIAon3hhE
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0NbyaUUV7QdZmsVqE59W9VtOvm5raQx45p1XDs0u4tBOc9u5IE7_qieOwNXZlweE34gKTLDXo0HYB9bNLex1oC0h4sZU57lQ34&google_hm=AzVEzT8OeUF9rPnIAon3hhE
date
Thu, 05 Jan 2023 05:25:36 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX3544cd3f0e79417dacf9c80289f78611003
content-type
text/html
sync
ssbsync.smartadserver.com/api/ Frame BD4B 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEB5dGTbN9aLSFhRN7GnUkIk&google_cver=1&google_push=AavPq0MXxrvEgiPpRfVfUjVEn49BpmgPXHd8JyhIpKw2AD_Emldr4gDrjXR7yIFKnr925MecuRuUNc8uBA0pq17aQ3bOC2uMSNQ-xkI
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:36 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame BD4B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IA7kkNkLgHRFrYjtg11N5CJ975_KLyXxlkJHM16RllolhSBzqKOzMIlecL3C5NNuteDbVu
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
pagead2.googlesyndication.com/bg/ Frame CA62 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:39:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92750
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16095
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:39:46 GMT
index.html
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/ Frame 8AB0 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39236128fe5c0e392d70d5f7408240e5cbde2a6458e70e025b5c50781aee8270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
237292
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1679
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Jan 2023 11:30:44 GMT
expires
Tue, 02 Jan 2024 11:30:44 GMT
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B7B4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssh-fa5YKgz06ybaCBWIliSzvG8cckyajptoiaTmQzJEXqKpOGHrsnTWOs7ULG4PLfvC_Jbz7TZaOP7u5QHiUELlbtm3tQfYK7fihd-e43wgzp-N61oTXjPOTStGnb1PCeDkkK-C0RmFpAu3XjEiFvOOL3b4wMZnkFsSoIUMw71ogd5716lXzbkTPu-tIib4FQOSPqHkdToNA5zO2tl1HfPzSlhqCZ2kfxTocNRe0tPQG4bh4f73DmIGip3yqqwv7FNChOSxMI4C1KuFU2CdJbdnvybbk5WGRvzGSndz7vv8_O1w74JwSE6om3hgBbRfJVQ9xaFGTdmZwWUOAn4-e7JGzulzk_7QNd-P8c5m0PlQ-Ft6iW4gnO8prR2kuZE2N_Xd9KwVlIqqLY-94gz4yebu2FdedJw0MnZRFP9amj01nDCPjmP3el_qHeON6IF2sQp8hD65D5LlokcjhVqrx5ZpaNw-xdfrwsSYWidMCMpYPjypJ5xzmyPor87tpqw7gpuyWLSEgRqKIfncUNgYzZ8eDS_Wzff63Zw0_BiaHUQg7jIbRrO4Bi-hXEivQV6wS2DOaHHip1pzAaFrO_XBXzcjXHcrQB66y_5gdbnrHgFWV3qXhHB4TFmd0J1uw2VN_6DGMH9CI9eVDBOaj9S41juRxdtgkvsLCI1QYPxRyDVpJ5_U3r12aHjr6GNZ4_hnUgHB9K0bVpTmUuraeNbndB1MkyQiRO1n05adRu4F-bN_VjPUWkLJAD4Oi6WbP4We6wysKUvNsom7xN7Z--FrJw8Bfq8UQSxZAjsddu-Fsx5bqrQ9q1aW1ZGAQN-cD6xuvvWDz8TJOGs-3YjqfatpCUEyb1GLNulHvFgU52g2YNQF-GOw9J2gFwNVnfu61zQIpkMw11DIDlmyJjhV-du1nQvdoJIk72hjSMOXo2AmnjS2CrKvecNMinT114wJRhEt_YuVYOrIcgTuQK2dZoEva5ZODwT9ruNYbb9pqdVuAyLr5tXV0xyd1sloh7C9y_wEPsN1C2jT4QYwyHPgYRBxTcwlMS-24fLtM9JHCis-_diNReaezmb2IX70kQFka1Kl5PxP5XyObpMGrLhU0N5-xz2PFWn9_Q7SqqRnYli2x3f8XI3mkhX9rroqFg8MYeTx3CiQCX1bPKO_kkm2sjmqLYmZt_tr1JwWTHmf8cbcx6Sc_U_jRkB5qzA3XZmyuE9HgtYIjiT4ttvaNF4r5r4TOL840fuMq85YiCvezY1e2afgVqt5tPaUuKCYEEXpQvWKh0N94q_ERnjn_OdOQlBVPIXfNMZHw4epfXd9kxO_ntjZR4DFHCCDruBSBnuLMnDewg6HMqVrwrYTSziqI_rIaYkt4zJ3SsWcUW78A4&sai=AMfl-YRyEKvoMeEg91OBIj_04jJtRek3uoqId74m1ESDptNHstgQcKF4IUb-yiuRvyW0vx0FE7DomHS5xVahVSf7Fu5xy5_MaDU3MRferCMo0hOwko9dImpwDFTgImPm8vSxJxeHIUUi8HvvuZEUIrcUZkcuJkNw8rZX8LPOnWsuCxh-3v5NAB9MbX0vO0IJ10vXtBwyikO85Ev43rXx5y5oe7uVCCYCl_IHXVsRd9cAC72Mth697OT3HAj0JOe1fH1VuTmw4BB_SnNDPA&sig=Cg0ArKJSzDS3ZC8_SxtYEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=120&cbvp=1&cstd=117&cisv=r20230103.30366&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 05 Jan 2023 05:25:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 05 Jan 2023 05:25:36 GMT
ad.css
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/css/ Frame 8AB0 		1 KB
494 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/css/ad.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e980978372ef893e791fa10ac60561adda47a13b2fa5a10557e491808259633f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 11:30:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237292
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
465
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 Jan 2024 11:30:44 GMT
img1.jpg
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame 8AB0 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/img1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16ec50bac671d303d46d078347192e3defdfebd1488991288f6182f4b6fe1488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 11:30:44 GMT
x-content-type-options
nosniff
age
237292
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36078
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 Jan 2024 11:30:44 GMT
img2.jpg
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame 8AB0 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/img2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9fff3f99dc21e4051a54b10c589611a6b4c56b78079c275cc9279d996950468
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 13:19:51 GMT
x-content-type-options
nosniff
age
57945
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45194
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 13:19:51 GMT
img3.jpg
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame 8AB0 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/img3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93b3c4a595bd63cb41b20bfa3feed5a0515c0b1ad5b943d12c50e37dcea64696
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 11:30:45 GMT
x-content-type-options
nosniff
age
237291
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36124
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 Jan 2024 11:30:45 GMT
img4.jpg
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame 8AB0 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/img4.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e064bae416609c3a889384a353c1fccad530f6a9169a2dd3702aa54813d88443
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 11:30:45 GMT
x-content-type-options
nosniff
age
237291
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44662
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 Jan 2024 11:30:45 GMT
txt1.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame 8AB0 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6369d32085728856813df2a0debbfed9a2338698cbba75737849c9805a9570f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 11:30:45 GMT
x-content-type-options
nosniff
age
237291
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6882
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 Jan 2024 11:30:45 GMT
txt1b.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame 8AB0 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt1b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adfb4cad9ff9a338742a03254c75f3bb152534d4209c0eacf2175f4a3091d667
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 11:30:45 GMT
x-content-type-options
nosniff
age
237291
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5429
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 Jan 2024 11:30:45 GMT
txt2.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame 8AB0 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb7a31f16a1a9bda77fe3d3f1201ac7e238101cd1022b68e93580fa39394fbcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 11:30:45 GMT
x-content-type-options
nosniff
age
237291
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7176
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 Jan 2024 11:30:45 GMT
txt2b.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame 8AB0 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt2b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcb5c5298e2439eacc8bbbd3a20f56b1cb005614bb4af475a9510124c33aa3ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 11:30:45 GMT
x-content-type-options
nosniff
age
237291
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3772
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 Jan 2024 11:30:45 GMT
txt3.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame 8AB0 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad2ae14f9e3a0b0f5a8ce19fef6938a770fd218074ed858feaf48cb2986c4372
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 11:30:45 GMT
x-content-type-options
nosniff
age
237291
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9401
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 Jan 2024 11:30:45 GMT
txt3b.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame 8AB0 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt3b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cde1e812a0335654f8b799dc109ef9c0254c72de4e35f40c20a2bdded0be19c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 11:30:45 GMT
x-content-type-options
nosniff
age
237291
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4662
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 Jan 2024 11:30:45 GMT
txt4.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame 8AB0 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e7878bbb1a0d8199e68adf0a7ffdf82a162b0a24207a696b0c5a8c3f64acc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 11:30:45 GMT
x-content-type-options
nosniff
age
237291
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7513
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 Jan 2024 11:30:45 GMT
txt4b.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame 8AB0 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt4b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85d8b565ec1b8140a0f3dd1801e149bc09ee8fd650539cb35ae5aeb86faa29c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 11:30:45 GMT
x-content-type-options
nosniff
age
237291
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7018
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 Jan 2024 11:30:45 GMT
cta_img1.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame 8AB0 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/cta_img1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7f7b6ccfbf79cae50825d1c5bb299e19e6dcf08322824815ac50a223949b7e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 11:30:45 GMT
x-content-type-options
nosniff
age
237291
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3710
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 Jan 2024 11:30:45 GMT
cta_img2.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame 8AB0 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/cta_img2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06d5536790e8d7944356feaf9ae77fa4796addcfeade125e8ec10bb4b7491a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 11:30:45 GMT
x-content-type-options
nosniff
age
237291
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3821
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 Jan 2024 11:30:45 GMT
logo.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame 8AB0 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8acb14506260c4c012ca16081656a17cbf162224ddf70d31e48e6cefb7fb6cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 11:30:45 GMT
x-content-type-options
nosniff
age
237291
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4246
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 Jan 2024 11:30:45 GMT
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8AB0 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Jan 2023 05:25:36 GMT
ad.js
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/js/ Frame 8AB0 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/js/ad.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c64f55a5448751409418c195c34fdb8cab1dfa25b41eacf7e08f1dbab8c7555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 11:30:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237291
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2735
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 Jan 2024 11:30:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120801&jk=152465706769297&bg=!ODulO3_NAAYDMoyoIzI7ACkAdvg8Whxz-5AbF5zXdzmBmkAbjj8NgN1XTsE8BG0PlNoykWG32R3Y1wIAAABZUgAAAAJoAQcKAFVTHKp6coBbcWFw-s3tqEbrzws70s_WckrBV78_tOWvw9bizXNj1jXOY8X09ruFU5aB7QsCNj0zginrf-X0bzsMz0i8kW8QcsXxjl92EVNs2uDkjL68mQKMbBJNzrULZPSrbhD4zT6oLfKK_f3kM_sdN9NziQnQf92GASgjllVwUIr9Crdb9cl-LctMvk9OSaaN9cTi30pQYUPsnL134C0vO3PeC2rM7dLOnJPSig1VmwD5a-YO0VL3FASkKYjQbJyaSEklTLnplbB-HIo1ImcmNacMBbC9gQqGsb8kIpbbr-oRPo37wC7gVdHzG5Wvm9x6vPocFkRNZ2wRYrpCcW0A8GHOHf4I5pbdH1FvNml58nWKVskpthNlsxjFrdI91Ce-hkLCqUJB2MzBE4_rFv54foR4nnNdV8DYJ7VnHihyvoij7JOXsbGl4mmb0pNF68hBpoDrEgssxHqEaL2Bbn6ttObs6JcAt34rBDNs65IAMIYq7pYA9mEczVIAYOC1qzNg0G--XPbsyfpI3CqZrz7tkWjGvTungauJ_pi-8Sbt0oXv1zEwkNpcNa2NvEozJ1FB-N33-wGPLGl82iMPe-9OL48unNb5cw-S6RrCK8qlYhy-JYS5Ac1PkBFQLnvnT7Gi-eZqIiqbo6UJO6zL2L4PIgjeRAo8Iiys-m5EYiqZG1KDmWoNkV5RwquQ7lV2w8afekw8hCenlYiXrdLzZ5ql7BbO1LsoGjJOIweeZO1Jwc7L_ZlhqLI4mhMt_zJNpbzotVFdhZyOz307os3vJY95TppRlFVl3ZIEHGWt4uq-lYFPk_E2xitY7GI9ckgHSVfMPBS8Q68rrUDqHrXL4FYmxtb6gKlroMMH1TvUb_ounOVOo2dnIycD-iRPqTiNZ9yHQeAZgOOE7ni3h0fQ_K2S39qssDBTxwJ60CHBiM5GUVKYoAj1YDT2ZwbfCzhg1qfFgIe2U_zXT585U7MtnPKXCVU75A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame CA62 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFe4wUF-2Y6ahD8GQ3gO6jpO4BwAAAAA4AeAEAg&bg=!CgmlCU3NAAYDMoyoIzI7ACkAdvg8WnHjej9D_E-S5Q-KOquLmd4rMKllIxl9o0G3sc_Bk7uNHSmd6AIAAABqUgAAAAJoAQeZAuuLeDu1pLY9nUNTq3QveoTNghlYK55samEfWgW-cj7FRX_aSFPoWYabF4XAzhAMa4czQRORi3fPu-fZuN1fsV-KQ4ZeSqJf71z1_njvI61Zk8MfegLUy24F0X7w3cfk6ThqOLNmABWlK-C-easy_JGY0p_evIUeop1ZDn3EW44f-JOn-U4SKqWHZ243ReSA-4V2rNWUaZ1TpPvdWKnCDCzkQ-cA6M-MSgCeD5cdui3LZV1SMANmx-ZJVO7yTVexibRh7s0TpjPRgemwQgYJnj-UElEVJIToNgc8ATo5dqO9ywdrBSryRQxv_adZScuLdhneyLsKforFns-HkFAqNKtuyVr36R1dO8DG1so-w-uCK-njE4_KtcXzaZElI1XjZ5Q0xMLnQ_XP71Ec23u4rq-X5sbIL-e2qOsZDZ7hf0r_fgioO9T9mW1Mn8pYzaLettzD2FZXDus3bspu8fBatcItwFT54r_nDb8xFvBCIlGDoDLThF3P4Oy891-p6zn-J4CMo3sWm1j2dzwSZUitJlKn8l6yKaEPGknfKRZakfg0FGOkHxi2-4kBuwnqw6_x1fMoG1q1hwdihZA8jeTkJszZTe1p8zi7k4CtTn9oXqFHyxnQibXtvP-A_taGNqJSi04I06xeH31QIkuzhtT07uW8TcDthFmKH4gb_hk2TNwc1CWFMpDq5KSEr03csnmyVpnkUEQiSiFAOQzJoTniW9SBGG96wprFQoYkj4wueonSYO7g8jRP5gEN8DlSrFaN108zeH8GJm7SitwrqUM4aQyWnzskMqpJxW-2YYmmRxHiB1SbnEbTd3yp4DhHJYzEDTE0sW4VvdOcBidj5CoQ-Car1qPID5Zc0JRUMQ_cZUXawNlOPBydXhMNONLlBnG9Lxp-1wjc3HCHL6YbbQm3cOgAbyMG_h7aUzickXVb26y_39q3EgUQYrEcqnkTi1Dx-7N_-e8Dd8KmBfwtfbPWwYJWnD_tQv0VD1pLcNU
Requested by
Host: f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
URL: https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B7B4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssh-fa5YKgz06ybaCBWIliSzvG8cckyajptoiaTmQzJEXqKpOGHrsnTWOs7ULG4PLfvC_Jbz7TZaOP7u5QHiUELlbtm3tQfYK7fihd-e43wgzp-N61oTXjPOTStGnb1PCeDkkK-C0RmFpAu3XjEiFvOOL3b4wMZnkFsSoIUMw71ogd5716lXzbkTPu-tIib4FQOSPqHkdToNA5zO2tl1HfPzSlhqCZ2kfxTocNRe0tPQG4bh4f73DmIGip3yqqwv7FNChOSxMI4C1KuFU2CdJbdnvybbk5WGRvzGSndz7vv8_O1w74JwSE6om3hgBbRfJVQ9xaFGTdmZwWUOAn4-e7JGzulzk_7QNd-P8c5m0PlQ-Ft6iW4gnO8prR2kuZE2N_Xd9KwVlIqqLY-94gz4yebu2FdedJw0MnZRFP9amj01nDCPjmP3el_qHeON6IF2sQp8hD65D5LlokcjhVqrx5ZpaNw-xdfrwsSYWidMCMpYPjypJ5xzmyPor87tpqw7gpuyWLSEgRqKIfncUNgYzZ8eDS_Wzff63Zw0_BiaHUQg7jIbRrO4Bi-hXEivQV6wS2DOaHHip1pzAaFrO_XBXzcjXHcrQB66y_5gdbnrHgFWV3qXhHB4TFmd0J1uw2VN_6DGMH9CI9eVDBOaj9S41juRxdtgkvsLCI1QYPxRyDVpJ5_U3r12aHjr6GNZ4_hnUgHB9K0bVpTmUuraeNbndB1MkyQiRO1n05adRu4F-bN_VjPUWkLJAD4Oi6WbP4We6wysKUvNsom7xN7Z--FrJw8Bfq8UQSxZAjsddu-Fsx5bqrQ9q1aW1ZGAQN-cD6xuvvWDz8TJOGs-3YjqfatpCUEyb1GLNulHvFgU52g2YNQF-GOw9J2gFwNVnfu61zQIpkMw11DIDlmyJjhV-du1nQvdoJIk72hjSMOXo2AmnjS2CrKvecNMinT114wJRhEt_YuVYOrIcgTuQK2dZoEva5ZODwT9ruNYbb9pqdVuAyLr5tXV0xyd1sloh7C9y_wEPsN1C2jT4QYwyHPgYRBxTcwlMS-24fLtM9JHCis-_diNReaezmb2IX70kQFka1Kl5PxP5XyObpMGrLhU0N5-xz2PFWn9_Q7SqqRnYli2x3f8XI3mkhX9rroqFg8MYeTx3CiQCX1bPKO_kkm2sjmqLYmZt_tr1JwWTHmf8cbcx6Sc_U_jRkB5qzA3XZmyuE9HgtYIjiT4ttvaNF4r5r4TOL840fuMq85YiCvezY1e2afgVqt5tPaUuKCYEEXpQvWKh0N94q_ERnjn_OdOQlBVPIXfNMZHw4epfXd9kxO_ntjZR4DFHCCDruBSBnuLMnDewg6HMqVrwrYTSziqI_rIaYkt4zJ3SsWcUW78A4&sai=AMfl-YRyEKvoMeEg91OBIj_04jJtRek3uoqId74m1ESDptNHstgQcKF4IUb-yiuRvyW0vx0FE7DomHS5xVahVSf7Fu5xy5_MaDU3MRferCMo0hOwko9dImpwDFTgImPm8vSxJxeHIUUi8HvvuZEUIrcUZkcuJkNw8rZX8LPOnWsuCxh-3v5NAB9MbX0vO0IJ10vXtBwyikO85Ev43rXx5y5oe7uVCCYCl_IHXVsRd9cAC72Mth697OT3HAj0JOe1fH1VuTmw4BB_SnNDPA&sig=Cg0ArKJSzDS3ZC8_SxtYEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=269&vt=11&dtpt=149&dett=3&cstd=117&cisv=r20230103.30366&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.5.ua
URL: https://www.5.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.20.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s28-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 05 Jan 2023 05:25:36 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B7B4 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50adb0800ba9174f82c095739bbafc775783b74a40922072b226c076c9120a6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5723
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B7B4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 05:25:36 GMT
OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
pagead2.googlesyndication.com/bg/ Frame B0B7 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 03:39:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92750
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16095
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 03:39:46 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B7B4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-opglDtQElJpeI1Wv392M5K-zWifVZbGLZ4de-7DrqXWNjNhugVm1LekkBLTI17969111pJjVYUCH5mktCt1P54BC4Q__ZV09AO1yL8pky_8lu__P01FZfgkeZn2GC1u_qgzr4g&sai=AMfl-YSo2MmHc7zQKvwpyg1VUQK_Jq1bv5GZYJXoZoxj7Y1TasZvjxkhRhryFkOjYKxchEH32tbJl9MliFceYpSGnGrzfDnjOD4HCszvQHQe2KoMOmd_5iCb0isCo8_9oEM&sig=Cg0ArKJSzLoP6Hu13Af0EAE&cid=CAQSPADq26N92qBf7SwJEcWLOYHY8MJXTm8NDFeQGnGMe5ng0yQSiDjvfmg8t04JvNWQDewc2FjZoo2vgEyg5RgBIBM&id=lidar2&mcvt=1000&p=528,1070,778,1370&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2279244755&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672896336188&rpt=168&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.5.ua%2F&domain=www.5.ua&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.5.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.5.ua
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 05 Jan 2023 05:25:37 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
229993
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.5.ua%2F&domain=www.5.ua&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=nwPne3x6eFlpaFYxNkhldTdKSVBTWmQ2emNBZUgzYnpxY0ptT2NDQWI1V0plaElMTWxWZTIzNjBSeHFCcGdJcXkvV2lVc01TbXRhTTFuMDgxd2VYZE5jaHlRZUNjcEtkVk5BYXA0SFg1VHBTSFNIRVNtdWhiUmFZQ25oQ3...
338 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=nwPne3x6eFlpaFYxNkhldTdKSVBTWmQ2emNBZUgzYnpxY0ptT2NDQWI1V0plaElMTWxWZTIzNjBSeHFCcGdJcXkvV2lVc01TbXRhTTFuMDgxd2VYZE5jaHlRZUNjcEtkVk5BYXA0SFg1VHBTSFNIRVNtdWhiUmFZQ25oQ3JqRTQvZGhxYklwS1ZHTnFlNDNnNlhiMFNwUnVHZUJKcnVLdW9SblBYWkJLN1ZFLzBDaUg0eWtqU1lVSVdXTHI1d29RaXVydDQrSUcwSlZzdzdvb0d1S0F0S2d6WnJtN3ZpdG1kTUh1djFXaW9FRFphZm5JPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
89237a505eef6e45ad15d518cee96261a72d9e9ceec809f93a834cae6e977352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1109679
expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=nwPne3x6eFlpaFYxNkhldTdKSVBTWmQ2emNBZUgzYnpxY0ptT2NDQWI1V0plaElMTWxWZTIzNjBSeHFCcGdJcXkvV2lVc01TbXRhTTFuMDgxd2VYZE5jaHlRZUNjcEtkVk5BYXA0SFg1VHBTSFNIRVNtdWhiUmFZQ25oQ3JqRTQvZGhxYklwS1ZHTnFlNDNnNlhiMFNwUnVHZUJKcnVLdW9SblBYWkJLN1ZFLzBDaUg0eWtqU1lVSVdXTHI1d29RaXVydDQrSUcwSlZzdzdvb0d1S0F0S2d6WnJtN3ZpdG1kTUh1djFXaW9FRFphZm5JPXw&cppv=2
access-control-allow-origin
https://www.5.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
504761
content-length
0
expires
0
prebid
id5-sync.com/api/config/ 		135 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hb_313501_8344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.5.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.5.ua
date
Thu, 05 Jan 2023 05:25:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
ixmatch.html
js-sec.indexww.com/um/ Frame F597 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hb_313501_8344.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.5.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
135
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7849cb5de954bb32-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 05 Jan 2023 05:25:37 GMT
expires
Thu, 05 Jan 2023 09:25:37 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CC55 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hb_313501_8344.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.5.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=35986
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 05 Jan 2023 05:25:37 GMT
expires
Thu, 05 Jan 2023 15:25:23 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame BB60 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hb_313501_8344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.5.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 05 Jan 2023 05:25:37 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame 2B64 		666 B
728 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hb_313501_8344.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b24329635f92e0ee4e7588705ad1b33d21c3b38426a096e364fe509a171233ce

Request headers

Referer
https://www.5.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
415
content-type
text/html
date
Thu, 05 Jan 2023 05:25:37 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
csync
sync.adtelligent.com/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=de3ab0e8-9db0-40ba-a546-c21297bb2987
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=de3ab0e8-9db0-40ba-a546-c21297bb2987
Protocol
HTTP/1.1
Server
62.149.1.122 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.5.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:37 GMT
Server
Adtelligent
Etag
8f7ec04b63efbacc
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=de3ab0e8-9db0-40ba-a546-c21297bb2987
date
Thu, 05 Jan 2023 05:25:37 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hb_313501_8344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
c83b2b22008593dcf7dfb48d3b88d909d931caf4089210c8e6fa300d02335d84
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.5.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.5.ua
date
Thu, 05 Jan 2023 05:25:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
usermatch
ssum-sec.casalemedia.com/ Frame BF4C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.5.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aeba134812f118f4faed4e893ae9a2e26ce39b0befc3f0d40165f1c080637fc

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7849cb5e4eccbc03-FRA
content-encoding
br
content-type
text/html
date
Thu, 05 Jan 2023 05:25:37 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8ppXqLHWfqSpMCC%2FDMTq7pyNCxwY2thiVc8%2BFk5E9mmu8YxZ52YNWUFVhm3oFuFxcfe9JrZ8eDvqNy%2F9gwnTrkBjVcfBpCZsnVEPtJiogxc5GOsPr7A%2BxXULQQlst9m%2Fcasfy0E7NyzSw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=nwPne3x6eFlpaFYxNkhldTdKSVBTWmQ2emNBZUgzYnpxY0ptT2NDQWI1V0plaElMTWxWZTIzNjBSeHFCcGdJcXkvV2lVc01TbXRhTTFuMDgxd2VYZE5jaHlRZUNjcEtkVk5BYXA0SFg1VHBTSFNIRVNtdWhiUmFZQ25oQ3JqRTQvZGhxYklwS1ZHTnFlNDNnNlhiMFNwUnVHZUJKcnVLdW9SblBYWkJLN1ZFLzBDaUg0eWtqU1lVSVdXTHI1d29RaXVydDQrSUcwSlZzdzdvb0d1S0F0S2d6WnJtN3ZpdG1kTUh1djFXaW9FRFphZm5JPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 05 Jan 2023 05:25:37 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
379278
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame BB60 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4b2d8d487376553bd276e2d91652ea0a76c01fbc86f383d30656e38d40d042cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 05 Jan 2023 05:25:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Jan 2023 21:35:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58197
Connection
keep-alive
Content-Length
10067
Expires
Thu, 05 Jan 2023 21:35:34 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame CC55 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=94898794&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
bba340f6477b7ec64be147cd5ef2675a36457ab1dd5f311c23ff03221630c4be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 05 Jan 2023 05:25:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sd
eu-u.openx.net/w/1.0/ Frame 2B64
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=deb163b6-5f51-4e00-b9ab-d7aed77c1b1e
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=deb163b6-5f51-4e00-b9ab-d7aed77c1b1e
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 05 Jan 2023 05:25:37 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x12 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=deb163b6-5f51-4e00-b9ab-d7aed77c1b1e
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 05 Jan 2023 05:25:36 GMT
sd
us-u.openx.net/w/1.0/ Frame 2B64
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=5tY9vOWDarv9hGnu4tJy77OAPLL90m28stIFnJWZ
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=5tY9vOWDarv9hGnu4tJy77OAPLL90m28stIFnJWZ
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=5tY9vOWDarv9hGnu4tJy77OAPLL90m28stIFnJWZ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 2B64
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=317197294686922848
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=317197294686922848
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=317197294686922848
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 2B64 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=a3351890-315e-77c3-f51f-ede7a38c4010&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 2B64 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGY1YWNiNWEtZjgyOS0yOTY3LWUwZmYtYjc1ZTY5NmU4ZTcw
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2B64
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKj2COr9ipjTdGvPGY6oCZk&google_cver=1
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKj2COr9ipjTdGvPGY6oCZk&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKj2COr9ipjTdGvPGY6oCZk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
692.json
id5-sync.com/g/v2/ 		216 B
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/19362/hb_313501_8344.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
7d0bd335baa0f49740ae7952289045cac345a20972dc7a9ffe0790f8dad519c4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.5.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.5.ua
date
Thu, 05 Jan 2023 05:25:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
dcm
s.amazon-adsystem.com/ Frame BF4C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7ZfTxeSYUWkX5XdL8vMqgAABKgAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7ZfTxeSYUWkX5XdL8vMqgAABKgAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7ZfTxeSYUWkX5XdL8vMqgAABKgAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.5.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D9GXNEBYKG11D73D6HAY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XW4KTEJXM1MMRGVBE8JM
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y7ZfTxeSYUWkX5XdL8vMqgAABKgAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame BF4C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.5.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame BF4C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y7ZfTxeSYUWkX5XdL8vMqgAABKgAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELBuEim-Ue01VhB-FbLLl44&google_cver=1
43 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELBuEim-Ue01VhB-FbLLl44&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.5.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgHFbCYznhPPHsc1f84nHC7ZJI4w3H%2Fhy%2FI9mubA5OmThkzVUOpWt8Mb4Iw8I5nc9kfjbUo3DL%2BVnYn7GygICvnQbeqhzCbxKCBIFO1wrBWZFwfL%2BYD5U7KJ0InvNEGgc9xCfEUKwi5Jpg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7849cb5eb8fb699f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELBuEim-Ue01VhB-FbLLl44&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BF4C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=676450427082335072
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=676450427082335072
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.5.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 05 Jan 2023 05:25:37 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
178.162.209.134; 178.162.209.134; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c49e7f2c-8728-49b7-855a-c83c8467884a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=676450427082335072
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BF4C
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688534737&external_user_id=11dfedce-d9e0-4350-95cb-a9adabc07ab4
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688534737&external_user_id=11dfedce-d9e0-4350-95cb-a9adabc07ab4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.5.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Thu, 05 Jan 2023 05:25:37 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1688534737&external_user_id=11dfedce-d9e0-4350-95cb-a9adabc07ab4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum.casalemedia.com/ Frame BF4C
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1672982737
43 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1672982737
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.5.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwiopUtqKRqf%2FBH9ixLspRFllen%2FAWTfQDGfsWCH4n0XeQ8K%2BJMKEgUYlXHrT2mu7NRkN0b7IyWoU5EFnO%2F4%2BI%2BG6FOePPbN%2BT5AiZBKRBC200di1DRw%2Ftrr8TAkp%2BaKMFgQdp%2Bk"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7849cb5f4c1b2c75-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1672982737
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame BF4C
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F945E5E7C9014BE5B895748E8E8155E4
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F945E5E7C9014BE5B895748E8E8155E4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.5.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Thu, 05 Jan 2023 05:25:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=F945E5E7C9014BE5B895748E8E8155E4
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 04 Jan 2023 05:25:37 GMT
crum
dsum-sec.casalemedia.com/ Frame BF4C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.5.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame BF4C 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y7ZfTxeSYUWkX5XdL8vMqgAA%261192
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.5.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:37 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
27139
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7849cb5ee8099107-FRA
content-length
43
expires
Fri, 06 Jan 2023 05:25:37 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FE99
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:deb163b6-5f51-4e00-b9ab-d7aed77c1b1e&gdpr=0&gdpr_consent=
42 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:deb163b6-5f51-4e00-b9ab-d7aed77c1b1e&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 05 Jan 2023 05:25:37 GMT
Expires
Thu, 05 Jan 2023 05:25:36 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 277 3f0ad7a master cdg-pixel-x28 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:deb163b6-5f51-4e00-b9ab-d7aed77c1b1e&gdpr=0&gdpr_consent=
usersync.aspx
dis.criteo.com/dis/ Frame 2C10 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 05:25:37 GMT
expires
Thu, 05 Jan 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
443054
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 506A
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5629904225184182919
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5629904225184182919
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5629904225184182919
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dcm
aax-eu.amazon-adsystem.com/s/ Frame 3CB9
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2442E5AB-EF0A-4AA4-AB7A-5B1CC639F137&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2442E5AB-EF0A-4AA4-AB7A-5B1CC639F137&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2442E5AB-EF0A-4AA4-AB7A-5B1CC639F137&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 05 Jan 2023 05:25:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
YKAJX59BTED33BNJ86H7

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 05 Jan 2023 05:25:37 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=2442E5AB-EF0A-4AA4-AB7A-5B1CC639F137&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
B5C1T5XD82Y50ZHRTJ0B
Pug
simage2.pubmatic.com/AdServer/ Frame 2816
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=676450427082335072&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=676450427082335072&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
b402940c-5a11-4f15-8b94-45de204913cb
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 05 Jan 2023 05:25:37 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=676450427082335072&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
178.162.209.134; 178.162.209.134; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 9117
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=sMbqdbOTvXKrlL4ntMKlJuWQ63urwrp15MJ89_q2
42 B
567 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=sMbqdbOTvXKrlL4ntMKlJuWQ63urwrp15MJ89_q2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 05 Jan 2023 05:25:37 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=sMbqdbOTvXKrlL4ntMKlJuWQ63urwrp15MJ89_q2
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame A6D2
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7185035052727859341&gdpr=0&gdpr_consent=
42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7185035052727859341&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Thu, 05 Jan 2023 05:25:37 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7185035052727859341&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame DA0B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=uuFo1HRxRQtssnns_piJSrKi0YY
42 B
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=uuFo1HRxRQtssnns_piJSrKi0YY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Thu, 05 Jan 2023 05:25:38 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=uuFo1HRxRQtssnns_piJSrKi0YY
Pug
image2.pubmatic.com/AdServer/ Frame 5AFE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBdmxVN0hiTDhBQUNGd1JQLTk2QQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAvlU7HbL8AACFwRP-96A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=6321717678548239805&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAvlU7HbL8AACFwRP-96A&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D6321717678548239805%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=6321717678548239805&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAAvlU7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAvlU7HbL8AACFwRP-96A&gdpr=0&gdpr_consent=
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAvlU7HbL8AACFwRP-96A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 05 Jan 2023 05:25:38 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAvlU7HbL8AACFwRP-96A&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 3575
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y7ZfUQAAAUuWewAZ&gdpr=0&gdpr_consent=&_test=Y7ZfUQAAAUuWewAZ
1 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y7ZfUQAAAUuWewAZ&gdpr=0&gdpr_consent=&_test=Y7ZfUQAAAUuWewAZ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 05:25:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 05 Jan 2023 05:25:37 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y7ZfUQAAAUuWewAZ&gdpr=0&gdpr_consent=&_test=Y7ZfUQAAAUuWewAZ
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230137-FRA
x-timer
S1672896338.898639,VS0,VE0
i.match
s.tribalfusion.com/z/ Frame 7615
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7849cb601fd32bd2-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:38 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7849cb5efe892bd2-FRA
content-type
text/html
date
Thu, 05 Jan 2023 05:25:37 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
408
Pug
simage2.pubmatic.com/AdServer/ Frame FE6B
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 05:25:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 05 Jan 2023 05:25:37 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
generic
match.adsrvr.org/track/cmf/ Frame 8AF6
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5558225678
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5558225678
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 05 Jan 2023 05:25:37 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 05 Jan 2023 05:25:37 GMT
etag
RX3544cd3f0e79417dacf9c80289f78611003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5558225678
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
cookiesync
core.iprom.net/ Frame 9B2B 		43 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 05 Jan 2023 05:25:37 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-9cf34409f196@version_1.531
X-core-time
0ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame 9702 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 05 Jan 2023 05:25:38 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
bridge
cm.adgrx.com/ Frame 3D6D 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Thu, 05 Jan 2023 05:25:37 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-7
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=59a21eaa47ad8d5c/gdpr=0/ Frame 541D
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=59a21eaa47ad8d5c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
49 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=59a21eaa47ad8d5c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DuroLIz3lVRgXbnggWTgQSQVj
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.186.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-186-27.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Thu, 05 Jan 2023 05:25:37 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.25.164

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=59a21eaa47ad8d5c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DuroLIz3lVRgXbnggWTgQSQVj
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CC55
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JELlq-8KSqSrelscxjnxNw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.203.124.192 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:37 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=35986
accept-ranges
bytes
content-length
5554
expires
Thu, 05 Jan 2023 15:25:23 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame CC55 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=2442E5AB-EF0A-4AA4-AB7A-5B1CC639F137
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:37 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7849cb5f08002ba0-FRA
access-control-allow-headers
*
content-length
95
qmap
sync.crwdcntrl.net/ Frame CC55 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2442E5AB-EF0A-4AA4-AB7A-5B1CC639F137&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.186.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-186-27.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.30.38
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame CC55
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3480789843
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=2442E5AB-EF0A-4AA4-AB7A-5B1CC639F137
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=2442E5AB-EF0A-4AA4-AB7A-5B1CC639F137
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
via
1.1 google
last-modified
Thu, 05 Jan 2023 05:25:37 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=2442E5AB-EF0A-4AA4-AB7A-5B1CC639F137
date
Thu, 05 Jan 2023 05:25:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame CC55
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjQ0MkU1QUItRUYwQS00QUE0LUFCN0EtNUIxQ0M2MzlGMTM3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame CC55
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGWZPpqKj1taiD9krQPekQw&google_cver=1
42 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGWZPpqKj1taiD9krQPekQw&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGWZPpqKj1taiD9krQPekQw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame CC55 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 04 Jan 2023 05:25:37 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CC55
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2649236990834704171
42 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2649236990834704171
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=2649236990834704171
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame CC55 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame CC55
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=90db56a6-966e-4c7e-8558-261dbdeed50b&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_5401767b-13d8-4e7b-a46f-fa5088bc1436&bsw_param=90db56a6-966e-4c7e-8558-261dbdeed50b&expires=10
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=90db56a6-966e-4c7e-8558-261dbdeed50b&gdpr=&gdpr_consent=&gdpr_pd=
1 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=90db56a6-966e-4c7e-8558-261dbdeed50b&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 05:25:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=90db56a6-966e-4c7e-8558-261dbdeed50b&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 05 Jan 2023 05:25:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
2442E5AB-EF0A-4AA4-AB7A-5B1CC639F137
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame CC55 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/2442E5AB-EF0A-4AA4-AB7A-5B1CC639F137?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:8218:ef5f:5750:723c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame CC55
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2442E5AB-EF0A-4AA4-AB7A-5B1CC639F137&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bYghdadE2uWgHw5ntgHV5pRsjQGn6XU-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bYghdadE2uWgHw5ntgHV5pRsjQGn6XU-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-bYghdadE2uWgHw5ntgHV5pRsjQGn6XU-~A&gdpr=0&gdpr_consent=
date
Thu, 05 Jan 2023 05:25:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame CC55 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2442E5AB-EF0A-4AA4-AB7A-5B1CC639F137&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame CC55 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CC55
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8734336780255461372&gdpr=0&gdpr_consent=&us_privacy=
1 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8734336780255461372&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 05 Jan 2023 05:25:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8734336780255461372&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame CC55
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f6d9d697-0d1d-4dd5-915b-e5151dd3a37f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f6d9d697-0d1d-4dd5-915b-e5151dd3a37f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:f6d9d697-0d1d-4dd5-915b-e5151dd3a37f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 05 Jan 2023 05:25:37 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame CC55
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=676450427082335072
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=676450427082335072
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 05 Jan 2023 05:25:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 05 Jan 2023 05:25:37 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
178.162.209.134; 178.162.209.134; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8b55309a-92d3-42cf-a9a0-ccc8d8c248ef
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=676450427082335072
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
px.ads.linkedin.com/ Frame BB60
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCINA8VO-G-2REF&gdpr=0
0
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCINA8VO-G-2REF&gdpr=0
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:37 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 221EF607292F479CB1AB1BDCFCABAC2C Ref B: FRAEDGE1712 Ref C: 2023-01-05T05:25:37Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXxfYf3Ov/xMurBqM4+bw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCINA8VO-G-2REF&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame BB60
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/kx89-_VQuo5HxOwJcgnh-A?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WDZyvYRE2oJAsiYacskscvZw584Tfq0CmabYog--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WDZyvYRE2oJAsiYacskscvZw584Tfq0CmabYog--~A
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 05 Jan 2023 05:25:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-WDZyvYRE2oJAsiYacskscvZw584Tfq0CmabYog--~A
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame BB60 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame BB60
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjA5OGNkNDI3MDkwZGYyNWE2NzFiZDJkMzkyNTdjNDY4ODRhNDhkMw&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjA5OGNkNDI3MDkwZGYyNWE2NzFiZDJkMzkyNTdjNDY4ODRhNDhkMw&gdpr=0
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjA5OGNkNDI3MDkwZGYyNWE2NzFiZDJkMzkyNTdjNDY4ODRhNDhkMw&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame BB60
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEYlU09JkMBu7l9v40jNB50&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEYlU09JkMBu7l9v40jNB50&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEYlU09JkMBu7l9v40jNB50&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame BB60
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=TKOq58VKTi2vM_quJc1LPQ&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TKOq58VKTi2vM_quJc1LPQ&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TKOq58VKTi2vM_quJc1LPQ&gdpr=0
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QSA1D8P5V4S1GPZW4814
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=TKOq58VKTi2vM_quJc1LPQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame BB60
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJTkE4Vk8tRy0yUkVG&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJTkE4Vk8tRy0yUkVG&gdpr=0
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:25:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENJTkE4Vk8tRy0yUkVG&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame BB60
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=xduXkeduRmSvamQ8UmcxTQ&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=xduXkeduRmSvamQ8UmcxTQ&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=xduXkeduRmSvamQ8UmcxTQ&gdpr=0
Protocol
HTTP/1.1
Server
54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Jan 2023 05:25:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E1PRKDWS25WSZ57WJ4NX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=xduXkeduRmSvamQ8UmcxTQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
SPug
simage4.pubmatic.com/AdServer/ Frame CC55 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 05:25:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| oncontentvisibilityautostatechange object| dataLayer object| googletag object| gptAdSlots object| slot728x90MainMid1 object| slot728x90MainMid2 number| userScreenWidth object| slot300x600OtherRightTop object| slot980x120MainTop function| head object| Modernizr object| vpb object| google_tag_manager object| google_tag_data object| ggeac object| google_js_reporting_queue function| $ function| jQuery string| GoogleAnalyticsObject function| ga object| yii function| headerSearchDV function| bgDVbody function| bgDVbodyMob function| openMenuDV function| closeMenuDV function| changeIconTheme function| SiteDigitalWatch function| noTransition function| fixedNavigation function| siteSearch function| headerSocial function| fixedMobileHeader function| mobMenuPosition function| mobileMenu function| tvMenu function| socialSharedPanel function| footerMenu function| sidebarTabs function| newsfeedTabs function| relatedTabs function| programVideoPopup function| isScrolledIntoView function| longreadImg function| leadersImg function| archiveCalendar function| LazyScripts boolean| isOperaMini object| webpackChunkpublisher_sdk function| Shareaholic object| gravitecWebpackJsonp number| _subscriptionStrategy function| onYouTubeIframeAPIReady undefined| google_measure_js_timing object| vmpbjsChunk object| vmpbjs object| googleToken object| googleIMState function| processGoogleToken object| gaplugins object| gaGlobal number| google_unique_id object| GravitecConfig object| Gravitec object| WLPush string| grvTatooineHost object| GravitecNetNewsConfig object| GravitecNews object| gaData boolean| publisherConfigLoaded function| __shrTracker object| GoogleGcLKhOms object| google_image_requests

97 Cookies

Domain/Path Name / Value
www.5.ua/ Name: _csrf-frontend
Value: 1739fe27c134d6454766fff22496d8a1b08d2f869d3d0e6eb300ade0dcf7600ea%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22S5kqh0kGeE_CBObqI8ldw56QLuRrUB2G%22%3B%7D
www.5.ua/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.5.ua/ Name: _pubcid
Value: 709927c9-98d9-4834-afc9-250fc7ab73ed
.5.ua/ Name: _ga_VM275ZDL21
Value: GS1.1.1672896334.1.0.1672896334.60.0.0
www.5.ua/ Name: GN_USER_ID_KEY
Value: 8c1bc5bb-5e8e-4ccc-be80-5dc2db2e6fe2
www.5.ua/ Name: GN_SESSION_ID_KEY
Value: 343f5b22-1f07-44d8-8f34-29e103ef937d
pbjs.e-planning.net/ Name: CT
Value: 1
.openx.net/ Name: i
Value: 709927c9-98d9-4834-afc9-250fc7ab73ed|1672896334
a4p.adpartner.pro/ Name: apuid
Value: de3ab0e8-9db0-40ba-a546-c21297bb2987
.rubiconproject.com/ Name: khaos
Value: LCINA8VO-G-2REF
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrs2wypWTYI1C+IXqvPVzt4X6LBWwGzep1dQcjwJyI732nr0ci0Px+4bF6aheQ9KozgcRgjl6EitdZeyV7KzLVX3OlDu/ORdD8=
.admanmedia.com/ Name: admtr
Value: 36be522c-2e72-492a-bd07-772ee3080e08
.admanmedia.com/ Name: ac_r
Value: CS160
.5.ua/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.5.ua/ Name: _ga
Value: GA1.2.979059416.1672896334
.5.ua/ Name: _gid
Value: GA1.2.229666254.1672896335
.5.ua/ Name: _dc_gtm_UA-43467952-1
Value: 1
.5.ua/ Name: __cf_bm
Value: z7b7ix5JTLWYUgo54qNYAR_NFr0QhPZT_FWZpKDsXsY-1672896334-0-Ac65oQ1Zqzsyee7np+tVR0F++nfy9VcNH0CFNYjWGIJW9Gh7LDnuA1sNmcXkK6CfoMdx6X4zwKoLVnQrmy6jccRmnPv0kY7nVZ1KnApqgamPaHF3fGnm2bfacSs8AFFukANqosPVDhMeQJoX3drSnGePDzGUTPZk/CG5QgFEPWCWUm07wmZpWUL/KpjoIQSUgw==
.5.ua/ Name: __gads
Value: ID=cc62797b3d7f5a32:T=1672896334:S=ALNI_MZWsOaex32vUsWzkZIa6PV-Qktc_Q
.5.ua/ Name: __gpi
Value: UID=00000b9d5b2e3c72:T=1672896334:RT=1672896334:S=ALNI_MY5kMVox4uFqYXwo1g9S2CjkhY4xA
.adtelligent.com/ Name: vmuid
Value: 8f7ec04b63efbacc
.adtelligent.com/ Name: a307558
Value: de3ab0e8-9db0-40ba-a546-c21297bb2987
.adtelligent.com/ Name: a737612
Value: 36be522c-2e72-492a-bd07-772ee3080e08
.adnxs.com/ Name: uuid2
Value: 676450427082335072
.casalemedia.com/ Name: CMID
Value: Y7ZfTxeSYUWkX5XdL8vMqgAA
.casalemedia.com/ Name: CMPS
Value: 1192
.casalemedia.com/ Name: CMPRO
Value: 1192
.doubleclick.net/ Name: DSID
Value: NO_DATA
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=29072291_4307561_354472651_170181287_PO2003A20230101&ref=29072291_4307561_354472651_170181287_PO2003A20230101
.doubleclick.net/ Name: IDE
Value: AHWqTUkukNCfneQxLMFUUpwTER3cZSKGNL42ub-CX8Pb5f-QnYYeOIcKv8urdeFOvhg
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C')s$#t)!]taP8i_iqf!oN/@E'zz<*Z0Qc_?b.Bmtyh4BZpp2D/Z[9LC'`cn^/<vjoaoTD._*PlZ[C[-kX-@q$V:
.blismedia.com/ Name: b
Value: 63B65F50AA433EBF17AAB8C1BLIS
.yahoo.com/ Name: A3
Value: d=AQABBFBftmMCEPJjbLuSdSbH09DSNU0vfL4FEgEBAQGwt2PAYwAAAAAA_eMAAA&S=AQAAAgeFEVKpbri986mNnHTN6iQ
.adfarm1.adition.com/ Name: UserID1
Value: 7185035052727859341
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3544cd3f-0e79-417d-acf9-c80289f78611-003%22%7D
.openx.net/ Name: pd
Value: v2|1672896337|gekin0vNiygu
.quantserve.com/ Name: mc
Value: 63b65f51-a6d27-ecec8-726b7
.mathtag.com/ Name: uuid
Value: deb163b6-5f51-4e00-b9ab-d7aed77c1b1e
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 2442E5AB-EF0A-4AA4-AB7A-5B1CC639F137
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156813:2
.pubmatic.com/ Name: DPSync3
Value: 1674086400%3A245_241_201_227
.pubmatic.com/ Name: SyncRTB3
Value: 1674086400%3A13_56_3_8_251_99_220_54_71_243_81_234_238_204_88_55_166_22_176_21_7_161_233_165%7C1674172800%3A35%7C1673740800%3A63%7C1673481600%3A2_15_223%7C1675468800%3A203
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: d
Value: EIMBEQH9J_ijCJiTAA
.5.ua/ Name: cto_bundle
Value: mzwbYF9Yc3R0YU9HVlZwWHdFUXVzZW8xNGRyR1VlOTQlMkJKYWxmVTk4UUwzRTRvc0FZQ2hEZnFZYkVsaCUyQnc2dm5iUXlvN1BCVEJWRUtRalhnQVYlMkJSMFB0aUNmak1qSmZjV1F6VjFvSTZDWW9UVlJVZyUzRA
.5.ua/ Name: cto_bidid
Value: 2UTLm18yRjRaMENxcE9FJTJCajhDaXFuWFlRJTJCdEUzNTdFd2Fkejg1Q0ozbFVVc0xSNXE3b0E0d21aVTFmT1hBQSUyQnBzNFRyVlVwSEE5anJpYkE0VmklMkZ1YkJSVHpRJTNEJTNE
.simpli.fi/ Name: suid
Value: 69A763CCB8604B279E917CA766E1B8D1
.adform.net/ Name: uid
Value: 2649236990834704171
.zeotap.com/ Name: zc
Value: 5965196a-b5c3-4d34-75d0-69c5c034b7ad
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3544cd3f-0e79-417d-acf9-c80289f78611-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~298t
.bidswitch.net/ Name: tuuid
Value: 90db56a6-966e-4c7e-8558-261dbdeed50b
.bidswitch.net/ Name: c
Value: 1672896337
.bidswitch.net/ Name: tuuid_lu
Value: 1672896337
.weborama.fr/ Name: AFFICHE_W
Value: dJWviYB2XDV078
ads.playground.xyz/ Name: connect.sid
Value: s%3AIzg1JG9NRLh9rXJpbpFE9kn3g8QbGdlB.Nfx41P2JDznaSyoDyLLEEsG%2BaociaA8OgWK1M9TeRDc
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-sMbqdbOTvXKrlL4ntMKlJuWQ63urwrp15MJ89_q2&KRTB&19420-sMbqdbOTvXKrlL4ntMKlJuWQ63urwrp15MJ89_q2&KRTB&22979-sMbqdbOTvXKrlL4ntMKlJuWQ63urwrp15MJ89_q2&KRTB&23403-sMbqdbOTvXKrlL4ntMKlJuWQ63urwrp15MJ89_q2
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEGWZPpqKj1taiD9krQPekQw&KRTB&16514-CAESEGWZPpqKj1taiD9krQPekQw&KRTB&23025-CAESEGWZPpqKj1taiD9krQPekQw&KRTB&23386-CAESEGWZPpqKj1taiD9krQPekQw
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:deb163b6-5f51-4e00-b9ab-d7aed77c1b1e&KRTB&16736-uid:deb163b6-5f51-4e00-b9ab-d7aed77c1b1e&KRTB&23019-uid:deb163b6-5f51-4e00-b9ab-d7aed77c1b1e&KRTB&23114-uid:deb163b6-5f51-4e00-b9ab-d7aed77c1b1e
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-676450427082335072&KRTB&23339-676450427082335072
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-2649236990834704171&KRTB&23263-2649236990834704171
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7185035052727859341&KRTB&23278-7185035052727859341&KRTB&23369-7185035052727859341
.turn.com/ Name: uid
Value: 8734336780255461372
.adsby.bidtheatre.com/ Name: __kuid
Value: f6d9d697-0d1d-4dd5-915b-e5151dd3a37f.442110337
.de17a.com/ Name: guid
Value: 1.5629904225184182919
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8734336780255461372&KRTB&23150-8734336780255461372
.csync.loopme.me/ Name: viewer_token
Value: 096fc647-c133-4b02-9e47-5f6f41513845
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_5401767b-13d8-4e7b-a46f-fa5088bc1436
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5629904225184182919
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y7ZfUQAAAUuWewAZ
.company-target.com/ Name: tuuid
Value: 11dfedce-d9e0-4350-95cb-a9adabc07ab4
.company-target.com/ Name: tuuid_lu
Value: 1672896337
.onaudience.com/ Name: cookie
Value: 59a21eaa47ad8d5c
.onaudience.com/ Name: done_redirects104
Value: 1
.casalemedia.com/ Name: CMTS
Value: 1153
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-90db56a6-966e-4c7e-8558-261dbdeed50b
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y7ZfUQAAAUuWewAZ&KRTB&22978-Y7ZfUQAAAUuWewAZ&KRTB&23194-Y7ZfUQAAAUuWewAZ&KRTB&23209-Y7ZfUQAAAUuWewAZ
.bidr.io/ Name: bito
Value: AAAvlU7HbL8AACFwRP-96A
.bidr.io/ Name: bitoIsSecure
Value: ok
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&3effd5db-993b-4834-8144-ef62c06a6418"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzI4OTYzMzc7MjswMjEYxz8Q9Tgr67rf9R/CO8aZJbUmlaa51tsUNTUU5EVFVg==
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2807:u=1:x=1:i=1672896337:t=1672982737:v=2:sig=AQEXSgnyIWqjwfV3FTpi8VgJTKoknc4A"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.smartadserver.com/ Name: pid
Value: 6321717678548239805
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAAvlU7HbL8AACFwRP-96A
.tribalfusion.com/ Name: ANON_ID
Value: a3nsIHM0inh9PBmSUT9J87rZdZbFx00diAL8WGfZdhH8GJr3X5Oi4RM3Me9ouJKWxt92S6oQ8Ma6EKFuA8TvqZbQFvsr
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-bae168d4-7471-450b-6cb2-79ecfe98894a.bxqsCLk5Bnn3CkOJ1k1YLx5gCOFZZFNMHbYqsqZSSUA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AuuFo1HRxRQtssnns_piJSrKi0YY.aZ0UlpLqIzh%2BaZA6vdOCi53zj2551uRgcifKX0rMWLw
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-uuFo1HRxRQtssnns_piJSrKi0YY&KRTB&23334-uuFo1HRxRQtssnns_piJSrKi0YY&KRTB&23417-uuFo1HRxRQtssnns_piJSrKi0YY&KRTB&23426-uuFo1HRxRQtssnns_piJSrKi0YY
.amazon-adsystem.com/ Name: ad-id
Value: A3BrvgOUB0LGvPao43kOaJ4
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 701b3c0948ce20ae
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAAvlU7HbL8AACFwRP-96A
.pubmatic.com/ Name: PugT
Value: 1672896337
.pubmatic.com/ Name: SPugT
Value: 1672896338

4 Console Messages

Source Level URL
Text
network error
Message:
A bad HTTP response code (403) was received when fetching the script.
network error
Message:
A bad HTTP response code (403) was received when fetching the script.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2442E5AB-EF0A-4AA4-AB7A-5B1CC639F137&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=59a21eaa47ad8d5c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DuroLIz3lVRgXbnggWTgQSQVj
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
adtelligent-d.openx.net
ajax.googleapis.com
ampcid.google.com
ampcid.google.de
analytics.shareaholic.com
ap.lijit.com
api.gravitec.media
b1sync.zemanta.com
bh.contextweb.com
c1.adform.net
casale-match.dotomi.com
cdn.gravitec.media
cdn.gravitec.net
cdn.indexww.com
cdn.shareaholic.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
core.iprom.net
cr.frontend.weborama.fr
cs.admanmedia.com
csync.loopme.me
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
f12af341ed1c2fb6f9504bd737489cb7.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
m9m6e2w5.stackpathcdn.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
pagead2.googlesyndication.com
partner.shareaholic.com
pbjs.e-planning.net
piguiqproxy.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
player.adtcdn.com
player.adtelligent.com
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.5.ua
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.shareaholic.net
x.bidswitch.net
104.18.3.230
104.18.33.19
104.96.145.246
107.20.147.136
141.94.170.64
141.94.240.141
151.101.2.49
151.139.128.10
162.19.138.118
162.19.138.83
172.217.18.2
172.217.20.2
172.64.151.162
172.64.154.237
178.250.0.157
178.250.2.151
178.62.202.251
18.156.0.31
185.172.90.252
185.184.8.90
185.187.81.35
185.29.134.248
185.64.189.110
185.64.189.112
185.64.190.78
185.80.39.216
185.86.137.131
185.86.139.104
195.5.165.20
198.148.27.139
198.47.127.20
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
213.155.156.184
213.19.147.44
216.52.2.19
23.203.124.192
2602:803:c003:200::21
2606:4700:10::6816:1957
2606:4700::6812:18ad
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:21::14
2a00:1450:4001:800::2001
2a00:1450:4001:803::2002
2a00:1450:4001:813::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9c
2a00:1450:400d:803::2002
2a00:1450:400d:804::200e
2a00:1450:400d:806::2004
2a00:1450:400d:808::2002
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::200e
2a00:1450:400d:80d::200e
2a00:1450:400d:80e::2006
2a00:1450:400d:80e::200a
2a02:2638:1::13
2a02:fa8:8806:13::1400
2a05:d018:d29:3601:8218:ef5f:5750:723c
2a06:98c1:3120::c
2a0c:5c81:5142::2
3.33.220.150
3.74.124.115
34.102.253.54
34.111.129.221
34.111.131.239
34.206.246.212
34.96.105.8
34.96.71.22
34.98.64.218
35.204.74.118
35.214.184.209
35.214.223.115
35.244.159.8
37.157.6.245
37.252.171.84
45.133.44.3
45.133.44.4
5.161.47.120
52.29.237.148
52.46.130.91
52.50.17.128
54.194.186.27
54.197.98.98
54.239.33.159
54.243.58.43
54.38.197.123
62.149.1.122
64.202.112.255
69.173.144.138
72.251.245.179
80.77.87.163
82.113.101.132
85.114.159.93
98.98.134.242
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
050fa488a73b6cbccb02d8cbc451e7b71221051eff18afff724d34de8d5a2a12
06d5536790e8d7944356feaf9ae77fa4796addcfeade125e8ec10bb4b7491a5d
06da7a9bf76208766387ec9e2d7290f00ed980713a9261f3899c4db83e9f9be6
073b41d117e725870f33ec4a4f111e1744d17ad9a81c33d98c4c5b1e9469d51e
0aeba134812f118f4faed4e893ae9a2e26ce39b0befc3f0d40165f1c080637fc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f9b321deb4c667aef814da62bb131c7b8d60c668f80014f104906269127059e
111b1b4e4cb34f9149ce09516b6f7b5b9a0299ae59cf38d3d2d32ee8e1f2c563
112166bf87184943fc6a4d627efac5445f02670cd4ecf55587f5d67b78986342
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
131ec436a287e237bb5f6394e7069c8700869c1bfa302789017b0d12ff0df617
143dfac0ab8a97ba08efffe750ce2967c8a4662fe4e1a497cf4bbf49ecf92410
16ec50bac671d303d46d078347192e3defdfebd1488991288f6182f4b6fe1488
17c1a8a89f2e7c6c3afdbb378254aa8609d205357ae22c52a355171b9c26a510
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
186fb6f7edbbeda01728ada4652cda14a27340275e0b478485f007d1648cd774
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
24ebcc81894ac925466007b90ac5f7e8455e221d701cec6663ac3bf4e335e1c3
24fdf16b50a43befe14b6cdb650d8be2f4a0d1a56634c3c25044277a2638d9f1
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
265423ee2cfae8dbb614d9da1c708ad19b84885d58007d291dfa75db03f4e4d6
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2765672186e96fa40ca0c734359f4d21ee0de897f2b9d161f5a29ec45563f83b
2c5fcc334de21d86975c87945341b213308b4ab023c898e30cc4e1610367a832
2d7cb04e2796f3071c7ec572bc008d069be429f4c7b3ad9f65eeab1743aac8e6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e793a6d654e64f50d1ee4c5313dd41956781384df5cec39aab09648db4a6766
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f658571a386b04969a3391d09113ba296ea2dcd85fd892eacfecca25235cfb7
30ef096d2b66273cca0587deaf779cad9dc118678116385a138ad61eeb9e61a4
315cfa74466bcb732d41c03d00e28ab20975ad21d1c64beb59bf9bfcadaadb38
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
321611c9a360cfd089537b361f404dbeda4ef6529739ea026685e549161728a9
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
38f4f2711cd9cfe232637e03be9299e9971057044f20c67761561e6b9e61ad8c
39236128fe5c0e392d70d5f7408240e5cbde2a6458e70e025b5c50781aee8270
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
3af936a2c1852a8798115fe517a17b22c6226ebc964babbd5ce0ba8e81a50033
3e92189e138b505b27d2f607e14bf62ef2eed575df15f6bbea9fbd8c7bbdb29d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400402bde3a40d6fc90821288a5ade2ff1b71c4665d2f13371127c9bdfd2818c
4299f2aaa46eea61cff7da0f945e26cf0ace8a35ea912182e7df2a9958db8e10
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
44d66ad84a3b4091bf03fd3b3a4ab65c347a999579009153560a09fc448ddcb4
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b2ce30a0fd9179d017e46492fd0603c2842109afdbbf1faf868630d4d9cf40a
4b2d8d487376553bd276e2d91652ea0a76c01fbc86f383d30656e38d40d042cf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50adb0800ba9174f82c095739bbafc775783b74a40922072b226c076c9120a6e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56571bc434c5547c702d1121f7817d5600d8077820413fbc9f6bc0dd91119c29
5a7556b722d45b51a9e8bc1262092f9c042e4759d7b3a97298fecc947639c35c
5ffa92497c29eb27ebe546d02784914a5bc7b64bf60f9e0b55ca80ab98d444bd
6016402b22007239e8540542e89bd8b6ada2d113bf70c7c4aa621c16e0bc370c
6172f3cad225741f89effdf290b37f5d5924d57038ce8ab502a90f703e202a0e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6369d32085728856813df2a0debbfed9a2338698cbba75737849c9805a9570f3
6667079de105057ab1cc4e4f7f6610dce15d9d633ed143183f4a207fc4e622aa
67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54
689ab059779021fa4594ebe3ba0c98fb953bf0d8b54db88e4543573d07fa2852
69482f1320aa5e917d1a6e2762e03bfa8ea305d89f3cdc789f09e265d478cbc7
69e13fd454e6c071720861183e532b67561144df7bb0e28e59739ec051c4b950
6a36debcfaefa0268cdb972291fe5f2055f0737cb6e75a1bbb328a9a306b8f8c
6b00ccf044aae1bb4be339db8dadd43c62128bbf075000fc201ca6831db4f2e8
6ca59279f8617fed8657cb239dcbd0f9a3992c2bcc301c9529177a1f760300ce
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6e263a0eaa2a7e08db2faae2b2cc983a5cde7c335582abb9262c9e5631401796
71ddd4b3a6c15a6b8a30ddc48f5653ba474c2d10c0b9b26bfd35bbc0a0971d6e
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
73b01784b2f43b799631f85f365e988c629911192ba4f5f51c0fffce7198305e
74234027b67e5fa479110dd5eaa985d791ce841cc9cb6140d8a18574d84d641f
746ed51281e3a8b8300f2a6223ca14662cc9fc4d401e467d154c3d6c56aba0dc
74ad7b4a00b914bdcfc27faefbe0f281a40966d1a152f618fdc776c32a8fcfa4
761c95dd192a81733d024d9f644d9b531c358f0f0ea83e9fd6211b6bd424873d
76daad608660fc47060ac42479b0413c3d211544ad4d77573e6cbf5f3a16fb5c
78205c63df7657008d76a98e2b7fa2dce63822da72e3228c97e7633ea82c012a
7d0bd335baa0f49740ae7952289045cac345a20972dc7a9ffe0790f8dad519c4
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85
82ceb1d94c4150a7f38a30bf1185d82b08462fd3e9a57adfa41d853011151509
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85d8b565ec1b8140a0f3dd1801e149bc09ee8fd650539cb35ae5aeb86faa29c8
89237a505eef6e45ad15d518cee96261a72d9e9ceec809f93a834cae6e977352
899bf6a636758055e310b16c4106a15fcf50f266faaec949563b9337528170ba
8c64f55a5448751409418c195c34fdb8cab1dfa25b41eacf7e08f1dbab8c7555
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fafbf8e0a0e16aa6d3581c7c637441bcbaa6dec85b98b21ea002649ba2bc66a
90672e112681941e0ef68a399b0877553bf02bf6b16d4d15ca1e957a8bb61990
93b3c4a595bd63cb41b20bfa3feed5a0515c0b1ad5b943d12c50e37dcea64696
95b9c3cc697ea943f88df78f92936ce500e82cb34bda409aaa02e0771cc4a2f3
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9933b17f62ddedcdaadf32e641bf0fdd86fdf822cc055a25c946e4f12b1b9e62
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b072279843fea14eb7546c14e7eb9aec06120e73403b540d1e7c7b437e28701
9cab79c5160c0c4ef4aea5ee18956bb3626421e6f46da6f9a7d600de6df55d17
9e7878bbb1a0d8199e68adf0a7ffdf82a162b0a24207a696b0c5a8c3f64acc4f
9f04d551197e3b098a8216b0a0104037f2a8bc8b4f71bd41181bcd13438bebe2
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a22bd8cc9accbe07dd66307949c5afddc184418466293db5b50eb810b721dbd3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a641707e7fd5f9d5b4f2ecccf2047ba269ba2e5e6b1f0409b8e8705658f7851b
a6ea93782788a35fff8c878d709489ca2c06ec6534cf6b4f211cdc747d49f503
a7e5cd0998c4a06587d6f3a0f3941380d0c9f7eec7756dd747b36f5f301a4800
a9bed3de8b4f55f925c2cead7b90ed8c50ee72259f9d1ce50aa466ba33ae459a
ac3a5ec9e9c5897a10256c95f5fe5e7041ca9368b63cbef90b251b168c9f6ad6
ad2ae14f9e3a0b0f5a8ce19fef6938a770fd218074ed858feaf48cb2986c4372
adfb4cad9ff9a338742a03254c75f3bb152534d4209c0eacf2175f4a3091d667
b0bf270709dbc0062ea29408210510b2aeefc8793434c43b4915986555c44ebf
b0c36c4d23c4977b110f998806928dd944fea7594bb7b9b6abfc4a617a8f4c54
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24329635f92e0ee4e7588705ad1b33d21c3b38426a096e364fe509a171233ce
b2f752697bd33df4852991705c94be3069fc954847004ca0b75e514ed597ad44
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b47640444bf21fc22987897586f6713c2ed97cf5a83d84ebb74cb9c258029532
b4cc11fbb619afaaa8456ec44c80212912a7df2bb0cac1fabec428adc1183acd
b5020f40820787eb99460bce11732b0120527e85b418fba50ab4c2711c308bc4
b5bfdb5e4886a5d739b60e2a8938706714242d4e9a68cb77281630a3e518faad
b7199cf7ceabf89db36696a2ac103d5cf4d63d4a24f704d5d76df4d90fb572b8
b9dc4ba428b568043191bc4d1f91daf62168239c8df7c504ff04601373ceb804
b9fff3f99dc21e4051a54b10c589611a6b4c56b78079c275cc9279d996950468
bb6ea2f92c9e4e38cf818da0d51c84f755200d0e9a8b24f73bde687022ecdd42
bb7a31f16a1a9bda77fe3d3f1201ac7e238101cd1022b68e93580fa39394fbcb
bba340f6477b7ec64be147cd5ef2675a36457ab1dd5f311c23ff03221630c4be
bcb5c5298e2439eacc8bbbd3a20f56b1cb005614bb4af475a9510124c33aa3ad
c06dcc1b1e303980cf289c2f1206ab4b65031a79e03692b0c44ca77c7bf57a0e
c18a848129cb682032ebdf02af50611e2835901de279b4ddfc014a4675364ee2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c29d4c97aaf677a43fe03dc371af930afc137361c3544f736572f5a3aa6a7258
c7f7b6ccfbf79cae50825d1c5bb299e19e6dcf08322824815ac50a223949b7e8
c83b2b22008593dcf7dfb48d3b88d909d931caf4089210c8e6fa300d02335d84
ca20712fc836ba9d51cb7bc766b1095867f2ebd221e050d8aa79990ff7016444
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc7b26ac53700f78f8a452be6d14f14943e88dceb14edf64cddceba6e66f3f5e
ccdd2462a7e6a563c2ae76814d1c56da9d09bef58adf311992c24ce3001e72c9
cde1e812a0335654f8b799dc109ef9c0254c72de4e35f40c20a2bdded0be19c4
cded380ddc97c0b532c85a446c1e30b353ee795ebea0ee20f5e0e5000a1deaeb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d33308beb7c8a200679b613f9f773051ce2d2caa68682e77b9eeef0a108a2e3b
d4a9b1d80adb489b4beecb166d05e2360d7dfbd388378c76d0dffb90a80424dd
d568f192c576f136afeeb596dce1070cfd9bea7dcb1ea7b591da7ba4ff6b127f
d63e87aa5195c9ece2769af4893b4c07ffc3e59e3f507cd12c664a2c25e9c4bb
d775064382a0799231e565c5458e520889294157a736796c9cd6b675c438178a
d891a3caf07774ba2732761542748e5b125ea5037e0f72d4f8f64ac6cedd161f
d9999ad411c3c768c1fcd883503f22c594b0be2543b2aeb41e127a274d7c0b23
dab2f72a59de68c07f538afbc78df921e84bf411109eb74b11cbc20e73a624a9
db6552e1481f39b0457e0abce995fb10a21e98d2196a60f282af71a55245bfc0
db8272e285df5c20fa15d48830d6b4bd2feaca2afadc6346e5a9d1731d3fa81b
dbfef9828432f23d937b18571a46cf55421c265fdb9026c6ae613707f4e80fa5
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
ddcc0abda63c13f38ac75f4aebcc867e7f1e414bdf176822c4f0e997692c2f4b
df6de3ab01c4d07599989eee18a197850eeace64c15a5885223585694aeb5bbf
e064bae416609c3a889384a353c1fccad530f6a9169a2dd3702aa54813d88443
e13061977991d82074e14df47e7e097a61c095489c269ae31459aad3e2eeeaa7
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e591e5f7a56782eb579c38cb1d32f64a51434ee62980a9affb98ef15d9757d98
e5922df74735bc045193684cf1d9b75c54bfd91368e17cc8b4f70c03c8a1b83d
e75bab5747f9a43185b53089d94e6c8dac49101ba8990dbd0e63e0a2397e2f2c
e8acb14506260c4c012ca16081656a17cbf162224ddf70d31e48e6cefb7fb6cc
e980978372ef893e791fa10ac60561adda47a13b2fa5a10557e491808259633f
eb6a1ca26492b388e1be34b834404064c04a6e68c9794d83cfc8b02644d07f85
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
edede87b870ca9676a30d8ae41df04b9ec8f9dba1eca78ef4fbd4631dfb9caf1
ee267162b8ba3dfbfbca2551474dc87b93a2b921324e00012e9e2d60e959d370
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f2ae1c1855c373ca71a101e03de3e7b7581d7c3174c86b82abdd1c07030a6e22
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5b62d40921fb76a6a407047dc6438929bb1ef88ce5f6df1195eae119f0385a1
f7444309426996a119112cf7707e45a9d8852a70f814719567e91875271f731d
fa3e13d5cf0d96d1c3bc025a7fe3fb978148ba9b8d61c0752db3360d6665448f
fc6a0e36b0064bb755efe9ee17c92d30eb3ed675174cffeddaa3638916d40d1b
fd6c10fd5af6247edf94b7284d28090205bd3080bb704e873904a07681609738
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ffa5d5f02b8706cbf6af9dcd33406dec9ee9006f57ad03912e10bec1d57db747
ffafd090b30d762b825f65e5b3b03fe2255c51ce75276102a663ca09c78fcc9f